CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,400 vulnerabilities with CWE-362
CVE-2012-0649
Apple Mac OS X <10.7.4 - Privilege Escalation
CVE-2012-1324
Cisco IOS 15.1-15.2 - Denial of Service via IPv6 Packet Handling in Zone-Based Firewall
CVE-2012-0644
iPhone OS < 5.1 - Unauthenticated Passcode Lock Bypass via Slide-to-Dial Gesture
CVE-2011-1075 LOW
FreeBSD - Race Condition in crontab MD5File Comparison
CVSS 3.7
CVE-2011-0699 HIGH
Linux Kernel 2.6.37 - Denial of Service via btrfs_ioctl_space_info Integer Signedness Error
CVSS 7.0
CVE-2011-3585 MEDIUM
Samba 3.6 - Denial of Service via Race Condition in mount.cifs and umount.cifs
CVSS 4.7
CVE-2011-4348
Linux Kernel < 2.6.29 - Denial of Service via SCTP Packet Race Condition
CVE-2011-2731
SpringSource Spring Security < 2.0.7 and 3.0.x < 3.0.6 - Privilege Escalation via RunAsManager Race Condition
CVE-2011-1833
Linux Kernel <3.1 - Privilege Escalation
CVE-2011-5119
Comodo Internet Security < 5.8.211697.2124 - Local Defense+ Bypass via Race Condition
CVE-2011-5118
Comodo Internet Security < 5.8.213334.2131 - Local Defense+ Bypass via Race Condition
CVE-2011-5117
Sophos SafeGuard Enterprise Device Encryption 5.x-5.50.8.13 - Credential Removal Delay
CVE-2011-4029
X.Org xserver <1.11.2 - Info Disclosure
CVE-2011-2183
Linux Kernel < 2.6.39.3 - Race Condition in KSM scan_get_next_rmap_item
CVE-2011-1768
Linux Kernel < 2.6.34 - Denial of Service via Tunnel Module Packet Handling
CVE-2011-3090
Google Chrome < 19.0.1084.46 - Denial of Service via Worker Process Race Condition
CVE-2011-3080
Google Chrome < 18.0.1025.168 - Sandbox Bypass via IPC Race Condition
CVE-2011-3961
Google Chrome < 17.0.963.46 - Remote Code Execution via Utility Process Race Condition
CVE-2011-3878
Google Chrome < 15.0.874.102 - Race Condition in Worker Process Initialization
CVE-2011-2835
Google Chrome < 14.0.835.163 - Race Condition in Certificate Cache
CVE-2011-1625
Cisco IOS 12.2-12.4 15.0-15.1 - Denial of Service via Malformed DLSw Packet Sequence
CVE-2011-1257
Microsoft Internet Explorer 6-8 - Remote Code Execution via Window Open Race Condition
CVE-2011-1787
VMware <7.1.4 - Privilege Escalation
CVE-2011-1485
Linux PolicyKit Race Condition Privilege Escalation
CVE-2011-1444
Google Chrome < 11.0.696.57 - Race Condition in Sandbox Launcher
Details
Vulnerabilities 2,400
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits