CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.4.1)  
ID

CWE CATEGORY: The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)

Category ID: 861
Status: Obsolete
+ Summary
Weaknesses in this category are related to rules in the Miscellaneous (MSC) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
+ Membership
NatureTypeIDName
MemberOfViewView - a subset of CWE entries that provides a way of examining CWE content. The two main view structures are Slices (flat lists) and Graphs (containing relationships between entries).844Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.259Use of Hard-coded Password
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.311Missing Encryption of Sensitive Data
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.330Use of Insufficiently Random Values
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.332Insufficient Entropy in PRNG
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.333Improper Handling of Insufficient Entropy in TRNG
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.336Same Seed in Pseudo-Random Number Generator (PRNG)
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.337Predictable Seed in Pseudo-Random Number Generator (PRNG)
HasMemberClassClass - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness.400Uncontrolled Resource Consumption
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.401Missing Release of Memory after Effective Lifetime
HasMemberVariantVariant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness.543Use of Singleton Pattern Without Synchronization in a Multithreaded Context
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.770Allocation of Resources Without Limits or Throttling
HasMemberBaseBase - a weakness that is described in an abstract fashion, but with sufficient details to infer specific methods for detection and prevention. More general than a Variant weakness, but more specific than a Class weakness.798Use of Hard-coded Credentials
+ References
[REF-813] Fred Long, Dhruv Mohindra, Robert C. Seacord, Dean F. Sutherland and David Svoboda. "The CERT Oracle Coding Standard for Java". 1st Edition. Addison-Wesley Professional. 2011-09-18.
+ Content History
Submissions
Submission DateSubmitterOrganization
2011-05-24CWE Content TeamMITRE
Modifications
Modification DateModifierOrganization
2012-05-11CWE Content TeamMITRE
updated Relationships
2019-01-03CWE Content TeamMITRE
updated Description, Name, References
Previous Entry Names
Change DatePrevious Entry Name
2019-01-03CERT Java Secure Coding Section 49 - Miscellaneous (MSC)
More information is available — Please select a different filter.
Page Last Updated: June 20, 2019