PT-2012-1369 · Comodo · Comodo Internet Security

Published

2012-08-25

Updated

2012-08-27

CVE-2010-5157

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Comodo Internet Security versions prior to 4.1.149672.916

Description A race condition exists that allows local users to bypass kernel-mode hook handlers and execute dangerous code. This is achieved through certain user-space memory changes during hook-handler execution. The issue can be exploited via an argument-switch attack or a KHOBE attack, which would otherwise be blocked by a handler but not by signature-based malware detection.

Recommendations For Comodo Internet Security versions prior to 4.1.149672.916, update to version 4.1.149672.916 or later to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2010-5157

Affected Products

Comodo Internet Security

PT-2012-1369 · Comodo · Comodo Internet Security

CVE-2010-5157

Weakness Enumeration

Related Identifiers

Affected Products

References · 12