CVE

Id
47755  
CVE No.
CVE-2010-5171  
Status
Candidate  
Description
** DISPUTED ** Race condition in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute.  
Phase
Assigned (20120825)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
519953 47755 CVE-2010-5171 BUGTRAQ:20100505 KHOBE - 8.0 earthquake for Windows desktop security software  View
519954 47755 CVE-2010-5171 URL:http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html  View
519955 47755 CVE-2010-5171 FULLDISC:20100505 KHOBE - 8.0 earthquake for Windows desktop security software  View
519956 47755 CVE-2010-5171 URL:http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html  View
519957 47755 CVE-2010-5171 MISC:http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/  View
519958 47755 CVE-2010-5171 MISC:http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php  View
519959 47755 CVE-2010-5171 MISC:http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php  View
519960 47755 CVE-2010-5171 MISC:http://www.f-secure.com/weblog/archives/00001949.html  View
519961 47755 CVE-2010-5171 MISC:http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/  View
519962 47755 CVE-2010-5171 BID:39924  View
519963 47755 CVE-2010-5171 URL:http://www.securityfocus.com/bid/39924  View
519964 47755 CVE-2010-5171 OSVDB:67660  View

Related JVN