Race Condition Vulnerability in VMware SpringSource Spring Security
CVE-2011-2731
Currently unrated
Summary
A race condition is present in the RunAsManager mechanism of VMware SpringSource Spring Security in versions prior to 2.0.7 and 3.0.x before 3.0.6. This flaw permits an attacker to manipulate the shared security context, potentially allowing unauthorized privilege escalation through specially crafted threads. This vulnerability underscores the need for rigorous security practices in concurrent programming environments to prevent unintended access and control.
References
Timeline
Vulnerability published
Vulnerability Reserved