Comodo Internet Security
CVE-2012-2273
MEDIUM
Severity by source
AV:L/AC:L/Au:N/C:N/I:N/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:L/Au:N/C:N/I:N/A:C
Lifecycle Timeline
1DescriptionCVE.org
Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel ImageBase value.
AnalysisAI
Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel ImageBase value. Affected products include: Comodo Comodo Internet Security. Version information: before 5.10.228257.2253.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.
More in Comodo Internet Security
View allRemote denial of service in Comodo Internet Security's Inspect.sys firewall driver lets an unauthenticated attacker cras
An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. Rated high severity (CVSS 7.8
Same weakness CWE-94 – Code Injection
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today