Local Denial of Service Vulnerability in Comodo Antivirus
CVE-2019-3971

5.5MEDIUM

Key Information:

Vendor: Comodo
Status: Comodo Antivirus
Vendor: CVE Published:; 17 July 2019

What is CVE-2019-3971?

Comodo Antivirus up to version 12.0.0.6810 is susceptible to a local Denial of Service caused by a vulnerability in the CmdVirth.exe process. Malicious local processes with low privileges can exploit this weakness by connecting to the LPC port 'cmdvrtLPCServerPort' of CmdVirth.exe and sending an LPC_DATAGRAM. This action triggers an Access Violation due to the use of hardcoded NULL values in a memcpy operation, leading to the termination of CmdVirth.exe and its related svchost.exe processes. This vulnerability could disrupt user operations and compromise system reliability.

Affected Version(s)

Comodo Antivirus Versions 12.0.0.6810 and below

References

https://www.tenable.com/security/research/tra-2019-34

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2019
Vulnerability Reserved
Jan 3, 2019