vendor:
Libsafe
by:
SecurityFocus
7,2
CVSS
HIGH
Race Condition
362
CWE
Product Name: Libsafe
Affected Version From: 2.0-16
Affected Version To: 2.0-16
Patch Exists: YES
Related CWE: N/A
CPE: a:libsafe:libsafe:2.0-16
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Multi-threaded applications
2004
Libsafe Security Failsafe Mechanism Bypass
A race condition vulnerability has been reported in Libsafe 2.0-16 that may allow Libsafe security failsafe mechanisms to be bypassed. This is due to a race condition that may be exposed when Libsafe is used with multi-threaded applications. The result is that Libsafe security features may be bypassed and an attack that would ordinarily be prevented may succeed.
Mitigation:
Upgrade to the latest version of Libsafe.
