Race Condition Vulnerability in KingSoft Personal Firewall by Kingsoft
CVE-2010-5164

5.3MEDIUM

Key Information:

Vendor

Kingsoft

Status
Personal Firewall 9
Vendor
CVE Published:
25 August 2012

What is CVE-2010-5164?

A race condition exists in KingSoft Personal Firewall, where local users can exploit the vulnerability to bypass kernel-mode hook handlers. This flaw enables the execution of unauthorized code that would typically be intercepted by security mechanisms. By altering user-space memory during the hook-handler process, attackers can perform an argument-switch attack, also known as a KHOBE attack. This vulnerability primarily impacts the efficacy of the security software, allowing crafted programs that have begun execution to evade detection by signature-based malware defenses.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://archives.neohapsis.com/archives/bugtraq/2010-05/00...
mailing-listx_refsource_BUGTRAQ
http://countermeasures.trendmicro.eu/you-just-cant-trust-...
x_refsource_MISC
http://www.securityfocus.com/bid/39924
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.