CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.0)  
ID

CWE VIEW: Seven Pernicious Kingdoms

View ID: 700
Type: Graph
Status: Incomplete
+ Objective
This view (graph) organizes weaknesses using a hierarchical structure that is similar to that used by Seven Pernicious Kingdoms.
+ Audience
StakeholderDescription
Software DevelopersThis view is useful for developers because it is organized around concepts with which developers are familiar, and it focuses on weaknesses that can be detected using source code analysis tools.
+ Relationships
Show Details:
700 - Seven Pernicious Kingdoms
+CategoryCategory7PK - Security Features - (254)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features)
Software security is not security software. Here we're concerned with topics like authentication, access control, confidentiality, cryptography, and privilege management.
*VariantVariantPlaintext Storage of a Password - (256)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 256 (Plaintext Storage of a Password)
Storing a password in plaintext may result in a system compromise.
*VariantVariantEmpty Password in Configuration File - (258)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 258 (Empty Password in Configuration File)
Using an empty string as a password is insecure.
*BaseBaseUse of Hard-coded Password - (259)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 259 (Use of Hard-coded Password)
The software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
*VariantVariantPassword in Configuration File - (260)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 260 (Password in Configuration File)
The software stores a password in a configuration file that might be accessible to actors who do not know the password.
*VariantVariantWeak Cryptography for Passwords - (261)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 261 (Weak Cryptography for Passwords)
Obscuring a password with a trivial encoding does not protect the password.
*BaseBaseLeast Privilege Violation - (272)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 272 (Least Privilege Violation)
The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
*ClassClassImproper Authorization - (285)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 285 (Improper Authorization)
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.AuthZ
*ClassClassUse of Insufficiently Random Values - (330)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 330 (Use of Insufficiently Random Values)
The software may use insufficiently random numbers or values in a security context that depends on unpredictable numbers.
*ClassClassExposure of Private Information ('Privacy Violation') - (359)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 359 (Exposure of Private Information ('Privacy Violation'))
The software does not properly prevent private data (such as credit card numbers) from being accessed by actors who either (1) are not explicitly authorized to access the data or (2) do not have the implicit consent of the people to which the data is related.Privacy leakPrivacy leakage
*BaseBaseUse of Hard-coded Credentials - (798)
700 (Seven Pernicious Kingdoms) > 254 (7PK - Security Features) > 798 (Use of Hard-coded Credentials)
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
+CategoryCategory7PK - Time and State - (361)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State)
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses related to the improper management of time and state in an environment that supports simultaneous or near-simultaneous computation by multiple systems, processes, or threads. According to the authors of the Seven Pernicious Kingdoms, "Distributed computation is about time and state. That is, in order for more than one component to communicate, state must be shared, and all that takes time. Most programmers anthropomorphize their work. They think about one thread of control carrying out the entire program in the same way they would if they had to do the job themselves. Modern computers, however, switch between tasks very quickly, and in multi-core, multi-CPU, or distributed systems, two events may take place at exactly the same time. Defects rush to fill the gap between the programmer's model of how a program executes and what happens in reality. These defects are related to unexpected interactions between threads, processes, time, and information. These interactions happen through shared state: semaphores, variables, the file system, and, basically, anything that can store information."
*BaseBaseSignal Handler Race Condition - (364)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 364 (Signal Handler Race Condition)
The software uses a signal handler that introduces a race condition.
*BaseBaseTime-of-check Time-of-use (TOCTOU) Race Condition - (367)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 367 (Time-of-check Time-of-use (TOCTOU) Race Condition)
The software checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the software to perform invalid actions when the resource is in an unexpected state.TOCTTOUTOCCTOU
*CategoryCategoryTemporary File Issues - (376)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 376 (Temporary File Issues)
Weaknesses in this category are related to improper handling of temporary files.
*BaseBaseInsecure Temporary File - (377)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 377 (Insecure Temporary File)
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
*VariantVariantJ2EE Bad Practices: Use of System.exit() - (382)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 382 (J2EE Bad Practices: Use of System.exit())
A J2EE application uses System.exit(), which also shuts down its container.
*VariantVariantJ2EE Bad Practices: Direct Use of Threads - (383)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 383 (J2EE Bad Practices: Direct Use of Threads)
Thread management in a Web application is forbidden in some circumstances and is always highly error prone.
*CompositeCompositeSession Fixation - (384)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 384 (Session Fixation)
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
*BaseBaseUnrestricted Externally Accessible Lock - (412)
700 (Seven Pernicious Kingdoms) > 361 (7PK - Time and State) > 412 (Unrestricted Externally Accessible Lock)
The software properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.
+CategoryCategory7PK - Errors - (388)
700 (Seven Pernicious Kingdoms) > 388 (7PK - Errors)
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that occur when an application does not properly handle errors that occur during processing. According to the authors of the Seven Pernicious Kingdoms, "Errors and error handling represent a class of API. Errors related to error handling are so common that they deserve a special kingdom of their own. As with 'API Abuse,' there are two ways to introduce an error-related security vulnerability: the most common one is handling errors poorly (or not at all). The second is producing errors that either give out too much information (to possible attackers) or are difficult to handle."
*BaseBaseUnchecked Error Condition - (391)
700 (Seven Pernicious Kingdoms) > 388 (7PK - Errors) > 391 (Unchecked Error Condition)
Ignoring exceptions and other error conditions may allow an attacker to induce unexpected behavior unnoticed.
*BaseBaseUse of NullPointerException Catch to Detect NULL Pointer Dereference - (395)
700 (Seven Pernicious Kingdoms) > 388 (7PK - Errors) > 395 (Use of NullPointerException Catch to Detect NULL Pointer Dereference)
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
*BaseBaseDeclaration of Catch for Generic Exception - (396)
700 (Seven Pernicious Kingdoms) > 388 (7PK - Errors) > 396 (Declaration of Catch for Generic Exception)
Catching overly broad exceptions promotes complex error handling code that is more likely to contain security vulnerabilities.
*BaseBaseDeclaration of Throws for Generic Exception - (397)
700 (Seven Pernicious Kingdoms) > 388 (7PK - Errors) > 397 (Declaration of Throws for Generic Exception)
Throwing overly broad exceptions promotes complex error handling code that is more likely to contain security vulnerabilities.
+CategoryCategory7PK - Input Validation and Representation - (1005)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation)
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that exist when an application does not properly validate or represent input. According to the authors of the Seven Pernicious Kingdoms, "Input validation and representation problems are caused by metacharacters, alternate encodings and numeric representations. Security problems result from trusting input."
+ClassClassImproper Input Validation - (20)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.
*VariantVariantStruts: Duplicate Validation Forms - (102)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 102 (Struts: Duplicate Validation Forms)
The application uses multiple validation forms with the same name, which might cause the Struts Validator to validate a form that the programmer does not expect.
*VariantVariantStruts: Incomplete validate() Method Definition - (103)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 103 (Struts: Incomplete validate() Method Definition)
The application has a validator form that either does not define a validate() method, or defines a validate() method but does not call super.validate().
*VariantVariantStruts: Form Bean Does Not Extend Validation Class - (104)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 104 (Struts: Form Bean Does Not Extend Validation Class)
If a form bean does not extend an ActionForm subclass of the Validator framework, it can expose the application to other weaknesses related to insufficient input validation.
*VariantVariantStruts: Form Field Without Validator - (105)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 105 (Struts: Form Field Without Validator)
The application has a form field that is not validated by a corresponding validation form, which can introduce other weaknesses related to insufficient input validation.
*VariantVariantStruts: Plug-in Framework not in Use - (106)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 106 (Struts: Plug-in Framework not in Use)
When an application does not use an input validation framework such as the Struts Validator, there is a greater risk of introducing weaknesses related to insufficient input validation.
*VariantVariantStruts: Unused Validation Form - (107)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 107 (Struts: Unused Validation Form)
An unused validation form indicates that validation logic is not up-to-date.
*VariantVariantStruts: Unvalidated Action Form - (108)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 108 (Struts: Unvalidated Action Form)
Every Action Form must have a corresponding validation form.
*VariantVariantStruts: Validator Turned Off - (109)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 109 (Struts: Validator Turned Off)
Automatic filtering via a Struts bean has been turned off, which disables the Struts Validator and custom validation logic. This exposes the application to other weaknesses related to insufficient input validation.
*VariantVariantStruts: Validator Without Form Field - (110)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 110 (Struts: Validator Without Form Field)
Validation fields that do not appear in forms they are associated with indicate that the validation logic is out of date.
*BaseBaseDirect Use of Unsafe JNI - (111)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 111 (Direct Use of Unsafe JNI)
When a Java application uses the Java Native Interface (JNI) to call code written in another programming language, it can expose the application to weaknesses in that code, even if those weaknesses cannot occur in Java.
*BaseBaseMissing XML Validation - (112)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 112 (Missing XML Validation)
The software accepts XML from an untrusted source but does not validate the XML against the proper schema.
*BaseBaseImproper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') - (113)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 113 (Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting'))
The software receives data from an upstream component, but does not neutralize or incorrectly neutralizes CR and LF characters before the data is included in outgoing HTTP headers.
*BaseBaseProcess Control - (114)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 114 (Process Control)
Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.
*BaseBaseImproper Output Neutralization for Logs - (117)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 117 (Improper Output Neutralization for Logs)
The software does not neutralize or incorrectly neutralizes output that is written to logs.
*ClassClassImproper Restriction of Operations within the Bounds of a Memory Buffer - (119)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Memory Corruption
*BaseBaseBuffer Copy without Checking Size of Input ('Classic Buffer Overflow') - (120)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.buffer overrunUnbounded Transfer
*BaseBaseUse of Externally-Controlled Format String - (134)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 134 (Use of Externally-Controlled Format String)
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.
*BaseBaseExternal Control of System or Configuration Setting - (15)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 15 (External Control of System or Configuration Setting)
One or more system settings or configuration elements can be externally controlled by a user.
*BaseBaseImproper Null Termination - (170)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 170 (Improper Null Termination)
The software does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.
*BaseBaseInteger Overflow or Wraparound - (190)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 190 (Integer Overflow or Wraparound)
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
*BaseBaseReturn of Pointer Value Outside of Expected Range - (466)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 466 (Return of Pointer Value Outside of Expected Range)
A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference.
*BaseBaseUse of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') - (470)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 470 (Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection'))
The application uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.Reflection Injection
*ClassClassExternal Control of File Name or Path - (73)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 73 (External Control of File Name or Path)
The software allows user input to control or influence paths or file names that are used in filesystem operations.
*VariantVariantUse of Path Manipulation Function without Maximum-sized Buffer - (785)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 20 (Improper Input Validation) > 785 (Use of Path Manipulation Function without Maximum-sized Buffer)
The software invokes a function for normalizing paths or file names, but it provides an output buffer that is smaller than the maximum possible size, such as PATH_MAX.
*ClassClassImproper Neutralization of Special Elements used in a Command ('Command Injection') - (77)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 77 (Improper Neutralization of Special Elements used in a Command ('Command Injection'))
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
*BaseBaseImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') - (79)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.XSSCSS
*BaseBaseImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - (89)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))
The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
*BaseBaseImproper Control of Resource Identifiers ('Resource Injection') - (99)
700 (Seven Pernicious Kingdoms) > 1005 (7PK - Input Validation and Representation) > 99 (Improper Control of Resource Identifiers ('Resource Injection'))
The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control.Insecure Direct Object Reference
+CategoryCategory7PK - API Abuse - (227)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse)
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that involve the software useing an API in a manner contrary to its intended use. According to the authors of the Seven Pernicious Kingdoms, "An API is a contract between a caller and a callee. The most common forms of API misuse occurs when the caller does not honor its end of this contract. For example, if a program does not call chdir() after calling chroot(), it violates the contract that specifies how to change the active root directory in a secure fashion. Another good example of library abuse is expecting the callee to return trustworthy DNS information to the caller. In this case, the caller misuses the callee API by making certain assumptions about its behavior (that the return value can be used for authentication purposes). One can also violate the caller-callee contract from the other side. For example, if a coder subclasses SecureRandom and returns a non-random value, the contract is violated."
*BaseBaseUse of Inherently Dangerous Function - (242)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 242 (Use of Inherently Dangerous Function)
The program calls a function that can never be guaranteed to work safely.
*VariantVariantCreation of chroot Jail Without Changing Working Directory - (243)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 243 (Creation of chroot Jail Without Changing Working Directory)
The program uses the chroot() system call to create a jail, but does not change the working directory afterward. This does not prevent access to files outside of the jail.
*VariantVariantImproper Clearing of Heap Memory Before Release ('Heap Inspection') - (244)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 244 (Improper Clearing of Heap Memory Before Release ('Heap Inspection'))
Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory.
*VariantVariantJ2EE Bad Practices: Direct Management of Connections - (245)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 245 (J2EE Bad Practices: Direct Management of Connections)
The J2EE application directly manages connections, instead of using the container's connection management facilities.
*VariantVariantJ2EE Bad Practices: Direct Use of Sockets - (246)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 246 (J2EE Bad Practices: Direct Use of Sockets)
The J2EE application directly uses sockets instead of using framework method calls.
*BaseBaseUncaught Exception - (248)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 248 (Uncaught Exception)
An exception is thrown from a function, but it is not caught.
*ClassClassExecution with Unnecessary Privileges - (250)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 250 (Execution with Unnecessary Privileges)
The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
*CategoryCategoryOften Misused: String Management - (251)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 251 (Often Misused: String Management)
Functions that manipulate strings encourage buffer overflows.
*BaseBaseUnchecked Return Value - (252)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 252 (Unchecked Return Value)
The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
*VariantVariantUse of getlogin() in Multithreaded Application - (558)
700 (Seven Pernicious Kingdoms) > 227 (7PK - API Abuse) > 558 (Use of getlogin() in Multithreaded Application)
The application uses the getlogin() function in a multithreaded context, potentially causing it to return incorrect values.
+CategoryCategory7PK - Code Quality - (398)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality)
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that do not directly introduce a weakness or vulnerability, but indicate that the product has not been carefully developed or maintained. According to the authors of the Seven Pernicious Kingdoms, "Poor code quality leads to unpredictable behavior. From a user's perspective that often manifests itself as poor usability. For an adversary it provides an opportunity to stress the system in unexpected ways."
*BaseBaseImproper Release of Memory Before Removing Last Reference ('Memory Leak') - (401)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 401 (Improper Release of Memory Before Removing Last Reference ('Memory Leak'))
The software does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.Memory Leak
*BaseBaseImproper Resource Shutdown or Release - (404)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 404 (Improper Resource Shutdown or Release)
The program does not release or incorrectly releases a resource before it is made available for re-use.
*VariantVariantDouble Free - (415)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 415 (Double Free)
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.Double-free
*BaseBaseUse After Free - (416)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 416 (Use After Free)
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Dangling pointerUse-After-Free
*VariantVariantUse of Uninitialized Variable - (457)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 457 (Use of Uninitialized Variable)
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
*BaseBaseUse of Function with Inconsistent Implementations - (474)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 474 (Use of Function with Inconsistent Implementations)
The code uses a function that has inconsistent implementations across operating systems and versions.
*BaseBaseUndefined Behavior for Input to API - (475)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 475 (Undefined Behavior for Input to API)
The behavior of this function is undefined unless its control parameter is set to a specific value.
*BaseBaseNULL Pointer Dereference - (476)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 476 (NULL Pointer Dereference)
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
*BaseBaseUse of Obsolete Function - (477)
700 (Seven Pernicious Kingdoms) > 398 (7PK - Code Quality) > 477 (Use of Obsolete Function)
The code uses deprecated or obsolete functions, which suggests that the code has not been actively reviewed or maintained.
+CategoryCategory7PK - Encapsulation - (485)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation)
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that occur when the product does not sufficiently encapsulate critical data or functionality. According to the authors of the Seven Pernicious Kingdoms, "Encapsulation is about drawing strong boundaries. In a web browser that might mean ensuring that your mobile code cannot be abused by other mobile code. On the server it might mean differentiation between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not."
*VariantVariantComparison of Classes by Name - (486)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 486 (Comparison of Classes by Name)
The program compares classes by name, which can cause it to use the wrong class when multiple classes can have the same name.
*VariantVariantExposure of Data Element to Wrong Session - (488)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 488 (Exposure of Data Element to Wrong Session)
The product does not sufficiently enforce boundaries between the states of different sessions, causing data to be provided to, or used by, the wrong session.
*BaseBaseLeftover Debug Code - (489)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 489 (Leftover Debug Code)
The application can be deployed with active debugging code that can create unintended entry points.
*VariantVariantPublic cloneable() Method Without Final ('Object Hijack') - (491)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 491 (Public cloneable() Method Without Final ('Object Hijack'))
A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.
*VariantVariantUse of Inner Class Containing Sensitive Data - (492)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 492 (Use of Inner Class Containing Sensitive Data)
Inner classes are translated into classes that are accessible at package scope and may expose code that the programmer intended to keep private to attackers.
*VariantVariantCritical Public Variable Without Final Modifier - (493)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 493 (Critical Public Variable Without Final Modifier)
The product has a critical public variable that is not final, which allows the variable to be modified to contain unexpected values.
*VariantVariantPrivate Array-Typed Field Returned From A Public Method - (495)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 495 (Private Array-Typed Field Returned From A Public Method)
The product has a method that is declared public, but returns a reference to a private array, which could then be modified in unexpected ways.
*VariantVariantPublic Data Assigned to Private Array-Typed Field - (496)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 496 (Public Data Assigned to Private Array-Typed Field)
Assigning public data to a private array is equivalent to giving public access to the array.
*VariantVariantExposure of System Data to an Unauthorized Control Sphere - (497)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 497 (Exposure of System Data to an Unauthorized Control Sphere)
Exposing system data or debugging information helps an adversary learn about the system and form an attack plan.
*BaseBaseTrust Boundary Violation - (501)
700 (Seven Pernicious Kingdoms) > 485 (7PK - Encapsulation) > 501 (Trust Boundary Violation)
The product mixes trusted and untrusted data in the same data structure or structured message.
+CategoryCategory7PK - Environment - (2)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment)
This category represents one of the phyla in the Seven Pernicious Kingdoms vulnerability classification. It includes weaknesses that are typically introduced during unexpected environmental conditions. According to the authors of the Seven Pernicious Kingdoms, "This section includes everything that is outside of the source code but is still critical to the security of the product that is being created. Because the issues covered by this kingdom are not directly related to source code, we separated it from the rest of the kingdoms."
*VariantVariantASP.NET Misconfiguration: Creating Debug Binary - (11)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 11 (ASP.NET Misconfiguration: Creating Debug Binary)
Debugging messages help attackers learn about the system and plan a form of attack.
*VariantVariantASP.NET Misconfiguration: Missing Custom Error Page - (12)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 12 (ASP.NET Misconfiguration: Missing Custom Error Page)
An ASP .NET application must enable custom error pages in order to prevent attackers from mining information from the framework's built-in responses.
*VariantVariantASP.NET Misconfiguration: Password in Configuration File - (13)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 13 (ASP.NET Misconfiguration: Password in Configuration File)
Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attackers.
*BaseBaseCompiler Removal of Code to Clear Buffers - (14)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 14 (Compiler Removal of Code to Clear Buffers)
Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka "dead store removal."
*VariantVariantJ2EE Misconfiguration: Data Transmission Without Encryption - (5)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 5 (J2EE Misconfiguration: Data Transmission Without Encryption)
Information sent over a network can be compromised while in transit. An attacker may be able to read or modify the contents if the data are sent in plaintext or are weakly encrypted.
*VariantVariantJ2EE Misconfiguration: Insufficient Session-ID Length - (6)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 6 (J2EE Misconfiguration: Insufficient Session-ID Length)
The J2EE application is configured to use an insufficient session ID length.
*VariantVariantJ2EE Misconfiguration: Missing Custom Error Page - (7)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 7 (J2EE Misconfiguration: Missing Custom Error Page)
The default error page of a web application should not display sensitive information about the software system.
*VariantVariantJ2EE Misconfiguration: Entity Bean Declared Remote - (8)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 8 (J2EE Misconfiguration: Entity Bean Declared Remote)
When an application exposes a remote interface for an entity bean, it might also expose methods that get or set the bean's data. These methods could be leveraged to read sensitive information, or to change data in ways that violate the application's expectations, potentially leading to other vulnerabilities.
*VariantVariantJ2EE Misconfiguration: Weak Access Permissions for EJB Methods - (9)
700 (Seven Pernicious Kingdoms) > 2 (7PK - Environment) > 9 (J2EE Misconfiguration: Weak Access Permissions for EJB Methods)
If elevated access rights are assigned to EJB methods, then an attacker can take advantage of the permissions to exploit the software system.
+ Notes

Other

The MITRE CWE team frequently uses "7PK" as an abbreviation for Seven Pernicious Kingdoms.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-09-09CWE Content TeamMITRE
Modifications
Modification DateModifierOrganizationSource
2017-05-03CWE Content TeamMITRE
updated Relationships
2017-11-08CWE Content TeamMITRE
updated Alternate_Terms, Other_Notes
+ View Metrics
CWEs in this viewTotal CWEs
Total97out of982
Weaknesses87out of 714
Categories10out of 237
Views0out of 31

More information is available — Please select a different filter.
Page Last Updated: November 14, 2017