Name |
Description |
CVE-2017-6296 |
NVIDIA TrustZone Software contains a TOCTOU issue in the DRM
application which may lead to the denial of service or possible
escalation of privileges. This issue is rated as moderate.
|
CVE-2017-2619 |
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a
malicious client using a symlink race to allow access to areas of the
server file system not exported under the share definition.
|
CVE-2017-12410 |
It is possible to exploit a Time of Check & Time of Use (TOCTOU)
vulnerability by winning a race condition when Kaseya Virtual System
Administrator agent 9.3.0.11 and earlier tries to execute its binaries
from working and/or temporary folders. Successful exploitation results
in the execution of arbitrary programs with "NT AUTHORITY\SYSTEM"
privileges.
|
CVE-2016-8438 |
Integer overflow leading to a TOCTOU condition in hypervisor PIL. An
integer overflow exposes a race condition that may be used to bypass
(Peripheral Image Loader) PIL authentication. Product: Android.
Versions: Kernel 3.18. Android ID: A-31624565. References:
QC-CR#1023638.
|
CVE-2016-3914 |
Race condition in providers/telephony/MmsProvider.java in Telephony in
Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x
before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain
privileges via a crafted application that modifies a database between
two open operations, aka internal bug 30481342.
|
CVE-2016-3258 |
Race condition in the kernel in Microsoft Windows 8.1, Windows Server
2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows
local users to bypass the Low Integrity protection mechanism and write
to files by leveraging unspecified object-manager features, aka
"Windows File System Security Feature Bypass."
|
CVE-2016-10439 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430,
SD 450, SD 625, SD 650/52, SD 820, and SD 820A, there is a TOCTOU
vulnerability in the input validation for bulletin_board_read syscall.
A pointer dereference is being validated without promising the pointer
hasn't been changed by the HLOS program.
|
CVE-2016-10435 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear
MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD
212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD
415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A,
in some QTEE syscall handlers, a TOCTOU vulnerability exists.
|
CVE-2016-10433 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear
MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD
410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD
650/52, SD 800, SD 808, SD 820, and SD 820A, TOCTOU vulnerability
during SSD image decryption may cause memory corruption.
|
CVE-2016-10432 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD
425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, and SD 820A,
TOCTOU vulnerabilities may occur while sanitizing userspace values
passed to tQSEE system call.
|
CVE-2016-10417 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear
IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645,
MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12,
SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52,
SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, in QTEE, a TOCTOU
vulnerability exists due to improper access control.
|
CVE-2016-10409 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430,
SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU
vulnerability may occur while composing the RPMB request using HLOS
controlled buffers.
|
CVE-2016-10383 |
In all Qualcomm products with Android releases from CAF using the
Linux kernel, there is a TOCTOU race condition in Secure UI.
|
CVE-2015-9161 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD
212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD
800, SD 808, and SD 810, TOCTOU condition could lead to a buffer
overflow in function playready_reader_bind().
|
CVE-2015-9022 |
In all Android releases from CAF using the Linux kernel, time-of-check
Time-of-use (TOCTOU) Race Conditions exist in several TZ APIs.
|
CVE-2015-3709 |
Race condition in kext tools in Apple OS X before 10.10.4 allows local
users to bypass intended signature requirements for kernel extensions
by leveraging improper pathname validation.
|
CVE-2015-3081 |
Race condition in Adobe Flash Player before 13.0.0.289 and 14.x
through 17.x before 17.0.0.188 on Windows and OS X and before
11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK
before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172
allows attackers to bypass the Internet Explorer Protected Mode
protection mechanism via unspecified vectors.
|
CVE-2015-1336 |
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in
Ubuntu and Debian allows local users with access to the man account to
gain privileges via vectors involving insecure chown use.
|
CVE-2014-9985 |
In Android before 2018-04-05 or earlier security patch level on
Qualcomm Snapdragon Mobile MDM9635M, SD 400, and SD 800, TOCTOU
condition may result in bypassing error condition checks, leading to
undefined behavior.
|
CVE-2014-9966 |
In all Android releases from CAF using the Linux kernel, a
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists
in Secure Display.
|
CVE-2014-1624 |
Race condition in the xdg.BaseDirectory.get_runtime_dir function in
python-xdg 0.25 allows local users to overwrite arbitrary files by
pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a
victim-owned location, then replacing it with a symlink to an
attacker-controlled location once the get_runtime_dir function is
called.
|
CVE-2014-1490 |
Race condition in libssl in Mozilla Network Security Services (NSS)
before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR
24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and
other products, allows remote attackers to cause a denial of service
(use-after-free) or possibly have unspecified other impact via vectors
involving a resumption handshake that triggers incorrect replacement
of a session ticket.
|
CVE-2013-6444 |
PyWBEM 0.7 and earlier does not verify that the server hostname
matches a domain name in the subject's Common Name (CN) or
subjectAltName field of the X.509 certificate, which allows
man-in-the-middle attackers to spoof SSL servers via an arbitrary
valid certificate.
|
CVE-2013-6418 |
PyWBEM 0.7 and earlier uses a separate connection to validate X.509
certificates, which allows man-in-the-middle attackers to spoof a peer
via an arbitrary certificate.
|
CVE-2013-4392 |
systemd, when updating file permissions, allows local users to change
the permissions and SELinux security contexts for arbitrary files via
a symlink attack on unspecified files.
|
CVE-2013-0913 |
Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the
i915 driver in the Direct Rendering Manager (DRM) subsystem in the
Linux kernel through 3.8.3, as used in Google Chrome OS before
25.0.1364.173 and other products, allows local users to cause a denial
of service (heap-based buffer overflow) or possibly have unspecified
other impact via a crafted application that triggers many relocation
copies, and potentially leads to a race condition.
|
CVE-2013-0248 |
The default configuration of javax.servlet.context.tempdir in Apache
Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for
uploaded files, which allows local users to overwrite arbitrary files
via an unspecified symlink attack.
|
CVE-2013-0219 |
System Security Services Daemon (SSSD) before 1.9.4, when (1)
creating, (2) copying, or (3) removing a user home directory tree,
allows local users to create, modify, or delete arbitrary files via a
symlink attack on another user's files.
|
CVE-2012-4442 |
Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of the
root account during operations with a non-root effective UID, which
might allow local users to bypass intended file-read restrictions by
leveraging a race condition in a file-permission check.
|
CVE-2012-3748 |
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before
6.0.2 allows remote attackers to execute arbitrary code or cause a
denial of service (application crash) via vectors involving JavaScript
arrays.
|
CVE-2012-3500 |
scripts/annotate-output.sh in devscripts before 2.12.2, as used in
rpmdevtools before 8.3, allows local users to modify arbitrary files
via a symlink attack on the temporary (1) standard output or (2)
standard error output file.
|
CVE-2012-1174 |
The rm_rf_children function in util.c in the systemd-logind login
manager in systemd before 44, when logging out, allows local users to
delete arbitrary files via a symlink attack on unspecified files,
related to "particular records related with user session."
|
CVE-2011-3870 |
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows
local users to modify the permissions of arbitrary files via a symlink
attack on the SSH authorized_keys file.
|
CVE-2011-1833 |
Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in
the eCryptfs subsystem in the Linux kernel before 3.1 allows local
users to bypass intended file permissions via a mount.ecryptfs_private
mount with a mismatched uid.
|
CVE-2011-1098 |
Race condition in the createOutputFile function in logrotate.c in
logrotate 3.7.9 and earlier allows local users to read log data by
opening a file before the intended permissions are in place.
|
CVE-2010-5184 |
** DISPUTED ** Race condition in ZoneAlarm Extreme Security
9.1.507.000 on Windows XP allows local users to bypass kernel-mode
hook handlers, and execute dangerous code that would otherwise be
blocked by a handler but not blocked by signature-based malware
detection, via certain user-space memory changes during hook-handler
execution, aka an argument-switch attack or a KHOBE attack. NOTE: this
issue is disputed by some third parties because it is a flaw in a
protection mechanism for situations where a crafted program has
already begun to execute.
|
CVE-2010-5183 |
** DISPUTED ** Race condition in Webroot Internet Security Essentials
6.1.0.145 on Windows XP allows local users to bypass kernel-mode hook
handlers, and execute dangerous code that would otherwise be blocked
by a handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5182 |
** DISPUTED ** Race condition in VirusBuster Internet Security Suite
3.2 on Windows XP allows local users to bypass kernel-mode hook
handlers, and execute dangerous code that would otherwise be blocked
by a handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5181 |
** DISPUTED ** Race condition in VIPRE Antivirus Premium 4.0.3272 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5180 |
** DISPUTED ** Race condition in VBA32 Personal 3.12.12.4 on Windows
XP allows local users to bypass kernel-mode hook handlers, and execute
dangerous code that would otherwise be blocked by a handler but not
blocked by signature-based malware detection, via certain user-space
memory changes during hook-handler execution, aka an argument-switch
attack or a KHOBE attack. NOTE: this issue is disputed by some third
parties because it is a flaw in a protection mechanism for situations
where a crafted program has already begun to execute.
|
CVE-2010-5179 |
** DISPUTED ** Race condition in Trend Micro Internet Security Pro
2010 17.50.1647.0000 on Windows XP allows local users to bypass
kernel-mode hook handlers, and execute dangerous code that would
otherwise be blocked by a handler but not blocked by signature-based
malware detection, via certain user-space memory changes during
hook-handler execution, aka an argument-switch attack or a KHOBE
attack. NOTE: this issue is disputed by some third parties because it
is a flaw in a protection mechanism for situations where a crafted
program has already begun to execute.
|
CVE-2010-5178 |
** DISPUTED ** Race condition in ThreatFire 4.7.0.17 on Windows XP
allows local users to bypass kernel-mode hook handlers, and execute
dangerous code that would otherwise be blocked by a handler but not
blocked by signature-based malware detection, via certain user-space
memory changes during hook-handler execution, aka an argument-switch
attack or a KHOBE attack. NOTE: this issue is disputed by some third
parties because it is a flaw in a protection mechanism for situations
where a crafted program has already begun to execute.
|
CVE-2010-5177 |
** DISPUTED ** Race condition in Sophos Endpoint Security and Control
9.0.5 on Windows XP allows local users to bypass kernel-mode hook
handlers, and execute dangerous code that would otherwise be blocked
by a handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: the vendor disputes
this issue because it is a flaw in a protection mechanism for
situations where a crafted program has already begun to execute.
|
CVE-2010-5176 |
** DISPUTED ** Race condition in Security Shield 2010 13.0.16.313 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5175 |
** DISPUTED ** Race condition in PrivateFirewall 7.0.20.37 on Windows
XP allows local users to bypass kernel-mode hook handlers, and execute
dangerous code that would otherwise be blocked by a handler but not
blocked by signature-based malware detection, via certain user-space
memory changes during hook-handler execution, aka an argument-switch
attack or a KHOBE attack. NOTE: this issue is disputed by some third
parties because it is a flaw in a protection mechanism for situations
where a crafted program has already begun to execute.
|
CVE-2010-5174 |
** DISPUTED ** Race condition in Prevx 3.0.5.143 on Windows XP allows
local users to bypass kernel-mode hook handlers, and execute dangerous
code that would otherwise be blocked by a handler but not blocked by
signature-based malware detection, via certain user-space memory
changes during hook-handler execution, aka an argument-switch attack
or a KHOBE attack. NOTE: this issue is disputed by some third parties
because it is a flaw in a protection mechanism for situations where a
crafted program has already begun to execute.
|
CVE-2010-5173 |
** DISPUTED ** Race condition in PC Tools Firewall Plus 6.0.0.88 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5172 |
** DISPUTED ** Race condition in Panda Internet Security 2010 15.01.00
on Windows XP allows local users to bypass kernel-mode hook handlers,
and execute dangerous code that would otherwise be blocked by a
handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5171 |
** DISPUTED ** Race condition in Outpost Security Suite Pro
6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP allows
local users to bypass kernel-mode hook handlers, and execute dangerous
code that would otherwise be blocked by a handler but not blocked by
signature-based malware detection, via certain user-space memory
changes during hook-handler execution, aka an argument-switch attack
or a KHOBE attack. NOTE: this issue is disputed by some third parties
because it is a flaw in a protection mechanism for situations where a
crafted program has already begun to execute.
|
CVE-2010-5170 |
** DISPUTED ** Race condition in Online Solutions Security Suite
1.5.14905.0 on Windows XP allows local users to bypass kernel-mode
hook handlers, and execute dangerous code that would otherwise be
blocked by a handler but not blocked by signature-based malware
detection, via certain user-space memory changes during hook-handler
execution, aka an argument-switch attack or a KHOBE attack. NOTE: this
issue is disputed by some third parties because it is a flaw in a
protection mechanism for situations where a crafted program has
already begun to execute.
|
CVE-2010-5169 |
** DISPUTED ** Race condition in Online Armor Premium 4.0.0.35 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5168 |
** DISPUTED ** Race condition in Symantec Norton Internet Security
2010 17.5.0.127 on Windows XP allows local users to bypass kernel-mode
hook handlers, and execute dangerous code that would otherwise be
blocked by a handler but not blocked by signature-based malware
detection, via certain user-space memory changes during hook-handler
execution, aka an argument-switch attack or a KHOBE attack. NOTE: this
issue is disputed by some third parties because it is a flaw in a
protection mechanism for situations where a crafted program has
already begun to execute.
|
CVE-2010-5167 |
** DISPUTED ** Race condition in Norman Security Suite PRO 8.0 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5166 |
** DISPUTED ** Race condition in McAfee Total Protection 2010 10.0.580
on Windows XP allows local users to bypass kernel-mode hook handlers,
and execute dangerous code that would otherwise be blocked by a
handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5165 |
** DISPUTED ** Race condition in Malware Defender 2.6.0 on Windows XP
allows local users to bypass kernel-mode hook handlers, and execute
dangerous code that would otherwise be blocked by a handler but not
blocked by signature-based malware detection, via certain user-space
memory changes during hook-handler execution, aka an argument-switch
attack or a KHOBE attack. NOTE: this issue is disputed by some third
parties because it is a flaw in a protection mechanism for situations
where a crafted program has already begun to execute.
|
CVE-2010-5164 |
** DISPUTED ** Race condition in KingSoft Personal Firewall 9 Plus
2009.05.07.70 on Windows XP allows local users to bypass kernel-mode
hook handlers, and execute dangerous code that would otherwise be
blocked by a handler but not blocked by signature-based malware
detection, via certain user-space memory changes during hook-handler
execution, aka an argument-switch attack or a KHOBE attack. NOTE: this
issue is disputed by some third parties because it is a flaw in a
protection mechanism for situations where a crafted program has
already begun to execute.
|
CVE-2010-5163 |
** DISPUTED ** Race condition in Kaspersky Internet Security 2010
9.0.0.736 on Windows XP allows local users to bypass kernel-mode hook
handlers, and execute dangerous code that would otherwise be blocked
by a handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5162 |
** DISPUTED ** Race condition in G DATA TotalCare 2010 on Windows XP
allows local users to bypass kernel-mode hook handlers, and execute
dangerous code that would otherwise be blocked by a handler but not
blocked by signature-based malware detection, via certain user-space
memory changes during hook-handler execution, aka an argument-switch
attack or a KHOBE attack. NOTE: this issue is disputed by some third
parties because it is a flaw in a protection mechanism for situations
where a crafted program has already begun to execute.
|
CVE-2010-5161 |
** DISPUTED ** Race condition in F-Secure Internet Security 2010 10.00
build 246 on Windows XP allows local users to bypass kernel-mode hook
handlers, and execute dangerous code that would otherwise be blocked
by a handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5160 |
** DISPUTED ** Race condition in ESET Smart Security 4.2.35.3 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5159 |
** DISPUTED ** Race condition in Dr.Web Security Space Pro 6.0.0.03100
on Windows XP allows local users to bypass kernel-mode hook handlers,
and execute dangerous code that would otherwise be blocked by a
handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5158 |
** DISPUTED ** Race condition in DefenseWall Personal Firewall 3.00 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5157 |
Race condition in Comodo Internet Security before 4.1.149672.916 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack.
|
CVE-2010-5156 |
** DISPUTED ** Race condition in CA Internet Security Suite Plus 2010
6.0.0.272 on Windows XP allows local users to bypass kernel-mode hook
handlers, and execute dangerous code that would otherwise be blocked
by a handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5155 |
** DISPUTED ** Race condition in Blink Professional 4.6.1 on Windows
XP allows local users to bypass kernel-mode hook handlers, and execute
dangerous code that would otherwise be blocked by a handler but not
blocked by signature-based malware detection, via certain user-space
memory changes during hook-handler execution, aka an argument-switch
attack or a KHOBE attack. NOTE: this issue is disputed by some third
parties because it is a flaw in a protection mechanism for situations
where a crafted program has already begun to execute.
|
CVE-2010-5154 |
** DISPUTED ** Race condition in BitDefender Total Security 2010
13.0.20.347 on Windows XP allows local users to bypass kernel-mode
hook handlers, and execute dangerous code that would otherwise be
blocked by a handler but not blocked by signature-based malware
detection, via certain user-space memory changes during hook-handler
execution, aka an argument-switch attack or a KHOBE attack. NOTE: this
issue is disputed by some third parties because it is a flaw in a
protection mechanism for situations where a crafted program has
already begun to execute.
|
CVE-2010-5153 |
** DISPUTED ** Race condition in Avira Premium Security Suite
10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook
handlers, and execute dangerous code that would otherwise be blocked
by a handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2010-5152 |
** DISPUTED ** Race condition in AVG Internet Security 9.0.791 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5151 |
** DISPUTED ** Race condition in avast! Internet Security 5.0.462 on
Windows XP allows local users to bypass kernel-mode hook handlers, and
execute dangerous code that would otherwise be blocked by a handler
but not blocked by signature-based malware detection, via certain
user-space memory changes during hook-handler execution, aka an
argument-switch attack or a KHOBE attack. NOTE: this issue is disputed
by some third parties because it is a flaw in a protection mechanism
for situations where a crafted program has already begun to execute.
|
CVE-2010-5150 |
** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2
on Windows XP allows local users to bypass kernel-mode hook handlers,
and execute dangerous code that would otherwise be blocked by a
handler but not blocked by signature-based malware detection, via
certain user-space memory changes during hook-handler execution, aka
an argument-switch attack or a KHOBE attack. NOTE: this issue is
disputed by some third parties because it is a flaw in a protection
mechanism for situations where a crafted program has already begun to
execute.
|
CVE-2005-2475 |
Race condition in Unzip 5.52 allows local users to modify permissions
of arbitrary files via a hard link attack on a file while it is being
decompressed, whose permissions are changed by Unzip after the
decompression is complete.
|
CVE-2005-1111 |
Race condition in cpio 2.6 and earlier allows local users to modify
permissions of arbitrary files via a hard link attack on a file while
it is being decompressed, whose permissions are changed by cpio after
the decompression is complete.
|
CVE-2005-1066 |
Race condition in rpdump in Pine 4.62 and earlier allows local users
to overwrite arbitrary files via a symlink attack.
|
CVE-2005-0988 |
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a
gzipped file, allows local users to modify permissions of arbitrary
files via a hard link attack on a file while it is being decompressed,
whose permissions are changed by gzip after the decompression is
complete.
|
CVE-2005-0953 |
Race condition in bzip2 1.0.2 and earlier allows local users to modify
permissions of arbitrary files via a hard link attack on a file while
it is being decompressed, whose permissions are changed by bzip2 after
the decompression is complete.
|