Skip to main content

Comodo Internet Security CVE-2012-2273

MEDIUM
Code Injection (CWE-94)
2012-04-20 cve@mitre.org
4.9
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.9 MEDIUM
AV:L/AC:L/Au:N/C:N/I:N/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:N/C:N/I:N/A:C
Attack Vector
Local
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
C

Lifecycle Timeline

1
CVE Published
Apr 20, 2012 - 04:02 cve.org
MEDIUM 4.9

DescriptionCVE.org

Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel ImageBase value.

AnalysisAI

Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel ImageBase value. Affected products include: Comodo Comodo Internet Security. Version information: before 5.10.228257.2253.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.

Share

CVE-2012-2273 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy