Cryptographic issues in Comodo Internet Security - CVE-2011-5121

 

Cryptographic issues in Comodo Internet Security - CVE-2011-5121

Published: August 26, 2012 / Updated: August 11, 2020


Vulnerability identifier: #VU43673
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2011-5121
CWE-ID: CWE-310
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Comodo Group
Affected software:
Comodo Internet Security

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not properly check whether unspecified X.509 certificates are revoked, which has unknown impact and remote attack vectors.


How to mitigate CVE-2011-5121

Install update from vendor's website.

Sources