Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-0470

4 documents4 sources
Severity
9.3CRITICAL
EPSS
19.4%
top 4.62%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Comodo Comodo Antivirus
Timeline
PublishedJan 29
Latest updateMay 1

Description

A certain ActiveX control in Comodo AntiVirus 2.0 allows remote attackers to execute arbitrary commands via the ExecuteStr method.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-p6w6-87q3-jc2h: A certain ActiveX control in Comodo AntiVirus 22022-05-01
CVEList
CVE-2008-0470: A certain ActiveX control in Comodo AntiVirus 22008-01-29

💥Exploits & PoCs

1
Exploit-DB
Comodo AntiVirus 2.0 - 'ExecuteStr()' Remote Command Execution2008-01-23
CVE-2008-0470 (CRITICAL CVSS 9.3) | A certain ActiveX control in Comodo | cvebase.io