CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.10)  
ID

CWE-755: Improper Handling of Exceptional Conditions

Weakness ID: 755
Abstraction: Class
Status: Incomplete
Presentation Filter:
+ Description

Description Summary

The software does not handle or incorrectly handles an exceptional condition.
+ Time of Introduction
  • Implementation
+ Applicable Platforms

Languages

Language-independent

+ Common Consequences
ScopeEffect
Other

Technical Impact: Other

+ Likelihood of Exploit

Low to Medium

+ Observed Examples
ReferenceDescription
Chain: OS kernel does not properly handle a failure of a function call (CWE-755), leading to an unlock of a resource that was not locked (CWE-832), with resultant crash.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class703Improper Check or Handling of Exceptional Conditions
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory880CERT C++ Secure Coding Section 12 - Exceptions and Error Handling (ERR)
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ChildOfCategoryCategory962SFP Secondary Cluster: Unchecked Status Condition
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness BaseWeakness Base209Information Exposure Through an Error Message
Research Concepts1000
ParentOfWeakness ClassWeakness Class390Detection of Error Condition Without Action
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base395Use of NullPointerException Catch to Detect NULL Pointer Dereference
Research Concepts1000
ParentOfWeakness BaseWeakness Base396Declaration of Catch for Generic Exception
Research Concepts1000
ParentOfWeakness VariantWeakness Variant460Improper Cleanup on Thrown Exception
Research Concepts1000
ParentOfWeakness BaseWeakness Base544Missing Standardized Error Handling Mechanism
Research Concepts (primary)1000
ParentOfWeakness ClassWeakness Class636Not Failing Securely ('Failing Open')
Research Concepts1000
ParentOfWeakness ClassWeakness Class756Missing Custom Error Page
Research Concepts (primary)1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CERT C++ Secure CodingERR39-CPPGuarantee exception safety
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2009-03-03Internal CWE Team
New entry for reorganization of CWE-703.
Modifications
Modification DateModifierOrganizationSource
2009-12-28CWE Content TeamMITREInternal
updated Applicable_Platforms, Likelihood_of_Exploit, Time_of_Introduction
2010-12-13CWE Content TeamMITREInternal
updated Description, Observed_Examples
2011-03-29CWE Content TeamMITREInternal
updated Relationships
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2011-09-13CWE Content TeamMITREInternal
updated Relationships, Taxonomy_Mappings
2012-05-11CWE Content TeamMITREInternal
updated Relationships
2014-07-30CWE Content TeamMITREInternal
updated Relationships
2017-01-19CWE Content TeamMITREInternal
updated Relationships

More information is available — Please select a different filter.
Page Last Updated: January 18, 2017