CVE-2019-18215

{"id": "CVE-2019-18215", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.4, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2019-11-18T20:15:11.223", "references": [{"url": "https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-2019-v12106914-released-t124993.0.html", "tags": ["Release Notes", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://safebreach.com/Post/Comodo-Internet-Security-DLL-Preloading-and-Potential-Abuses-CVE-2019-18215", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://safebreach.com/blog", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Security through 12.0. A DLL Preloading vulnerability allows an attacker to implant an unsigned DLL named iLog.dll in a partially unprotected product directory. This DLL is then loaded into a high-privileged service before the binary signature validation logic is loaded, and might bypass some of the self-defense mechanisms."}, {"lang": "es", "value": "Se detect\u00f3 un problema en la biblioteca signmgr.dll versi\u00f3n 6.5.0.819 en Comodo Internet Security versiones hasta 12.0. Una vulnerabilidad de Precarga de DLL permite a un atacante implantar una DLL sin firmar llamada iLog.dll en un directorio de productos parcialmente desprotegido. Esta DLL es luego cargada en un servicio muy privilegio antes de que se cargue la l\u00f3gica de comprobaci\u00f3n de firma binaria, y puede omitir algunos de los mecanismos de autodefensa."}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:comodo:comodo_internet_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92B42BAB-EB62-49AB-9260-812DCFBAAC1A", "versionEndExcluding": "12.1.0.6914"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}