Buffer overflow in Comodo Internet Security

#VU43674 Buffer overflow in Comodo Internet Security

Published: 2012-08-26 | Updated: 2020-08-11

Vulnerability identifier: #VU43674

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2011-5122

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Comodo Internet Security
Client/Desktop applications / Antivirus software/Personal firewalls

Vendor: Comodo Group

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 allows remote attackers to cause a denial of service (application crash) via a crafted compressed file.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Comodo Internet Security: 3.0.14.276 - 5.0.163652.1142

External links
http://personalfirewall.comodo.com/release_notes.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Comodo Internet Security