Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (3.0)  

CWE CATEGORY: CERT C++ Secure Coding Section 09 - Input Output (FIO)

Category ID: 877
Status: Incomplete
+ Summary
Weaknesses in this category are related to rules in the Input Output (FIO) section of the CERT C++ Secure Coding Standard. Since not all rules map to specific weaknesses, this category may be incomplete.
+ Membership
MemberOfViewView868Weaknesses Addressed by the CERT C++ Secure Coding Standard
HasMemberClassClass22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
HasMemberVariantVariant37Path Traversal: '/absolute/pathname/here'
HasMemberVariantVariant38Path Traversal: '\absolute\pathname\here'
HasMemberVariantVariant39Path Traversal: 'C:dirname'
HasMemberBaseBase41Improper Resolution of Path Equivalence
HasMemberBaseBase59Improper Link Resolution Before File Access ('Link Following')
HasMemberVariantVariant62UNIX Hard Link
HasMemberVariantVariant64Windows Shortcut Following (.LNK)
HasMemberVariantVariant65Windows Hard Link
HasMemberVariantVariant67Improper Handling of Windows Device Names
HasMemberClassClass73External Control of File Name or Path
HasMemberClassClass119Improper Restriction of Operations within the Bounds of a Memory Buffer
HasMemberBaseBase134Use of Externally-Controlled Format String
HasMemberBaseBase241Improper Handling of Unexpected Data Type
HasMemberVariantVariant276Incorrect Default Permissions
HasMemberVariantVariant279Incorrect Execution-Assigned Permissions
HasMemberClassClass362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
HasMemberBaseBase367Time-of-check Time-of-use (TOCTOU) Race Condition
HasMemberBaseBase379Creation of Temporary File in Directory with Incorrect Permissions
HasMemberBaseBase391Unchecked Error Condition
HasMemberBaseBase403Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
HasMemberBaseBase404Improper Resource Shutdown or Release
HasMemberBaseBase552Files or Directories Accessible to External Parties
HasMemberClassClass675Duplicate Operations on Resource
HasMemberBaseBase676Use of Potentially Dangerous Function
HasMemberClassClass732Incorrect Permission Assignment for Critical Resource
HasMemberBaseBase770Allocation of Resources Without Limits or Throttling
+ Content History
Submission DateSubmitterOrganization
2011-08-04CWE Content TeamMITRE

More information is available — Please select a different filter.
Page Last Updated: January 18, 2018