Race Condition Vulnerability in Avast Internet Security for Windows XP
CVE-2010-5151

Currently unrated

Key Information:

Vendor: Avast\!
Status: Avast\! Internet Security
Vendor: CVE Published:; 25 August 2012

What is CVE-2010-5151?

A race condition in avast! Internet Security 5.0.462 for Windows XP allows local users to exploit a flaw in the kernel-mode hook mechanism. During an 'argument-switch attack', attackers can manipulate user-space memory while hook-handlers are executed, potentially allowing the execution of malicious code that would normally be intercepted by the security measures in place. This vulnerability raises significant concerns about the reliability of installed security software when faced with pre-executed malicious programs.

References

http://archives.neohapsis.com/archives/bugtraq/2010-05/00...

mailing-listx_refsource_BUGTRAQ

http://countermeasures.trendmicro.eu/you-just-cant-trust-...

x_refsource_MISC

http://www.securityfocus.com/bid/39924

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 25, 2012

Avast\!

What is CVE-2010-5151?

References

Timeline