CVE-2010-5160
CVE-2010-5160 is a medium-severity vulnerability in Eset Smart Security with a CVSS 3.x base score of 4.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-362.
Key facts
- Severity: Medium (CVSS 3.x base score 4.5)
- CVSS v2: 6.2
- EPSS exploit prediction: 0% (29th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-362
- Affected product: Eset Smart Security
- Published:
- Last modified:
Description
Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
Frequently asked questions
- What is CVE-2010-5160?
- Race condition in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
- How severe is CVE-2010-5160?
- CVE-2010-5160 has a CVSS 3.x base score of 4.5, rated medium severity. It is exploitable over local access with high attack complexity, requires no privileges and user interaction. Impact on confidentiality is low, integrity low, and availability low.
- Is CVE-2010-5160 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (29th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2010-5160?
- CVE-2010-5160 affects Eset Smart Security. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2010-5160?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2010-5160 published?
- CVE-2010-5160 was published on 2012-08-25 and last updated on 2026-06-16.
References
- http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html
- http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html
- http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/
- http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php
- http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php
- http://www.f-secure.com/weblog/archives/00001949.html
- http://www.osvdb.org/67660
- http://www.securityfocus.com/bid/39924
- http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/
Affected products (1)
- cpe:2.3:a:eset:smart_security:4.2.35.3:*:*:*:*:*:*:*
More vulnerabilities in Eset Smart Security
- CVE-2020-10180 — Critical (CVSS 9.8): The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects…
- CVE-2008-5527 — Critical (CVSS 9.3): ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in…
- CVE-2024-0353 — High (CVSS 7.8): Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete…
- CVE-2023-3160 — High (CVSS 7.8): The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete…
- CVE-2021-37852 — High (CVSS 7.8): ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can be leveraged by…
- CVE-2020-11446 — High (CVSS 7.8): ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard…
All CVEs affecting Eset Smart Security →
Other CWE-362 (Race Condition) vulnerabilities
- CVE-2022-27626 — Critical (CVSS 10.0): A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition')…
- CVE-2015-8556 — Critical (CVSS 10.0): Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
- CVE-2014-0703 — Critical (CVSS 10.0): Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition…
- CVE-2010-1228 — Critical (CVSS 10.0): Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and…
- CVE-2008-6598 — Critical (CVSS 10.0): Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related to "bri restart logic."
- CVE-2026-46137 — Critical (CVSS 9.8): In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADD_ADDR rtx: fix potential…