CWE
Home > CWE List > CWE- Individual Dictionary Definition (1.6)  

CWE-706: Use of Incorrectly-Resolved Name or Reference

 
Use of Incorrectly-Resolved Name or Reference
Weakness ID: 706 (Weakness Class)Status: Incomplete
+ Description

Description Summary

The software uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

All

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
PeerOfWeakness BaseWeakness Base99Improper Control of Resource Identifiers ('Resource Injection')
Research Concepts1000
ParentOfWeakness ClassWeakness Class22Path Traversal
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base41Improper Resolution of Path Equivalence
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base59Improper Link Resolution Before File Access ('Link Following')
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base66Improper Handling of File Names that Identify Virtual Resources
Research Concepts (primary)1000
ParentOfCompound Element: CompositeCompound Element: Composite98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP File Inclusion')
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base178Failure to Resolve Case Sensitivity
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base386Symbolic Name not Mapping to Correct Object
Research Concepts (primary)1000
MemberOfViewView1000Research Concepts
Research Concepts (primary)1000
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2009-03-10CWE Content TeamMITREInternal
updated Related Attack Patterns
Page Last Updated: October 29, 2009