Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities by eeye
VAR-201208-0026
Vulnerability from variot - Updated: 2022-05-04 08:45** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute. ** Unsettled ** This case has not been confirmed as a vulnerability. This vulnerability is also known as argument-switch Attack, or KHOBE It is called an attack. Multiple vendors' security software is prone to security bypass vulnerabilities. These issues may allow attackers to bypass certain security restrictions and perform malicious actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "3d eqsecure",
"scope": "eq",
"trust": 1.0,
"vendor": "3dprotect",
"version": "4.2"
},
{
"model": "3d eqsecure",
"scope": "eq",
"trust": 0.8,
"vendor": "3dprotect",
"version": "professional edition 4.2"
},
{
"model": "labs zonealarm extreme security",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "9.1.507.000"
},
{
"model": "internet security essentials",
"scope": "eq",
"trust": 0.3,
"vendor": "webroot",
"version": "6.1.0.145"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "virusbuster",
"version": "3.2"
},
{
"model": "vba32 personal",
"scope": "eq",
"trust": 0.3,
"vendor": "virusblokada",
"version": "3.12.12.4"
},
{
"model": "internet security pro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "2010"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20100"
},
{
"model": "endpoint security and control",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.0.5"
},
{
"model": "defensewall personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "softsphere",
"version": "3.00"
},
{
"model": "security shield",
"scope": "eq",
"trust": 0.3,
"vendor": "pcsecurityshield",
"version": "201013.0.16.313"
},
{
"model": "tools firewall plus",
"scope": "eq",
"trust": 0.3,
"vendor": "pc",
"version": "6.0.0.88"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "2010"
},
{
"model": "security suite pro be",
"scope": "eq",
"trust": 0.3,
"vendor": "outpost",
"version": "7.0.3330.505.1221"
},
{
"model": "security suite pro",
"scope": "eq",
"trust": 0.3,
"vendor": "outpost",
"version": "6.7.3.3063.452.0726"
},
{
"model": "solutions security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "online",
"version": "1.5.14905.0"
},
{
"model": "armor online armor premium",
"scope": "eq",
"trust": 0.3,
"vendor": "online",
"version": "4.0.0.35"
},
{
"model": "security suite pro",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "8.0"
},
{
"model": "total protection",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "2010"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "20109.0.0.736"
},
{
"model": "data totalcare",
"scope": "eq",
"trust": 0.3,
"vendor": "g",
"version": "20100"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2010"
},
{
"model": "smart security",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "40"
},
{
"model": "blink professional",
"scope": "eq",
"trust": 0.3,
"vendor": "eeye",
"version": "4.6.1"
},
{
"model": "security space pro",
"scope": "eq",
"trust": 0.3,
"vendor": "dr web",
"version": "6.0.0.03100"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20100"
},
{
"model": "internet security free",
"scope": "eq",
"trust": 0.3,
"vendor": "comodo",
"version": "4.0.138377.779"
},
{
"model": "total security",
"scope": "eq",
"trust": 0.3,
"vendor": "bitdefender",
"version": "20100"
},
{
"model": "premium security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "avira",
"version": "0"
},
{
"model": "avg",
"scope": "eq",
"trust": 0.3,
"vendor": "avg",
"version": "9.0.791"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "5.0.462"
},
{
"model": "3d eqsecure professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "3dprotect",
"version": "4.2"
},
{
"model": "internet security",
"scope": "ne",
"trust": 0.3,
"vendor": "comodo",
"version": "4.1.149672.916"
}
],
"sources": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:3dprotect:3d_eqsecure:4.2:-:professional:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:3dprotect:3d_eqsecure:4.2:-:professional:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "matousec.com",
"sources": [
{
"db": "BID",
"id": "39924"
}
],
"trust": 0.3
},
"cve": "CVE-2010-5150",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-5150",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-5150",
"trust": 1.8,
"value": "Medium"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute. ** Unsettled ** This case has not been confirmed as a vulnerability. This vulnerability is also known as argument-switch Attack, or KHOBE It is called an attack. Multiple vendors\u0027 security software is prone to security bypass vulnerabilities. \nThese issues may allow attackers to bypass certain security restrictions and perform malicious actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5150"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"db": "BID",
"id": "39924"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-5150",
"trust": 2.7
},
{
"db": "BID",
"id": "39924",
"trust": 2.7
},
{
"db": "OSVDB",
"id": "67660",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005731",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201208-751",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-751"
},
{
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"id": "VAR-201208-0026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-04T08:45:24.696000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.securityfocus.com/bid/39924"
},
{
"trust": 2.4,
"url": "https://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"trust": 1.6,
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"trust": 1.6,
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"trust": 1.6,
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"trust": 1.6,
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-5150"
},
{
"trust": 1.0,
"url": "http://www.osvdb.org/67660"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5150"
},
{
"trust": 0.3,
"url": "http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-41149672916-released-t57051.0.html"
},
{
"trust": 0.3,
"url": "http://www.matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"trust": 0.3,
"url": "http://www.matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"sources": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-751"
},
{
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-751"
},
{
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-05-05T00:00:00",
"db": "BID",
"id": "39924"
},
{
"date": "2019-07-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"date": "2012-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-751"
},
{
"date": "2012-08-25T21:55:00",
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-13T21:02:00",
"db": "BID",
"id": "39924"
},
{
"date": "2019-07-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005731"
},
{
"date": "2021-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-751"
},
{
"date": "2012-08-27T04:00:00",
"db": "NVD",
"id": "CVE-2010-5150"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "39924"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows XP Run on 3D EQSecure Kernel mode hook handler bypass vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005731"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competition condition problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-751"
}
],
"trust": 0.6
}
}
VAR-201208-0033
Vulnerability from variot - Updated: 2022-05-04 08:45Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. Multiple vendors' security software is prone to security bypass vulnerabilities. These issues may allow attackers to bypass certain security restrictions and perform malicious actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "internet security",
"scope": "lte",
"trust": 1.0,
"vendor": "comodo",
"version": "4.0.141842.828"
},
{
"model": "internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "comodo",
"version": "4.1.149672.916"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.6,
"vendor": "comodo",
"version": "4.0.141842.828"
},
{
"model": "labs zonealarm extreme security",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "9.1.507.000"
},
{
"model": "internet security essentials",
"scope": "eq",
"trust": 0.3,
"vendor": "webroot",
"version": "6.1.0.145"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "virusbuster",
"version": "3.2"
},
{
"model": "vba32 personal",
"scope": "eq",
"trust": 0.3,
"vendor": "virusblokada",
"version": "3.12.12.4"
},
{
"model": "internet security pro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "2010"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20100"
},
{
"model": "endpoint security and control",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "9.0.5"
},
{
"model": "defensewall personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "softsphere",
"version": "3.00"
},
{
"model": "security shield",
"scope": "eq",
"trust": 0.3,
"vendor": "pcsecurityshield",
"version": "201013.0.16.313"
},
{
"model": "tools firewall plus",
"scope": "eq",
"trust": 0.3,
"vendor": "pc",
"version": "6.0.0.88"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "2010"
},
{
"model": "security suite pro be",
"scope": "eq",
"trust": 0.3,
"vendor": "outpost",
"version": "7.0.3330.505.1221"
},
{
"model": "security suite pro",
"scope": "eq",
"trust": 0.3,
"vendor": "outpost",
"version": "6.7.3.3063.452.0726"
},
{
"model": "solutions security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "online",
"version": "1.5.14905.0"
},
{
"model": "armor online armor premium",
"scope": "eq",
"trust": 0.3,
"vendor": "online",
"version": "4.0.0.35"
},
{
"model": "security suite pro",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "8.0"
},
{
"model": "total protection",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "2010"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "20109.0.0.736"
},
{
"model": "data totalcare",
"scope": "eq",
"trust": 0.3,
"vendor": "g",
"version": "20100"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2010"
},
{
"model": "smart security",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "40"
},
{
"model": "blink professional",
"scope": "eq",
"trust": 0.3,
"vendor": "eeye",
"version": "4.6.1"
},
{
"model": "security space pro",
"scope": "eq",
"trust": 0.3,
"vendor": "dr web",
"version": "6.0.0.03100"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20100"
},
{
"model": "internet security free",
"scope": "eq",
"trust": 0.3,
"vendor": "comodo",
"version": "4.0.138377.779"
},
{
"model": "total security",
"scope": "eq",
"trust": 0.3,
"vendor": "bitdefender",
"version": "20100"
},
{
"model": "premium security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "avira",
"version": "0"
},
{
"model": "avg",
"scope": "eq",
"trust": 0.3,
"vendor": "avg",
"version": "9.0.791"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "avast",
"version": "5.0.462"
},
{
"model": "3d eqsecure professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "3dprotect",
"version": "4.2"
},
{
"model": "internet security",
"scope": "ne",
"trust": 0.3,
"vendor": "comodo",
"version": "4.1.149672.916"
}
],
"sources": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-485"
},
{
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.141842.828",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:comodo:comodo_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.141842.828",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "matousec.com",
"sources": [
{
"db": "BID",
"id": "39924"
}
],
"trust": 0.3
},
"cve": "CVE-2010-5157",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-5157",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-5157",
"trust": 1.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-485",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-485"
},
{
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. Multiple vendors\u0027 security software is prone to security bypass vulnerabilities. \nThese issues may allow attackers to bypass certain security restrictions and perform malicious actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5157"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"db": "BID",
"id": "39924"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-5157",
"trust": 2.7
},
{
"db": "BID",
"id": "39924",
"trust": 1.9
},
{
"db": "OSVDB",
"id": "65254",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "67660",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004295",
"trust": 0.8
},
{
"db": "FULLDISC",
"id": "20100505 KHOBE - 8.0 EARTHQUAKE FOR WINDOWS DESKTOP SECURITY SOFTWARE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100505 KHOBE - 8.0 EARTHQUAKE FOR WINDOWS DESKTOP SECURITY SOFTWARE",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201208-485",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-485"
},
{
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"id": "VAR-201208-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-04T08:45:24.663000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "COMODO Internet Security 4.1.149672.916 Released!",
"trust": 0.8,
"url": "http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-41149672916-released-t57051.0.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-362",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"trust": 2.4,
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"trust": 2.4,
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"trust": 1.9,
"url": "http://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-41149672916-released-t57051.0.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/39924"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/67660"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/65254"
},
{
"trust": 1.6,
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"trust": 1.6,
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5157"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-5157"
},
{
"trust": 0.3,
"url": "http://www.matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"trust": 0.3,
"url": "http://www.matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"sources": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-485"
},
{
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "39924"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-485"
},
{
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-05-05T00:00:00",
"db": "BID",
"id": "39924"
},
{
"date": "2012-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"date": "2012-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-485"
},
{
"date": "2012-08-25T21:55:00",
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-13T21:02:00",
"db": "BID",
"id": "39924"
},
{
"date": "2012-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004295"
},
{
"date": "2012-08-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-485"
},
{
"date": "2012-08-27T04:00:00",
"db": "NVD",
"id": "CVE-2010-5157"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "39924"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-485"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows XP Run on Comodo Internet Security Kernel mode hook handler bypass vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004295"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "competitive condition",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-485"
}
],
"trust": 0.6
}
}
CVE-2010-5155 (GCVE-0-2010-5155)
Vulnerability from nvd – Published: 2012-08-25 21:00 – Updated: 2024-09-17 02:36 Disputed
VLAI
Summary
Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://countermeasures.trendmicro.eu/you-just-can… | x_refsource_MISC |
| http://www.securityfocus.com/bid/39924 | vdb-entryx_refsource_BID |
| http://matousec.com/info/articles/khobe-8.0-earth… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/67660 | vdb-entryx_refsource_OSVDB |
| http://www.theregister.co.uk/2010/05/07/argument_… | x_refsource_MISC |
| http://www.f-secure.com/weblog/archives/00001949.html | x_refsource_MISC |
| http://matousec.com/info/advisories/khobe-8.0-ear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T21:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource": "MISC",
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39924"
},
{
"name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/67660"
},
{
"name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"name": "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource": "MISC",
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5155",
"datePublished": "2012-08-25T21:00:00.000Z",
"dateReserved": "2012-08-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:36:05.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3337 (GCVE-0-2011-3337)
Vulnerability from nvd – Published: 2012-01-04 02:00 – Updated: 2024-09-16 22:14
VLAI
Summary
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/448051 | third-party-advisoryx_refsource_CERT-VN |
| http://www.eeye.com/Resources/Security-Center/Res… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#448051",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/448051"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-04T02:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#448051",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/448051"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-3337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#448051",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/448051"
},
{
"name": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108",
"refsource": "CONFIRM",
"url": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-3337",
"datePublished": "2012-01-04T02:00:00.000Z",
"dateReserved": "2011-08-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:14:04.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3859 (GCVE-0-2009-3859)
Vulnerability from nvd – Published: 2009-11-04 17:00 – Updated: 2024-08-07 06:45
VLAI
Summary
Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.exploit-db.com/exploits/9114 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2009/1862 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/55744 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/35786 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/35624 | vdb-entryx_refsource_BID |
| http://research.eeye.com/html/advisories/publishe… | third-party-advisoryx_refsource_EEYE |
| http://www.securitytracker.com/id?1022534 | vdb-entryx_refsource_SECTRACK |
Date Public
2009-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:49.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "retinawifiscanner-rws-bo(51625)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51625"
},
{
"name": "9114",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9114"
},
{
"name": "ADV-2009-1862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1862"
},
{
"name": "55744",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55744"
},
{
"name": "35786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35786"
},
{
"name": "35624",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35624"
},
{
"name": "AD20090710",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20090710.html"
},
{
"name": "1022534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "retinawifiscanner-rws-bo(51625)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51625"
},
{
"name": "9114",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9114"
},
{
"name": "ADV-2009-1862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1862"
},
{
"name": "55744",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55744"
},
{
"name": "35786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35786"
},
{
"name": "35624",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35624"
},
{
"name": "AD20090710",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://research.eeye.com/html/advisories/published/AD20090710.html"
},
{
"name": "1022534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "retinawifiscanner-rws-bo(51625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51625"
},
{
"name": "9114",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9114"
},
{
"name": "ADV-2009-1862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1862"
},
{
"name": "55744",
"refsource": "OSVDB",
"url": "http://osvdb.org/55744"
},
{
"name": "35786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35786"
},
{
"name": "35624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35624"
},
{
"name": "AD20090710",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20090710.html"
},
{
"name": "1022534",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3859",
"datePublished": "2009-11-04T17:00:00.000Z",
"dateReserved": "2009-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:45:49.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-5155 (GCVE-0-2010-5155)
Vulnerability from cvelistv5 – Published: 2012-08-25 21:00 – Updated: 2024-09-17 02:36 Disputed
VLAI
Summary
Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://countermeasures.trendmicro.eu/you-just-can… | x_refsource_MISC |
| http://www.securityfocus.com/bid/39924 | vdb-entryx_refsource_BID |
| http://matousec.com/info/articles/khobe-8.0-earth… | x_refsource_MISC |
| http://archives.neohapsis.com/archives/fulldisclo… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/67660 | vdb-entryx_refsource_OSVDB |
| http://www.theregister.co.uk/2010/05/07/argument_… | x_refsource_MISC |
| http://www.f-secure.com/weblog/archives/00001949.html | x_refsource_MISC |
| http://matousec.com/info/advisories/khobe-8.0-ear… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:09:39.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-25T21:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39924"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/67660"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
},
{
"name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource": "MISC",
"url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
},
{
"name": "39924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39924"
},
{
"name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
},
{
"name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
},
{
"name": "67660",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/67660"
},
{
"name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
},
{
"name": "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource": "MISC",
"url": "http://www.f-secure.com/weblog/archives/00001949.html"
},
{
"name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource": "MISC",
"url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-5155",
"datePublished": "2012-08-25T21:00:00.000Z",
"dateReserved": "2012-08-25T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:36:05.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3337 (GCVE-0-2011-3337)
Vulnerability from cvelistv5 – Published: 2012-01-04 02:00 – Updated: 2024-09-16 22:14
VLAI
Summary
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/448051 | third-party-advisoryx_refsource_CERT-VN |
| http://www.eeye.com/Resources/Security-Center/Res… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#448051",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/448051"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-01-04T02:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#448051",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/448051"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-3337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#448051",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/448051"
},
{
"name": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108",
"refsource": "CONFIRM",
"url": "http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20111108"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-3337",
"datePublished": "2012-01-04T02:00:00.000Z",
"dateReserved": "2011-08-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:14:04.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3859 (GCVE-0-2009-3859)
Vulnerability from cvelistv5 – Published: 2009-11-04 17:00 – Updated: 2024-08-07 06:45
VLAI
Summary
Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.exploit-db.com/exploits/9114 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2009/1862 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/55744 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/35786 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/35624 | vdb-entryx_refsource_BID |
| http://research.eeye.com/html/advisories/publishe… | third-party-advisoryx_refsource_EEYE |
| http://www.securitytracker.com/id?1022534 | vdb-entryx_refsource_SECTRACK |
Date Public
2009-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:49.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "retinawifiscanner-rws-bo(51625)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51625"
},
{
"name": "9114",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9114"
},
{
"name": "ADV-2009-1862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1862"
},
{
"name": "55744",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/55744"
},
{
"name": "35786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35786"
},
{
"name": "35624",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35624"
},
{
"name": "AD20090710",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20090710.html"
},
{
"name": "1022534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022534"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "retinawifiscanner-rws-bo(51625)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51625"
},
{
"name": "9114",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9114"
},
{
"name": "ADV-2009-1862",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1862"
},
{
"name": "55744",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/55744"
},
{
"name": "35786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35786"
},
{
"name": "35624",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35624"
},
{
"name": "AD20090710",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://research.eeye.com/html/advisories/published/AD20090710.html"
},
{
"name": "1022534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022534"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "retinawifiscanner-rws-bo(51625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51625"
},
{
"name": "9114",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9114"
},
{
"name": "ADV-2009-1862",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1862"
},
{
"name": "55744",
"refsource": "OSVDB",
"url": "http://osvdb.org/55744"
},
{
"name": "35786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35786"
},
{
"name": "35624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35624"
},
{
"name": "AD20090710",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20090710.html"
},
{
"name": "1022534",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022534"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3859",
"datePublished": "2009-11-04T17:00:00.000Z",
"dateReserved": "2009-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:45:49.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}