PT-2012-1383 · Agnitum · Outpost Security Suite Pro
Published
2012-08-25
·
Updated
2024-08-07
·
CVE-2010-5171
CVSS v2.0
6.2
Medium
| Vector | AV:L/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Outpost Security Suite Pro versions 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA
Description
A race condition issue allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection. This is achieved via certain user-space memory changes during hook-handler execution.
Recommendations
For Outpost Security Suite Pro version 6.7.3.3063.452.0726, consider disabling the kernel-mode hook handlers as a temporary workaround until a patch is available.
For Outpost Security Suite Pro version 7.0.3330.505.1221 BETA, consider disabling the kernel-mode hook handlers as a temporary workaround until a patch is available.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Outpost Security Suite Pro