CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.6)  

Presentation Filter:

CWE-743: CERT C Secure Coding Section 09 - Input Output (FIO)

 
CERT C Secure Coding Section 09 - Input Output (FIO)
Category ID: 743 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to rules in the input/output section of the CERT C Secure Coding Standard. Since not all rules map to specific weaknesses, this category may be incomplete.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant37Path Traversal: '/absolute/pathname/here'
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant38Path Traversal: '\absolute\pathname\here'
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant39Path Traversal: 'C:dirname'
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base41Improper Resolution of Path Equivalence
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base59Improper Link Resolution Before File Access ('Link Following')
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant62UNIX Hard Link
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant64Windows Shortcut Following (.LNK)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant65Windows Hard Link
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant67Improper Handling of Windows Device Names
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness ClassWeakness Class119Improper Restriction of Operations within the Bounds of a Memory Buffer
Weaknesses Addressed by the CERT C Secure Coding Standard734
ParentOfWeakness BaseWeakness Base134Uncontrolled Format String
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base241Improper Handling of Unexpected Data Type
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant276Incorrect Default Permissions
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness VariantWeakness Variant279Incorrect Execution-Assigned Permissions
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness ClassWeakness Class362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base367Time-of-check Time-of-use (TOCTOU) Race Condition
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base379Creation of Temporary File in Directory with Incorrect Permissions
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base391Unchecked Error Condition
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base403Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base404Improper Resource Shutdown or Release
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base552Files or Directories Accessible to External Parties
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness ClassWeakness Class675Duplicate Operations on Resource
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
ParentOfWeakness BaseWeakness Base676Use of Potentially Dangerous Function
Weaknesses Addressed by the CERT C Secure Coding Standard734
ParentOfWeakness VariantWeakness Variant686Function Call With Incorrect Argument Type
Weaknesses Addressed by the CERT C Secure Coding Standard734
ParentOfWeakness ClassWeakness Class732Incorrect Permission Assignment for Critical Resource
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
MemberOfViewView734Weaknesses Addressed by the CERT C Secure Coding Standard
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-11-24Internal CWE Team
Modifications
Modification DateModifierOrganizationSource
2011-09-13CWE Content TeamMITREInternal
updated Relationships
Page Last Updated: February 18, 2014