CVE-2010-5167

Name of the Vulnerable Software and Affected Versions Norman Security Suite PRO version 8.0

Description A race condition exists in the software, allowing local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked. This is achieved through certain user-space memory changes during hook-handler execution. The issue is related to a flaw in a protection mechanism for situations where a crafted program has already begun to execute.

Recommendations For Norman Security Suite PRO version 8.0, consider disabling the kernel-mode hook handlers as a temporary workaround until a patch is available. Restrict access to user-space memory to minimize the risk of exploitation. Avoid executing crafted programs to prevent the issue from being triggered. At the moment, there is no information about a newer version that contains a fix for this vulnerability.