Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.7)  

Presentation Filter:

CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak')

Transmission of Private Resources into a New Sphere ('Resource Leak')
Weakness ID: 402 (Weakness Class)Status: Draft
+ Description

Description Summary

The software makes resources available to untrusted parties when those resources are only intended to be accessed by the software.
+ Alternate Terms
Resource Leak
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Common Consequences

Technical Impact: Read application data

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory399Resource Management Errors
Development Concepts (primary)699
ChildOfWeakness ClassWeakness Class668Exposure of Resource to Wrong Sphere
Research Concepts (primary)1000
ChildOfCategoryCategory895SFP Cluster: Information Leak
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base403Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
Development Concepts (primary)699
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base619Dangling Database Cursor ('Cursor Injection')
Development Concepts699
Research Concepts1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERResource leaks
+ Content History
Submission DateSubmitterOrganizationSource
Externally Mined
Modification DateModifierOrganizationSource
updated Time_of_Introduction
updated Relationships, Taxonomy_Mappings
updated Name
updated Alternate_Terms
updated Common_Consequences
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Resource Leaks
2009-05-27Transmission of Private Resources into a New Sphere (aka 'Resource Leak')
Page Last Updated: June 23, 2014