CVE-2019-3970

LOW

Description

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures.

References

https://www.tenable.com/security/research/tra-2019-34

Details

Source: MITRE

Published: 2019-07-17

Updated: 2019-07-23

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3.0

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:comodo:antivirus:*:*:*:*:*:*:*:* versions up to 12.0.0.6810 (inclusive)

Tenable Plugins

View all (1 total)

IDNameProductFamilySeverity
126953Comodo Antivirus / Internet Security Multiple VulnerabilitiesNessusWindows
high