CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.7)  

Presentation Filter:

CWE-632: Weaknesses that Affect Files or Directories

 
Weaknesses that Affect Files or Directories
Category ID: 632 (Category)Status: Draft
+ Description

Description Summary

Weaknesses in this category affect file or directory resources.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base41Improper Resolution of Path Equivalence
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base59Improper Link Resolution Before File Access ('Link Following')
Resource-specific Weaknesses (primary)631
ParentOfCategoryCategory60UNIX Path Link Problems
Resource-specific Weaknesses (primary)631
ParentOfCategoryCategory63Windows Path Link Problems
Resource-specific Weaknesses (primary)631
ParentOfWeakness VariantWeakness Variant67Improper Handling of Windows Device Names
Resource-specific Weaknesses (primary)631
ParentOfCategoryCategory68Windows Virtual File Problems
Resource-specific Weaknesses (primary)631
ParentOfCategoryCategory70Mac Virtual File Problems
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base96Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base178Improper Handling of Case Sensitivity
Resource-specific Weaknesses (primary)631
ParentOfWeakness VariantWeakness Variant243Creation of chroot Jail Without Changing Working Directory
Resource-specific Weaknesses (primary)631
ParentOfWeakness VariantWeakness Variant260Password in Configuration File
Resource-specific Weaknesses (primary)631
ParentOfCategoryCategory275Permission Issues
Resource-specific Weaknesses (primary)631
ParentOfWeakness ClassWeakness Class282Improper Ownership Management
Resource-specific Weaknesses (primary)631
ParentOfWeakness ClassWeakness Class284Improper Access Control
Resource-specific Weaknesses (primary)631
ParentOfCategoryCategory376Temporary File Issues
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base434Unrestricted Upload of File with Dangerous Type
Resource-specific Weaknesses (primary)631
ParentOfWeakness VariantWeakness Variant533Information Exposure Through Server Log Files
Resource-specific Weaknesses (primary)631
ParentOfWeakness BaseWeakness Base552Files or Directories Accessible to External Parties
Resource-specific Weaknesses (primary)631
ParentOfWeakness VariantWeakness Variant785Use of Path Manipulation Function without Maximum-sized Buffer
Resource-specific Weaknesses (primary)631
MemberOfViewView631Resource-specific Weaknesses
Resource-specific Weaknesses (primary)631
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08MITREInternal
updated Relationships
2009-07-27MITREInternal
updated Relationships
Page Last Updated: June 23, 2014