VNC Server Exposure in Comodo GeekBuddy Allows Unauthorized Privilege Escalation
CVE-2014-7872

Currently unrated

Key Information:

Vendor

Comodo

Status
Geekbuddy
Vendor
CVE Published:
9 June 2015

What is CVE-2014-7872?

The vulnerability in Comodo GeekBuddy prior to version 4.18.121 stems from improper access restrictions to its VNC server. This flaw allows local users to connect to the VNC server without adequate permissions, facilitating unauthorized privilege escalation. Attackers may exploit this loophole to manipulate system functions, posing a significant risk to user security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/37065/
exploitx_refsource_EXPLOIT-DB
http://www.osvdb.org/122355
vdb-entryx_refsource_OSVDB
http://packetstormsecurity.com/files/135841/Comodo-Intern...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.