Race condition vulnerability in FastCopy optimization in Mono's Array.Copy method in metadata/icall.c, allowing remote attackers to trigger a buffer overflow and modify internal data structures

Race condition vulnerability in FastCopy optimization in Mono's Array.Copy method in metadata/icall.c, allowing remote attackers to trigger a buffer overflow and modify internal data structures

CVE-2011-0990 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:P

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action.

Learn more about our Internal Network Penetration Testing.