Main Vulnerability Database Vulnerabilities #VU43675

Cryptographic issues in Comodo Internet Security - CVE-2011-5123

Published: August 26, 2012 / Updated: August 11, 2020

Vulnerability identifier: #VU43675

CSH Severity: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2011-5123

CWE-ID: CWE-310

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Comodo Internet Security

Software vendor:
Comodo Group

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors.

Remediation

Install update from vendor's website.

External links

http://personalfirewall.comodo.com/release_notes.html

Cryptographic issues in Comodo Internet Security - CVE-2011-5123

Description

Remediation

External links

Please verify you're human