CVE-2011-2731
N/A
N/A
Summary
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://support.springsource.com/security/cve-2011-2731
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814
- http://secunia.com/advisories/55155
- http://www.securitytracker.com/id/1029151
References
- http://support.springsource.com/security/cve-2011-2731
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814
- http://secunia.com/advisories/55155
- http://www.securitytracker.com/id/1029151
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.