Race Condition in Avira Premium Security Suite on Windows XP
CVE-2010-5153

Currently unrated

Key Information:

Vendor: Avira
Status: Premium Security Suite
Vendor: CVE Published:; 25 August 2012

What is CVE-2010-5153?

A race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to manipulate user-space memory during hook-handler execution. This manipulation can lead to the circumvention of kernel-mode hook handlers, enabling the execution of unauthorized and potentially harmful code that would typically be blocked by security measures. This vulnerability presents significant risks as it exploits the weaknesses of the malware detection system, particularly against crafted programs that have already begun executing, often referred to as argument-switch or KHOBE attacks.

References

http://archives.neohapsis.com/archives/bugtraq/2010-05/00...

mailing-listx_refsource_BUGTRAQ

http://countermeasures.trendmicro.eu/you-just-cant-trust-...

x_refsource_MISC

http://www.securityfocus.com/bid/39924

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 25, 2012