CVE-2009-5152

Name of the Vulnerable Software and Affected Versions Dell Inspiron systems' Absolute Computrace Agent (affected versions not specified)

Description The issue is related to a race condition between the Absolute Computrace Agent and the Dell Client Configuration Utility (DCCU). This condition allows privileged local users to modify the activation or deactivation status of the Computrace Agent to its factory default setting by creating a crafted TaskResult.xml file.

Recommendations For the affected Dell Inspiron systems, consider restricting access to the TaskResult.xml file to prevent unauthorized modifications until a fix is available. As a temporary workaround, monitor the system for any suspicious changes to the Computrace Agent's status. At the moment, there is no information about a newer version that contains a fix for this vulnerability.