CWE

Common Weakness Enumeration

A Community-Developed Dictionary of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors Common Weakness Scoring System
Common Weakness Risk Analysis Framework
Home > CWE List > CWE- Individual Dictionary Definition (2.6)  

Presentation Filter:

CWE-877: CERT C++ Secure Coding Section 09 - Input Output (FIO)

 
CERT C++ Secure Coding Section 09 - Input Output (FIO)
Category ID: 877 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to rules in the Input Output (FIO) section of the CERT C++ Secure Coding Standard. Since not all rules map to specific weaknesses, this category may be incomplete.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness ClassWeakness Class22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant37Path Traversal: '/absolute/pathname/here'
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant38Path Traversal: '\absolute\pathname\here'
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant39Path Traversal: 'C:dirname'
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base41Improper Resolution of Path Equivalence
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base59Improper Link Resolution Before File Access ('Link Following')
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant62UNIX Hard Link
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant64Windows Shortcut Following (.LNK)
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant65Windows Hard Link
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant67Improper Handling of Windows Device Names
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness ClassWeakness Class73External Control of File Name or Path
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness ClassWeakness Class119Improper Restriction of Operations within the Bounds of a Memory Buffer
Weaknesses Addressed by the CERT C++ Secure Coding Standard868
ParentOfWeakness BaseWeakness Base134Uncontrolled Format String
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base241Improper Handling of Unexpected Data Type
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant276Incorrect Default Permissions
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness VariantWeakness Variant279Incorrect Execution-Assigned Permissions
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness ClassWeakness Class362Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Weaknesses Addressed by the CERT C++ Secure Coding Standard868
ParentOfWeakness BaseWeakness Base367Time-of-check Time-of-use (TOCTOU) Race Condition
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base379Creation of Temporary File in Directory with Incorrect Permissions
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base391Unchecked Error Condition
Weaknesses Addressed by the CERT C++ Secure Coding Standard868
ParentOfWeakness BaseWeakness Base403Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base404Improper Resource Shutdown or Release
Weaknesses Addressed by the CERT C++ Secure Coding Standard868
ParentOfWeakness BaseWeakness Base552Files or Directories Accessible to External Parties
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness ClassWeakness Class675Duplicate Operations on Resource
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base676Use of Potentially Dangerous Function
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness ClassWeakness Class732Incorrect Permission Assignment for Critical Resource
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
ParentOfWeakness BaseWeakness Base770Allocation of Resources Without Limits or Throttling
Weaknesses Addressed by the CERT C++ Secure Coding Standard868
MemberOfViewView868Weaknesses Addressed by the CERT C++ Secure Coding Standard
Weaknesses Addressed by the CERT C++ Secure Coding Standard (primary)868
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2011-08-04Internal CWE Team
Page Last Updated: February 18, 2014