CWE-362

Medium likelihood

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Parent: CWE-662 - Improper Synchronization

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

2,400 vulnerabilities with CWE-362
CVE-2010-4248
Linux Kernel < 2.6.37 - Denial of Service via Race Condition in __exit_signal
CVE-2010-3864
OpenSSL 0.9.8f-0.9.8o, 1.0.0, 1.0.0a - Remote Code Execution via TLS Server Name Extension Race Condition
CVE-2010-3495
Zope ZODB < 3.9.7 - Denial of Service via TCP Connection Race Condition
CVE-2010-3494
pyftpdlib < 0.5.2 - Denial of Service via FTP Connection Race Condition
CVE-2010-3493
Python 2.6, 2.7, 3.1, 3.2 alpha - Denial of Service via Race Condition in smtpd.py
CVE-2010-2653
Linux Kernel < 2.6.34 - Race Condition in Hypervisor Virtual Console Device Handling
CVE-2010-3412
Google Chrome <6.0.472.59 - Info Disclosure
CVE-2010-2961
mountall <2.15.2 - Privilege Escalation
CVE-2010-2792
spice-xpi - Race Condition via UNIX Socket
CVE-2010-2558
Microsoft Internet Explorer 6, 7, and 8 - Remote Code Execution via Race Condition
CVE-2010-1888
Windows XP SP3 - Local Privilege Escalation via Thread Creation Race Condition
CVE-2010-1775
iPhone OS < 4 - Unauthenticated Passcode Bypass via Race Condition in Initial Boot
CVE-2010-2024
Exim < 4.72 - Symlink Attack via Lockfile in /tmp
CVE-2010-2023
Exim < 4.72 - Denial of Service via Hard Link Attack in Mail Directory
CVE-2010-1437 HIGH
Linux Kernel < 2.6.34 - Race Condition in Keyring Deletion
CVSS 7.0
CVE-2010-1151
Apache HTTP Server - Authentication Bypass via mod_auth_shadow Race Condition
CVE-2010-1161
GNU nano <2.2.4 - Privilege Escalation
CVE-2010-0436
KDE SC 2.2.0-4.4.2 - Local Privilege Escalation via KDM Control Socket Race Condition
CVE-2010-1228
Google Chrome <4.1.249.1036 - Info Disclosure
CVE-2010-0489
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 - Remote Code Execution via Race Condition
CVE-2010-0532
Apple iTunes < 9.1 - Privilege Escalation via Race Condition in Installation Package
CVE-2010-1123
Chip Salzenberg Deliver - Denial of Service via Lockfile Race Condition
CVE-2010-0732
GTK+ < 2.18.5 and gnome-screensaver < 2.28.1 - Race Condition via Implicit Window Paints
CVE-2010-0923
KDE SC 4.4.0 - Privilege Escalation
CVE-2010-0021 MEDIUM
Microsoft Windows - Denial of Service via SMB Negotiate Packet Race Condition
CVSS 5.9
Details
Vulnerabilities 2,400
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits