Race Condition Vulnerability in ZoneAlarm Extreme Security by Check Point
CVE-2010-5184

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Zonealarm Extreme Security
Vendor: CVE Published:; 25 August 2012

Summary

A race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP enables local users to bypass kernel-mode hook handlers. This flaw permits the execution of potentially harmful code that would typically be prevented by these handlers. The vulnerability is leveraged through specific user-space memory alterations during the execution of hook handlers, resulting in an argument-switch or KHOBE attack. It's important to note that this issue has been contested, as it pertains to a protective mechanism that is circumvented when a malicious program is already running.

References

http://archives.neohapsis.com/archives/bugtraq/2010-05/00...

mailing-listx_refsource_BUGTRAQ

http://countermeasures.trendmicro.eu/you-just-cant-trust-...

x_refsource_MISC

http://www.securityfocus.com/bid/39924

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 25, 2012