Page 5 of 46 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

A privilege escalation vulnerability in Trend Micro Antivirus for Mac 2019 (v9.0.1379 and below) could potentially allow an attacker to create a symbolic link to a target file and modify it. Una vulnerabilidad de escalada de privilegios en Trend Micro Antivirus para Mac 2019 (versión v9.0.1379 y por debajo), podría permitir a un atacante crear un enlace simbólico a un archivo de destino y modificarlo. • https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124055.aspx • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1

An issue was discovered in Avast antivirus before 19.8 and AVG antivirus before 19.8. A DLL Preloading vulnerability allows an attacker to implant %WINDIR%\system32\wbemcomn.dll, which is loaded into a protected-light process (PPL) and might bypass some of the self-defense mechanisms. This affects all components that use WMI, e.g., AVGSvc.exe 19.6.4546.0 and TuneupSmartScan.dll 19.1.884.0. Se detectó un problema en Avast antivirus versiones anteriores a 19.8 y AVG antivirus versiones anteriores a 19.8. Una vulnerabilidad de Precarga de DLL permite a un atacante implantar una biblioteca %WINDIR%\system32\wbemcomn.dll, que se carga en un proceso protected-light (PPL) y puede omitir algunos de los mecanismos de autodefensa. • https://safebreach.com/Post/Avast-Antivirus-AVG-Antivirus-DLL-Preloading-into-PPL-and-Potential-Abuses https://safebreach.com/blog • CWE-427: Uncontrolled Search Path Element •

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1

Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Escape. Comodo Antivirus hasta la versión 12.0.0.6870, Comodo Firewall hasta la versión 12.0.0.6870, y Comodo Internet Security Premium hasta la versión 12.0.0.6870, con la característica Comodo Container, son vulnerables a un escape del Sandbox. • https://gaissecurity.com/yazi/discovery-of-sandbox-escape-on-comodo-container-antivirus-amp-firewall •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 1

In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing the product to fail to start on the next system restart. En Avast Antivirus antes de 19.4, un administrador local puede engañar al producto para que cambie el nombre de los archivos arbitrarios al reemplazar el archivo Logs \ Update.log con un enlace simbólico. La próxima vez que el producto intente escribir en el archivo de registro, se cambiará el nombre del destino del enlace simbólico. • http://www.mcerlane.co.uk/CVE-2019-11230 http://www.securityfocus.com/bid/109344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Denial of Service affecting CmdGuard.sys via its filter port "cmdServicePort". A low privileged process can crash CmdVirth.exe to decrease the port's connection count followed by process hollowing a CmdVirth.exe instance with malicious code to obtain a handle to "cmdServicePort". Once this occurs, a specially crafted message can be sent to "cmdServicePort" using "FilterSendMessage" API. This can trigger an out-of-bounds write if lpOutBuffer parameter in FilterSendMessage API is near the end of specified buffer bounds. The crash occurs when the driver performs a memset operation which uses a size beyond the size of buffer specified, causing kernel crash. • https://www.tenable.com/security/research/tra-2019-34 • CWE-787: Out-of-bounds Write •