| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANmej9LRs9vV-t4Cg8ymZYuexvq1nqf4frhoOnUzqBomzhbYVQ@mail.gmail.com> Date: Thu, 19 Apr 2012 17:22:36 +0200 From: Ange Albertini <ange.albertini@...il.com> To: bugtraq@...urityfocus.com Subject: [CVE-2012-2273] Comodo Internet Security <5.10 BSOD (Win7 x64) [affected software] Comodo Internet Security, until 5.9 [description] BSOD under Windows 7 x64 if a 32b PE with a kernel ImageBase is executed. such files are very unusual, but work perfectly if the PE contains relocations, as shown at http://pe.corkami.com#ImageBase and http://pe.corkami.com#relocations PoCs downloadable on http://pe.corkami.com, files: tls_reloc ibkernel ibkmanual reloccrypt [author] Ange Albertini (corkami.com) [vendor communication] 5th January 2012 - details shared with the vendor 23th January 2012 - patch is planned 12th March 2012 - bug are fixed in 5.10 from http://www.comodo.com/home/download/release-notes.php?p=anti-malware 5.10.228257.2253: 12 March, 2012 * IMPROVED! Compatibility with other security suites is improved in Windows 7 x64 * FIXED! BSOD when corrupted executables are loaded in memory in Windows 7 x64 * FIXED! HIPS can leak process handles with a special set of access rights * FIXED! Smart scan crashes under certain circumstances [mitigation] update to 5.10 or later
Powered by blists - more mailing lists