Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 28/08/2019 Updated: 21/07/2021

CVSS v2 Base Score: 4.7 | Impact Score: 6.9 | Exploitability Score: 3.4

CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1

VMScore: 419

Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C

A use-after-free flaw in the sandbox container implemented in cmdguard.sys in Comodo Antivirus 12.0.0.6870 can be triggered due to a race condition when handling IRP_MJ_CLEANUP requests in the minifilter for directory change notifications. This allows an malicious user to cause a denial of service (BSOD) when an executable is run inside the container.

Vulnerable Product	Search on Vulmon	Subscribe to Product
comodo antivirus 12.0.0.6870

CWE-362 CWE-416 http://rce4fun.blogspot.com/2019/08/comodo-antivirus-sandbox-race-condition.html https://github.com/SouhailHammou/Exploits/blob/master/CVE-2019-14694%20-%20Comodo%20AV%20Sandbox%20Race%20Condition%20UAF/comodo_av_uaf_poc.c https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-14694

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect