Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities by 3dprotect

    VAR-201208-0026

    Vulnerability from variot - Updated: 2022-05-04 08:45

    ** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute. ** Unsettled ** This case has not been confirmed as a vulnerability. This vulnerability is also known as argument-switch Attack, or KHOBE It is called an attack. Multiple vendors' security software is prone to security bypass vulnerabilities. These issues may allow attackers to bypass certain security restrictions and perform malicious actions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201208-0026",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "3d eqsecure",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "3dprotect",
            "version": "4.2"
          },
          {
            "model": "3d eqsecure",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "3dprotect",
            "version": "professional edition 4.2"
          },
          {
            "model": "labs zonealarm extreme security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zone",
            "version": "9.1.507.000"
          },
          {
            "model": "internet security essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "webroot",
            "version": "6.1.0.145"
          },
          {
            "model": "internet security suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "virusbuster",
            "version": "3.2"
          },
          {
            "model": "vba32 personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "virusblokada",
            "version": "3.12.12.4"
          },
          {
            "model": "internet security pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trend micro",
            "version": "2010"
          },
          {
            "model": "norton internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "20100"
          },
          {
            "model": "endpoint security and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "9.0.5"
          },
          {
            "model": "defensewall personal firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "softsphere",
            "version": "3.00"
          },
          {
            "model": "security shield",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcsecurityshield",
            "version": "201013.0.16.313"
          },
          {
            "model": "tools firewall plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pc",
            "version": "6.0.0.88"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "panda",
            "version": "2010"
          },
          {
            "model": "security suite pro be",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "outpost",
            "version": "7.0.3330.505.1221"
          },
          {
            "model": "security suite pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "outpost",
            "version": "6.7.3.3063.452.0726"
          },
          {
            "model": "solutions security suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "online",
            "version": "1.5.14905.0"
          },
          {
            "model": "armor online armor premium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "online",
            "version": "4.0.0.35"
          },
          {
            "model": "security suite pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "norman",
            "version": "8.0"
          },
          {
            "model": "total protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "2010"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "20109.0.0.736"
          },
          {
            "model": "data totalcare",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "g",
            "version": "20100"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f secure",
            "version": "2010"
          },
          {
            "model": "smart security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "40"
          },
          {
            "model": "blink professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eeye",
            "version": "4.6.1"
          },
          {
            "model": "security space pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "dr web",
            "version": "6.0.0.03100"
          },
          {
            "model": "associates internet security suite plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "20100"
          },
          {
            "model": "internet security free",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "comodo",
            "version": "4.0.138377.779"
          },
          {
            "model": "total security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bitdefender",
            "version": "20100"
          },
          {
            "model": "premium security suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avira",
            "version": "0"
          },
          {
            "model": "avg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avg",
            "version": "9.0.791"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avast",
            "version": "5.0.462"
          },
          {
            "model": "3d eqsecure professional edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3dprotect",
            "version": "4.2"
          },
          {
            "model": "internet security",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "comodo",
            "version": "4.1.149672.916"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:a:3dprotect:3d_eqsecure:4.2:-:professional:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:3dprotect:3d_eqsecure:4.2:-:professional:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "matousec.com",
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2010-5150",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 6.2,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2010-5150",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 1.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2010-5150",
                "trust": 1.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack.  NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute. ** Unsettled ** This case has not been confirmed as a vulnerability. This vulnerability is also known as argument-switch Attack, or KHOBE It is called an attack. Multiple vendors\u0027 security software is prone to security bypass vulnerabilities. \nThese issues may allow attackers to bypass certain security restrictions and perform malicious actions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "db": "BID",
            "id": "39924"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-5150",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "39924",
            "trust": 2.7
          },
          {
            "db": "OSVDB",
            "id": "67660",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-751",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-751"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "id": "VAR-201208-0026",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 1.0
      },
      "last_update_date": "2022-05-04T08:45:24.696000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-362",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://www.securityfocus.com/bid/39924"
          },
          {
            "trust": 2.4,
            "url": "https://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
          },
          {
            "trust": 1.6,
            "url": "http://www.f-secure.com/weblog/archives/00001949.html"
          },
          {
            "trust": 1.6,
            "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          },
          {
            "trust": 1.6,
            "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          },
          {
            "trust": 1.6,
            "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
          },
          {
            "trust": 1.6,
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
          },
          {
            "trust": 1.6,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2010-5150"
          },
          {
            "trust": 1.0,
            "url": "http://www.osvdb.org/67660"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5150"
          },
          {
            "trust": 0.3,
            "url": "http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-41149672916-released-t57051.0.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-751"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-751"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-05-05T00:00:00",
            "db": "BID",
            "id": "39924"
          },
          {
            "date": "2019-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "date": "2012-08-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-751"
          },
          {
            "date": "2012-08-25T21:55:00",
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-04-13T21:02:00",
            "db": "BID",
            "id": "39924"
          },
          {
            "date": "2019-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          },
          {
            "date": "2021-11-30T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-751"
          },
          {
            "date": "2012-08-27T04:00:00",
            "db": "NVD",
            "id": "CVE-2010-5150"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          }
        ],
        "trust": 0.3
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Windows XP Run on  3D EQSecure Kernel mode hook handler bypass vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-005731"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "competition condition problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-751"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201208-0033

    Vulnerability from variot - Updated: 2022-05-04 08:45

    Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. Multiple vendors' security software is prone to security bypass vulnerabilities. These issues may allow attackers to bypass certain security restrictions and perform malicious actions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201208-0033",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "internet security",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "comodo",
            "version": "4.0.141842.828"
          },
          {
            "model": "internet security",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "comodo",
            "version": "4.1.149672.916"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "comodo",
            "version": "4.0.141842.828"
          },
          {
            "model": "labs zonealarm extreme security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "zone",
            "version": "9.1.507.000"
          },
          {
            "model": "internet security essentials",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "webroot",
            "version": "6.1.0.145"
          },
          {
            "model": "internet security suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "virusbuster",
            "version": "3.2"
          },
          {
            "model": "vba32 personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "virusblokada",
            "version": "3.12.12.4"
          },
          {
            "model": "internet security pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "trend micro",
            "version": "2010"
          },
          {
            "model": "norton internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "symantec",
            "version": "20100"
          },
          {
            "model": "endpoint security and control",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "9.0.5"
          },
          {
            "model": "defensewall personal firewall",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "softsphere",
            "version": "3.00"
          },
          {
            "model": "security shield",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pcsecurityshield",
            "version": "201013.0.16.313"
          },
          {
            "model": "tools firewall plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "pc",
            "version": "6.0.0.88"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "panda",
            "version": "2010"
          },
          {
            "model": "security suite pro be",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "outpost",
            "version": "7.0.3330.505.1221"
          },
          {
            "model": "security suite pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "outpost",
            "version": "6.7.3.3063.452.0726"
          },
          {
            "model": "solutions security suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "online",
            "version": "1.5.14905.0"
          },
          {
            "model": "armor online armor premium",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "online",
            "version": "4.0.0.35"
          },
          {
            "model": "security suite pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "norman",
            "version": "8.0"
          },
          {
            "model": "total protection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mcafee",
            "version": "2010"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "20109.0.0.736"
          },
          {
            "model": "data totalcare",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "g",
            "version": "20100"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "f secure",
            "version": "2010"
          },
          {
            "model": "smart security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "40"
          },
          {
            "model": "blink professional",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eeye",
            "version": "4.6.1"
          },
          {
            "model": "security space pro",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "dr web",
            "version": "6.0.0.03100"
          },
          {
            "model": "associates internet security suite plus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "20100"
          },
          {
            "model": "internet security free",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "comodo",
            "version": "4.0.138377.779"
          },
          {
            "model": "total security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "bitdefender",
            "version": "20100"
          },
          {
            "model": "premium security suite",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avira",
            "version": "0"
          },
          {
            "model": "avg",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avg",
            "version": "9.0.791"
          },
          {
            "model": "internet security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "avast",
            "version": "5.0.462"
          },
          {
            "model": "3d eqsecure professional edition",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "3dprotect",
            "version": "4.2"
          },
          {
            "model": "internet security",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "comodo",
            "version": "4.1.149672.916"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:a:comodo:comodo_internet_security:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "4.0.141842.828",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:comodo:comodo_internet_security:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "4.0.141842.828",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "AND"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "matousec.com",
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2010-5157",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 6.2,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2010-5157",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 1.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2010-5157",
                "trust": 1.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201208-485",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. Multiple vendors\u0027 security software is prone to security bypass vulnerabilities. \nThese issues may allow attackers to bypass certain security restrictions and perform malicious actions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "db": "BID",
            "id": "39924"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2010-5157",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "39924",
            "trust": 1.9
          },
          {
            "db": "OSVDB",
            "id": "65254",
            "trust": 1.6
          },
          {
            "db": "OSVDB",
            "id": "67660",
            "trust": 1.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295",
            "trust": 0.8
          },
          {
            "db": "FULLDISC",
            "id": "20100505 KHOBE - 8.0 EARTHQUAKE FOR WINDOWS DESKTOP SECURITY SOFTWARE",
            "trust": 0.6
          },
          {
            "db": "BUGTRAQ",
            "id": "20100505 KHOBE - 8.0 EARTHQUAKE FOR WINDOWS DESKTOP SECURITY SOFTWARE",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "id": "VAR-201208-0033",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 1.0
      },
      "last_update_date": "2022-05-04T08:45:24.663000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "COMODO Internet Security 4.1.149672.916 Released!",
            "trust": 0.8,
            "url": "http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-41149672916-released-t57051.0.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-362",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
          },
          {
            "trust": 2.4,
            "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          },
          {
            "trust": 2.4,
            "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          },
          {
            "trust": 1.9,
            "url": "http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-41149672916-released-t57051.0.html"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/39924"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/67660"
          },
          {
            "trust": 1.6,
            "url": "http://www.osvdb.org/65254"
          },
          {
            "trust": 1.6,
            "url": "http://www.f-secure.com/weblog/archives/00001949.html"
          },
          {
            "trust": 1.6,
            "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
          },
          {
            "trust": 1.6,
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
          },
          {
            "trust": 1.6,
            "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5157"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-5157"
          },
          {
            "trust": 0.3,
            "url": "http://www.matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          },
          {
            "trust": 0.3,
            "url": "http://www.matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          },
          {
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2010-05-05T00:00:00",
            "db": "BID",
            "id": "39924"
          },
          {
            "date": "2012-09-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "date": "2012-08-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          },
          {
            "date": "2012-08-25T21:55:00",
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-04-13T21:02:00",
            "db": "BID",
            "id": "39924"
          },
          {
            "date": "2012-09-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          },
          {
            "date": "2012-08-27T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          },
          {
            "date": "2012-08-27T04:00:00",
            "db": "NVD",
            "id": "CVE-2010-5157"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "BID",
            "id": "39924"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Windows XP Run on  Comodo Internet Security Kernel mode hook handler bypass vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2010-004295"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "competitive condition",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201208-485"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2010-5150 (GCVE-0-2010-5150)

    Vulnerability from nvd – Published: 2012-08-25 21:00 – Updated: 2024-09-16 18:48 Disputed
    VLAI
    Summary
    Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:09:39.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
              },
              {
                "name": "39924",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/39924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
              },
              {
                "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
              },
              {
                "name": "67660",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/67660"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.f-secure.com/weblog/archives/00001949.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack.  NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-08-25T21:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
            },
            {
              "name": "39924",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/39924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
            },
            {
              "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
            },
            {
              "name": "67660",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/67660"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.f-secure.com/weblog/archives/00001949.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-5150",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack.  NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
                },
                {
                  "name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
                  "refsource": "MISC",
                  "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
                },
                {
                  "name": "39924",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/39924"
                },
                {
                  "name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
                  "refsource": "MISC",
                  "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
                },
                {
                  "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
                },
                {
                  "name": "67660",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/67660"
                },
                {
                  "name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
                  "refsource": "MISC",
                  "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
                },
                {
                  "name": "http://www.f-secure.com/weblog/archives/00001949.html",
                  "refsource": "MISC",
                  "url": "http://www.f-secure.com/weblog/archives/00001949.html"
                },
                {
                  "name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
                  "refsource": "MISC",
                  "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-5150",
        "datePublished": "2012-08-25T21:00:00.000Z",
        "dateReserved": "2012-08-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:48:26.684Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-5150 (GCVE-0-2010-5150)

    Vulnerability from cvelistv5 – Published: 2012-08-25 21:00 – Updated: 2024-09-16 18:48 Disputed
    VLAI
    Summary
    Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T04:09:39.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
              },
              {
                "name": "39924",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/39924"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
              },
              {
                "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
              },
              {
                "name": "67660",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/67660"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.f-secure.com/weblog/archives/00001949.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack.  NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-08-25T21:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
            },
            {
              "name": "39924",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/39924"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
            },
            {
              "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
            },
            {
              "name": "67660",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/67660"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.f-secure.com/weblog/archives/00001949.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-5150",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack.  NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
                },
                {
                  "name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
                  "refsource": "MISC",
                  "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
                },
                {
                  "name": "39924",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/39924"
                },
                {
                  "name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
                  "refsource": "MISC",
                  "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
                },
                {
                  "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
                },
                {
                  "name": "67660",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/67660"
                },
                {
                  "name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
                  "refsource": "MISC",
                  "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
                },
                {
                  "name": "http://www.f-secure.com/weblog/archives/00001949.html",
                  "refsource": "MISC",
                  "url": "http://www.f-secure.com/weblog/archives/00001949.html"
                },
                {
                  "name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
                  "refsource": "MISC",
                  "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-5150",
        "datePublished": "2012-08-25T21:00:00.000Z",
        "dateReserved": "2012-08-25T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:48:26.684Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }