CVE-2010-5160

CWE-362Race Condition3 documents3 sources
Severity
4.5MEDIUM
EPSS
0.1%
top 81.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Eset Smart Security
Timeline
PublishedAug 25
Latest updateMay 17

Description

Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program ha

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 1.0 | Impact: 3.4

Affected Packages1 packages

NVDeset/smart_security4.2.35.3

🔴Vulnerability Details

2
GHSA
GHSA-r8w5-3rqg-f6pm: ** DISPUTED ** Race condition in ESET Smart Security 42022-05-17
CVEList
CVE-2010-5160: Race condition in ESET Smart Security 42012-08-25
CVE-2010-5160 (MEDIUM CVSS 4.5) | Race condition in ESET Smart Securi | cvebase.io