Time of Check to Time of Use Transaction Race Condition
Variants:
Direct
Also Known As:
TOCTTOU
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Synchronization, Secure Design
Invented In:
01/01/1999
Added In:
25/12/2014
Vector Operation Method:
Abusing race conditions in a resource time of check vs time of use to peform multiple resource uses, to effects such as exceeding money transfer limits or similar exploits.
