CVE-2019-3970

{"id": "CVE-2019-3970", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-07-17T21:15:12.593", "references": [{"url": "https://www.tenable.com/security/research/tra-2019-34", "tags": ["Exploit", "Third Party Advisory"], "source": "vulnreport@tenable.com"}, {"url": "https://www.tenable.com/security/research/tra-2019-34", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures."}, {"lang": "es", "value": "Comodo Antivirus versiones hasta la 12.0.0.6810 y anteriores, son vulnerables a la Escritura de Archivos Arbitraria debido a que el archivo Cavwp.exe maneja la base de datos del Antivirus de Comodo. Cavwp.exe carga la base de datos de definici\u00f3n del antivirus de Comodo en objetos de secci\u00f3n global no protegidos, lo que permite que un proceso local poco privilegiado modifique estos datos directamente y cambie las firmas de virus."}], "lastModified": "2024-11-21T04:42:58.740", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:comodo:antivirus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA5A70E5-7206-41FE-8EA1-4BD6E935E882", "versionEndIncluding": "12.0.0.6810"}], "operator": "OR"}]}], "sourceIdentifier": "vulnreport@tenable.com"}