Securitypro

Name of the Vulnerable Software and Affected Versions: Comodo Internet Security Premium version 12.3.4.8162 Description: A critical vulnerability was found in the File Name Handler component, where the manipulation of the `name/folder` argument leads to path traversal. The attack can be launched remotely, with a rather high complexity and difficult exploitability. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond. Recommendations: For Comodo Internet Security Premium version 12.3.4.8162, as a temporary workaround, consider restricting access to the File Name Handler component until a patch is available. Avoid using the `name/folder` argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.