** DISPUTED ** Race condition in KingSoft Personal Firewall 9 Plus
2009.05.07.70 on Windows XP allows local users to bypass kernel-mode
hook handlers, and execute dangerous code that would otherwise be
blocked by a handler but not blocked by signature-based malware
detection, via certain user-space memory changes during hook-handler
execution, aka an argument-switch attack or a KHOBE attack. NOTE: this
issue is disputed by some third parties because it is a flaw in a
protection mechanism for situations where a crafted program has
already begun to execute.
Note:References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20100505 KHOBE - 8.0 earthquake for Windows desktop security software
Disclaimer: The entry creation date may reflect when
the CVE-ID was allocated or reserved, and does not
necessarily indicate when this vulnerability was
discovered, shared with the affected vendor, publicly
disclosed, or updated in CVE.
This is an entry on the CVE
list, which standardizes names for security