VYPR
Unrated severityNVD Advisory· Published Apr 13, 2011· Updated Jun 16, 2026

CVE-2011-0990

CVE-2011-0990

Description

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • Mono/Mono2 versions
    cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mono:mono:*:*:*:*:*:*:*:*
    • (no CPE)
  • Novell/Moonlight6 versions
    cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:novell:moonlight:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:moonlight:2.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:moonlight:2.31:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:moonlight:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:moonlight:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:novell:moonlight:3.99:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.