// For flags

CVE-2010-5153

 

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track*
*SSVC
Descriptions

Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

** EN DISPUTA ** Condición de Carrera en Avira Premium Security Suite v10.0.0.536 para Windows XP permite a usuarios locales eludir los manejadores de hooks a nivel de kernel, y ejecutar código peligroso que de otra manera sería bloqueada por el manejador y no por una detección basada en firma de malware. Esto se consigue a través de ciertos cambios en la memoria de espacio de usuario durante la ejecución del manejador de hooks. Se trata de un problema también conocido como un ataque argument-switch o un ataque KHOBE. NOTA: este problema es discutido por algunos, ya que es un defecto en un mecanismo de protección para situaciones en las que un programa hecho a mano ya ha comenzado a ejecutarse.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
Attack Vector
Local
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Track*
Exploitation
None
Automatable
No
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2012-08-25 CVE Reserved
  • 2012-08-25 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Avira
Search vendor "Avira"
Premium Security Suite
Search vendor "Avira" for product "Premium Security Suite"
10.0.0.536
Search vendor "Avira" for product "Premium Security Suite" and version "10.0.0.536"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*-
Safe