|ID: 820||Date: (C)2012-05-14 (M)2012-11-08|
|Type: weakness||Status: INCOMPLETE|
|Abstraction Type: Base|
The software utilizes a shared resource in a concurrent manner
but does not attempt to synchronize access to the resource.
Extended DescriptionIf access to a shared resource is not synchronized, then the resource may
not be in a state that is expected by the software. This might lead to
unexpected or insecure behaviors, especially if an attacker can influence
the shared resource.
|IntegrityConfidentialityOther ||Modify application
logic || |
|CWE-820 ChildOf CWE-853 ||Category ||CWE-844 || |
Demonstrative Examples (Details)
- The following code intends to fork a process, then have both the
parent and child processes print a single line.
White Box Definitions None
Black Box Definitions None
|CERT Java Secure Coding ||LCK05-J ||Synchronize access to static fields that can be modified by
untrusted code || |