Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by process hollowing a CmdVirth.exe instance with malicious code to obtain a handle to "cmdServicePort". Once this occurs, a specially crafted message can be sent to "cmdServicePort" using "FilterSendMessage" API. This can trigger an out-of-bounds write if lpOutBuffer parameter in FilterSendMessage API is near the end of specified buffer bounds. The crash occurs when the driver performs a memset operation which uses a size beyond the size of buffer specified, causing kernel crash.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Comodo Security Solutions Antivirus 缓冲区错误漏洞
Vulnerability Description
Comodo Security Solutions Antivirus是美国Comodo Security Solutions公司的一套杀毒软件。该软件主要用于防范计算机病毒、恶意软件等互联网威胁。 Comodo Security Solutions Antivirus 11.0.0.6582及之前版本中存在安全漏洞。攻击者可借助过滤器端口:cmdServicePort利用该漏洞造成拒绝服务(崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A