LiveActive security incident?Get immediate response
CVE archive

August 2010

Browse CVE records published in August 2010, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 471 matching CVEs · Page 2 of 10.

Unknown · CVSS Not scored

CVE-2010-5156: Race condition in CA Internet Security Suite Plus 2010 6.0.0.272 on Windows XP allows local users to bypass...

Race condition in CA Internet Security Suite Plus 2010 6.0.0.272 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5177: Race condition in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass ker...

Race condition in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: the vendor disputes this issue because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5170: Race condition in Online Solutions Security Suite 1.5.14905.0 on Windows XP allows local users to bypass ke...

Race condition in Online Solutions Security Suite 1.5.14905.0 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5178: Race condition in ThreatFire 4.7.0.17 on Windows XP allows local users to bypass kernel-mode hook handlers,...

Race condition in ThreatFire 4.7.0.17 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-3498: AVG Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Supp...

AVG Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.

Published Aug 22, 2012 · Updated Sep 17, 2024

Medium · CVSS 5.3

CVE-2010-5164: Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypas...

Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2985: Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR)...

Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3 allow remote attackers to inject arbitrary web script or HTML via (1) the searchTerm parameter to ServiceRegistry/HelpSearch.do or (2) the queryItems[0].value parameter to ServiceRegistry/QueryWizardProcessStep1.do.

Published Aug 9, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5155: Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook hand...

Race condition in Blink Professional 4.6.1 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5162: Race condition in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handler...

Race condition in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5182: Race condition in VirusBuster Internet Security Suite 3.2 on Windows XP allows local users to bypass kernel...

Race condition in VirusBuster Internet Security Suite 3.2 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2818: Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) wit...

Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61710.

Published Aug 6, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2823: Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (AC...

Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493.

Published Aug 13, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5151: Race condition in avast!

Race condition in avast! Internet Security 5.0.462 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2821: Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) with software 3.2 before 3.2(17.2),...

Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) with software 3.2 before 3.2(17.2), 4.0 before 4.0(11.1), and 4.1 before 4.1(1.2) for Catalyst 6500 series switches and 7600 series routers, when multi-mode is enabled, allows remote attackers to cause a denial of service (device reload) via crafted (1) Telnet, (2) SSH, or (3) ASDM traffic over TCP, aka Bug ID CSCtg68694.

Published Aug 6, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2825: Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Modul...

Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.4), allows remote attackers to cause a denial of service (device reload) via crafted SIP packets over (1) TCP or (2) UDP, aka Bug IDs CSCta65603 and CSCta71569.

Published Aug 13, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2817: Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series...

Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507.

Published Aug 6, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5173: Race condition in PC Tools Firewall Plus 6.0.0.88 on Windows XP allows local users to bypass kernel-mode ho...

Race condition in PC Tools Firewall Plus 6.0.0.88 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5158: Race condition in DefenseWall Personal Firewall 3.00 on Windows XP allows local users to bypass kernel-mode...

Race condition in DefenseWall Personal Firewall 3.00 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2991: The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in C...

The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) component in Citrix Online Plug-in for Windows for XenApp & XenDesktop before 12.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document that triggers the reading of a .ICA file.

Published Aug 11, 2010 · Updated Sep 16, 2024