First published: Sat Aug 25 2012(Updated: )
** DISPUTED ** Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Dr.Web Security Space | =6.0.0.03100 | |
Microsoft Windows XP | ||
Dr.Web Security Space | =6.0.0.03100 | |
Microsoft Windows XP |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2010-5159 is considered to be of moderate severity due to its potential to allow local users to bypass security mechanisms.
To fix CVE-2010-5159, it is recommended to update to a later version of Dr.Web Security Space that addresses this vulnerability.
CVE-2010-5159 primarily affects users of Dr.Web Security Space version 6.0.0.03100 on Windows XP.
An attacker exploiting CVE-2010-5159 can execute dangerous code by bypassing kernel-mode hook handlers.
CVE-2010-5159 is a local vulnerability that requires local access to the affected system to exploit.