CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3971

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Access Violation due to hardcoded NULLs used for Source parameter in a memcpy operation that is called for this handler. This results in CmdVirth.exe and its child svchost.exe instances to terminate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.8%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

Products affected by CVE-2019-3971

Comodo » Antivirus » Version: 1.0

cpe:2.3:a:comodo:antivirus:1.0
Comodo » Antivirus » Version: 11.0.0.6582

cpe:2.3:a:comodo:antivirus:11.0.0.6582
Comodo » Antivirus » Version: 12.0.0.6810

cpe:2.3:a:comodo:antivirus:12.0.0.6810
Comodo » Antivirus » Version: 2.2

cpe:2.3:a:comodo:antivirus:2.2
Comodo » Antivirus » Version: 8.1

cpe:2.3:a:comodo:antivirus:8.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3971

Products

Pricing

Contact Us