Forum Thread: Comodo Dragon 4x

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI 2.0 Beta

This thread has been marked as resolved.
Kevin Adamson Comodo Dragon 4x
Member 25th Oct, 2010 20:07
Ranking: 2
Posts: 4
User Since: 1st Jan, 2009
System Score: N/A
Location: N/A
The website page for Comodo Dragon shows no known issues at this time for this browser, but the beta Secunia is listing a vulnerability as SA39882.
Follow this link and it comes to the Google Chrome page that is listing the issue.
I would just like clarification that this is just mistaken identity with the beta version, or is there an issue with the Comodo Dragon that is not showing up on the product page here.
Kevin :)

Post "RE: Comodo Dragon 4x" has been selected as an answer.
mogs RE: Comodo Dragon 4x
Member 25th Oct, 2010 20:52
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
The Comodo Advisory shows the following :-
This vulnerability report for Comodo Dragon 4.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Comodo Dragon 4.x then you are more than welcome to contact us.
Vendor, Links, and Unpatched Vulnerabilities

Vendor Comodo Group

Product Link View Here (Link to external site)

Affected By 0 Secunia advisories
0 Vulnerabilities

SA39882 shows the following for Chrome 4 :-
Secunia Advisory SA39882
Google Chrome Multiple Vulnerabilities
Secunia Advisory SA39882
Get alerted and manage the vulnerability life cycle
Free Trial

Release Date 2010-05-27
Last Update 2010-06-02

Popularity 4,426 views
Comments 5 comments

Criticality level Moderately critical
Impact Unknown
Security Bypass
System access
Where From remote
Authentication level Available in Customer Area

Report reliability Available in Customer Area
Solution Status Unpatched

Systems affected Available in Customer Area
Approve distribution Available in Customer Area

Google Chrome 4.x
Secunia staff usually look thro' the psi 2.0 Beta threads/posts of a you may obtain more enlightenment then.
Hope this is of some help for now......regards,

Was this reply relevant?
Anthony Wells RE: Comodo Dragon 4x
Expert Contributor 25th Oct, 2010 21:01
Score: 2542
Posts: 3,402
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 25th Oct, 2010 21:05
Hello Kevin ,

This Comodo Forum link says that Dragon is based on Chromium version 4.x ; Chromium is now on version 7.x :-

The PSI is therefore likely picking up the version 4.x dll and reading as Google Chrome browser or frame or equivalent and giving you the SA for Google Chrome 4.x .

You will need to contact by email (if they don't pick up here tomorrow CET) and more specifically Comodo support to see if the embedded Chrome is vulnerable to the 4.x vulnerabilities and subsequent 5.x and 6.x ones . If Dragon is not vulnerable , you could set an ignore rule for it ; however , if it was me , I would need to be totally convinced before I set one .

In contrast , Secunia vulnerability report shows no vulnerabilities ever showing against Dragon 4.x :-

Looks a bit messy :((

Take care



It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
Kevin Adamson RE: Comodo Dragon 4x
Member 25th Oct, 2010 21:38
Score: 2
Posts: 4
User Since: 1st Jan 2009
System Score: N/A
Location: N/A
Thanks for the quick reply's mogs and Anthony. I agree that before I go with the ignore rule for this I would like to see if support can check into this more.
I will give it a day and then contact them directly.
I posted it first just so if others are having the same concern and it is just a bug with the beta picking out the .dll file of that version then the post did its purpose.
Just bringing the issue out in the light. Better safe than sorry. It is a bit messy LOL. Thanks again guys.
Was this reply relevant?
This user no longer exists RE: Comodo Dragon 4x
Secunia Official 27th Oct, 2010 09:08

Comodo Dragon is currently based upon Chromium

Since Comodo Dragon is based upon the same engine as Google Chrome 4.x all advisories affecting Google Chrome 4.x will also affect Comodo Dragon.

This also applies to other browsers which is based on the "major" browsers.
(Such as CometBird, K-Meleon, Acoo Browser, Maxthon, etc...)

I have made a suggestion to our developers to improve the information regarding this to make is less confusing for our users.

Kevin Adamson RE: Comodo Dragon 4x
Member 27th Oct, 2010 09:55
Score: 2
Posts: 4
User Since: 1st Jan 2009
System Score: N/A
Location: N/A
To M. Hansen
That is just what I wanted to hear. End of problem.
Thanks for your info and time.
Was this reply relevant?

This thread has been marked as locked.