28 matches found
PT-2012-1395 · Webroot · Webroot Internet Security Essentials
Name of the Vulnerable Software and Affected Versions: Webroot Internet Security Essentials version 6.1.0.145 Description: A race condition exists that allows local users to bypass kernel-mode hook handlers and execute dangerous code. This is achieved through certain user-space memory changes...
PT-2012-1392 · Vba32 · Vba32 Personal
Name of the Vulnerable Software and Affected Versions: VBA32 Personal version 3.12.12.4 Description: A race condition exists that allows local users to bypass kernel-mode hook handlers and execute dangerous code. This is achieved through certain user-space memory changes during hook-handler...
PT-2012-1389 · Sophos · Sophos Endpoint Security/Control
Name of the Vulnerable Software and Affected Versions: Sophos Endpoint Security and Control version 9.0.5 Description: A race condition exists that allows local users to bypass kernel-mode hook handlers and execute dangerous code. This is achieved through certain user-space memory changes during...
PT-2012-1387 · Microsoft · Privatefirewall
Name of the Vulnerable Software and Affected Versions: PrivateFirewall version 7.0.20.37 Description: A race condition in PrivateFirewall on Windows XP allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked by...
PT-2012-1373 · F Secure · F-Secure Internet Security
Name of the Vulnerable Software and Affected Versions: F-Secure Internet Security 2010 version 10.00 build 246 Description: A race condition allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked by...
PT-2012-1366 · Bitdefender · Bitdefender Total Security
Name of the Vulnerable Software and Affected Versions: BitDefender Total Security 2010 version 13.0.20.347 Description: A race condition allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-base...
Researchers Create Hypervisor Tool for Rootkits
Research between North Carolina State and Microsoft has garnered a way to better isolate and centralize kernels–up to 6,000 different kernel hooks–and has stopped nine rootkits. The tool is called HookSafe and runs on Ubuntu Linux 8.04 and uses hardware-based memory. At issue is whether other...
Code injection
Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for 1 NtOpenProcess and 2 NtOpenThread...