CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.6)  

Presentation Filter:

CWE-619: Dangling Database Cursor ('Cursor Injection')

 
Dangling Database Cursor ('Cursor Injection')
Weakness ID: 619 (Weakness Base)Status: Incomplete
+ Description

Description Summary

If a database cursor is not closed properly, then it could become accessible to other users while retaining the same privileges that were originally assigned, leaving the cursor "dangling."

Extended Description

For example, an improper dangling cursor could arise from unhandled exceptions. The impact of the issue depends on the cursor's role, but SQL injection attacks are commonly possible.

+ Time of Introduction
  • Implementation
+ Applicable Platforms

Languages

SQL

+ Modes of Introduction

This issue is currently reported for unhandled exceptions, but it is theoretically possible any time the programmer does not close the cursor at the proper time.

+ Common Consequences
ScopeEffect
Confidentiality
Integrity

Technical Impact: Read application data; Modify application data

+ Potential Mitigations

Phase: Implementation

Close cursors immediately after access to them is complete. Ensure that you close cursors if exceptions occur.

+ Background Details

A cursor is a feature in Oracle PL/SQL and other languages that provides a handle for executing and accessing the results of SQL queries.

+ Weakness Ordinalities
OrdinalityDescription
Primary

This could be primary when the programmer never attempts to close the cursor when finished with it.

Resultant
(where the weakness is typically related to the presence of some other weaknesses)
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class402Transmission of Private Resources into a New Sphere ('Resource Leak')
Development Concepts699
Research Concepts1000
ChildOfWeakness BaseWeakness Base404Improper Resource Shutdown or Release
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory896SFP Cluster: Tainted Input
Software Fault Pattern (SFP) Clusters (primary)888
PeerOfCategoryCategory265Privilege / Sandbox Issues
Research Concepts1000
PeerOfCategoryCategory388Error Handling
Research Concepts1000
+ References
David Litchfield. "The Oracle Hacker's Handbook".
David Litchfield. "Cursor Injection". <http://www.databasesecurity.com/dbsec/cursor-injection.pdf>.
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other_Notes
2008-10-14CWE Content TeamMITREInternal
updated Background_Details, Description, Relationships
2009-05-27CWE Content TeamMITREInternal
updated Name
2009-10-29CWE Content TeamMITREInternal
updated Modes_of_Introduction, Other_Notes, Weakness_Ordinalities
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Relationships
2012-10-30CWE Content TeamMITREInternal
updated Potential_Mitigations
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Dangling Database Cursor (Cursor Injection)
2009-05-27Dangling Database Cursor (aka 'Cursor Injection')
Page Last Updated: February 18, 2014