CWE
Home > CWE List > CWE- Individual Dictionary Definition (1.6)  

CWE-728: OWASP Top Ten 2004 Category A7 - Improper Error Handling

 
OWASP Top Ten 2004 Category A7 - Improper Error Handling
Category ID: 728 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the A7 category in the OWASP Top Ten 2004.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness VariantWeakness Variant7J2EE Misconfiguration: Missing Custom Error Page
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class203Discrepancy Information Leaks
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base209Error Message Information Leak
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class228Improper Handling of Syntactically Invalid Structure
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base252Unchecked Return Value
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfCategoryCategory388Error Handling
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class390Detection of Error Condition Without Action
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base391Unchecked Error Condition
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness BaseWeakness Base394Unexpected Status Code or Return Value
Weaknesses in OWASP Top Ten (2004) (primary)711
ParentOfWeakness ClassWeakness Class636Not Failing Securely ('Failing Open')
Weaknesses in OWASP Top Ten (2004) (primary)711
MemberOfViewView711Weaknesses in OWASP Top Ten (2004)
Weaknesses in OWASP Top Ten (2004) (primary)711
+ References
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-08-15VeracodeExternal Submission
Suggested creation of view and provided mappings
Modifications
Modification DateModifierOrganizationSource
2009-03-10CWE Content TeamMITREInternal
updated Related Attack Patterns, Relationships
Back to top
Page Last Updated: October 29, 2009
 

CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us