A product performs a series of non-atomic actions to switch
between contexts that cross privilege or other security boundaries, but a race
condition allows an attacker to modify or misrepresent the product's behavior
during the switch.
Extended Description
This is commonly seen in web browser vulnerabilities in which the attacker
can perform certain actions while the browser is transitioning from a
trusted to an untrusted domain, or vice versa, and the browser performs the
actions on one domain using the trust level and resources of the other
domain.
Browser updates address bar as soon as user clicks
on a link instead of when the page has loaded, allowing spoofing by
redirecting to another page using onUnload method. ** this is one example of
the role of "hooks" and context switches, and should be captured somehow -
also a race condition of sorts **
XSS when web browser executes Javascript events in
the context of a new page while it's being loaded, allowing interaction with
previous page in different domain.
Web browser fills in address bar of clicked-on
link before page has been loaded, and doesn't update
afterward.
Weakness Ordinalities
Ordinality
Description
Primary
This weakness can be primary to almost anything, depending on the
context of the race condition.
Resultant
This weakness can be resultant from insufficient compartmentalization
(CWE-653), incorrect locking, improper initialization or shutdown, or a
number of other weaknesses.
Under-studied as a concept. Frequency unknown; few vulnerability reports
give enough detail to know when a context switching race condition is a
factor.
Description
