Comodo: "Weak Hash Function Exploitation Vulnerability"? [Resolved]

Hello…

I’ve just been cruising the Net and discovered a couple of pages which appear to be casting doubt about CFP.

The two main pages to this apparent doubt are…

http://www.matousec.com/info/advisories/Comodo-DLL-injection-via-weak-hash-function-exploitation.php

http://www.securiteam.com/windowsntfocus/5MP0O00KKO.html

…and seem to refer only to CFP Versions prior to my current version of 2.4.18.184.

The quoted title of one page’s sub-section is: “Comodo DLL Injection via Weak Hash Function Exploitation Vulnerability”.

• What is that these folks are really talking about?

• In my version 2.4.18.184, has this problem been addressed and eliminated?

• Is this now an issue that is safe to disregard as fixed?

Ian.

This issue will be fixed in CFP 3.
Have a look at this thread: https://forums.comodo.com/index.php/topic,6536.0.html

Hello…

Many thanks for the information.

I look forward, keenly, to the fixed version.

Ian.