Vulnerabilities > Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-04-16 | CVE-2010-1161 | Race Condition vulnerability in GNU Nano Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files. | 3.7 |
2010-04-15 | CVE-2010-0436 | Race Condition vulnerability in KDE SC Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper interaction with ksm. | 6.9 |
2010-04-01 | CVE-2010-1228 | Race Condition vulnerability in Google Chrome Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have unspecified impact and attack vectors. | 10.0 |
2010-03-31 | CVE-2010-0532 | Race Condition vulnerability in Apple Itunes Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse. | 6.9 |
2010-03-26 | CVE-2010-1123 | Race Condition vulnerability in Chip Salzenberg Deliver 2.1.14 Chip Salzenberg Deliver does not properly associate a lockfile with the user who created the file, which allows local users to cause a denial of service (blockage of incoming e-mail) by creating lockfiles for arbitrary mailboxes. | 2.1 |
2010-03-03 | CVE-2010-0923 | Race Condition vulnerability in KDE SC 4.4.0 Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes. | 6.9 |
2009-12-28 | CVE-2009-4440 | Race Condition vulnerability in SUN Java System Directory Server Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3.1 does not properly handle multiple client connections within a short time window, which allows remote attackers to hijack the backend connection of an authenticated user, and obtain the privileges of this user, by making a client connection in opportunistic circumstances, related to "long binds," aka Bug Ids 6828462 and 6823593. | 6.8 |
2009-12-20 | CVE-2009-4029 | Race Condition vulnerability in GNU Automake 1.10.3/1.11.1/Branch The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete. | 4.4 |
2009-12-14 | CVE-2009-4129 | Race Condition vulnerability in Mozilla Firefox Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain. | 5.8 |
2009-12-08 | CVE-2009-4226 | Race Condition vulnerability in SUN Opensolaris Race condition in the IP module in the kernel in Sun OpenSolaris snv_106 through snv_124 allows remote attackers to cause a denial of service (NULL pointer dereference and panic) via unspecified vectors related to the (1) tcp_do_getsockname or (2) tcp_do_getpeername function. | 7.1 |