CVE-2019-3970
First published: Wed Jul 17 2019(Updated: )
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Comodo Antivirus | <=12.0.0.6810 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-3970?
CVE-2019-3970 has a moderate severity rating due to its potential for arbitrary file write vulnerabilities.
How do I fix CVE-2019-3970?
To mitigate CVE-2019-3970, users should upgrade to Comodo Antivirus version 12.0.0.6811 or later.
What software is affected by CVE-2019-3970?
CVE-2019-3970 affects Comodo Antivirus versions up to and including 12.0.0.6810.
What is the nature of the vulnerability in CVE-2019-3970?
CVE-2019-3970 is an Arbitrary File Write vulnerability caused by insecure handling of the antivirus database by the Cavwp.exe process.
Can CVE-2019-3970 be exploited remotely?
No, CVE-2019-3970 requires local access for exploitation, as it allows a low privileged process to modify antivirus data.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/comodo
- canonical/comodo antivirus
- version/comodo antivirus/12.0.0.6810