|
|
Failure to Resolve Equivalent Special Elements into a Different Plane Status: Draft Weakness ID: 76 (Weakness Base)Description Summary The software fails to adequately filter non-typical special elements that are equivalent to control-relevant special elements that are already being filtered. Likelihood of Exploit High to Very High Weakness Ordinalities Primary (where the weakness exists independent of other weaknesses) Causal Nature Explicit (an explicit
weakness resulting from behavior of the developer) Potential Mitigations Requirements specification: Programming languages and supporting technologies might be chosen which are not subject to these issues. Implementation Utilize an appropriate mix of white-list and black-list parsing to filter equivalent special element syntax from all input. Other Notes Can include encoded special characters. Relationships
Taxonomy Mappings
Applicable Platforms Languages All Time of Introduction  Architecture and Design ImplementationContent History Submissions PLOVER. (Externally Mined) Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Relationships, Other_Notes, Taxonomy_Mappings, Weakness_Ordinalities Previous Entry Names Equivalent Special Element Injection (changed 2008-04-11) |
|
|
|||
