Skip to main content

Comodo Internet Security

3 CVEs product

Monthly

CVE-2026-49494 HIGH POC This Week

Remote denial of service in Comodo Internet Security's Inspect.sys firewall driver lets an unauthenticated attacker crash any Windows host running the product by sending a single crafted IPv6 packet, even when all ports are blocked at the firewall. The flaw is an integer underflow (CWE-191) in IPv6 extension-header parsing that occurs before firewall rule enforcement, producing an out-of-bounds read and an oversized memcpy at DISPATCH_LEVEL and an immediate BSOD. Publicly available exploit code exists, published alongside MalwareTech's technical writeup and a working PoC named ComoDoS.

Microsoft Integer Overflow Buffer Overflow Comodo Internet Security
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2019-18215 HIGH POC This Week

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Comodo Internet Security
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2012-2273 MEDIUM POC This Month

Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Denial Of Service Microsoft RCE Comodo Internet Security
NVD
CVSS 2.0
4.9
EPSS
0.1%
EPSS 0% CVSS 8.7
HIGH POC This Week

Remote denial of service in Comodo Internet Security's Inspect.sys firewall driver lets an unauthenticated attacker crash any Windows host running the product by sending a single crafted IPv6 packet, even when all ports are blocked at the firewall. The flaw is an integer underflow (CWE-191) in IPv6 extension-header parsing that occurs before firewall rule enforcement, producing an out-of-bounds read and an oversized memcpy at DISPATCH_LEVEL and an immediate BSOD. Publicly available exploit code exists, published alongside MalwareTech's technical writeup and a working PoC named ComoDoS.

Microsoft Integer Overflow Buffer Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 7.8
HIGH POC This Week

An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Comodo Internet Security
NVD
EPSS 0% CVSS 4.9
MEDIUM POC This Month

Comodo Internet Security before 5.10.228257.2253 on Windows 7 x64 allows local users to cause a denial of service (system crash) via a crafted 32-bit Portable Executable (PE) file with a kernel. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Denial Of Service Microsoft +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy