CWE
Home > CWE List > VIEW GRAPH: CWE-699: Development Concepts (1.6)  

CWE-699: Development Concepts

 
Development Concepts
Definition in a New Window Definition in a New Window
View ID: 699 (View: Graph)Status: Incomplete
+ View Data

View Objective

This view organizes weaknesses around concepts that are frequently used or encountered in software development. Accordingly, this view can align closely with the perspectives of developers, educators, and assessment vendors. It borrows heavily from the organizational structure used by Seven Pernicious Kingdoms, but it also provides a variety of other categories that are intended to simplify navigation, browsing, and mapping.

+ View Metrics
CWEs in this viewTotal CWEs
Total699out of791
Views4out of22
Categories65out of106
Weaknesses621out of651
Compound_Elements9out of12
+ View Audience
StakeholderDescription
Assessment Vendors
Developers
Educators
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberCategoryCategory1Location
Development Concepts (primary)699
HasMemberCategoryCategory504Motivation/Intent
Development Concepts (primary)699
HasMemberViewView629Weaknesses in OWASP Top Ten (2007)
Development Concepts (primary)699
HasMemberViewView631Resource-specific Weaknesses
Development Concepts (primary)699
HasMemberViewView701Weaknesses Introduced During Design
Development Concepts (primary)699
HasMemberViewView702Weaknesses Introduced During Implementation
Development Concepts (primary)699
more
699 - Development Concepts
+CategoryCategoryLocation - (1)Location - (1)
+CategoryCategoryCode - (17)Code - (17)
+CategoryCategoryByte/Object Code - (503)Byte/Object Code - (503)
+CategoryCategorySource Code - (18)Source Code - (18)
+CategoryCategoryChannel and Path Errors - (417)Channel and Path Errors - (417)
+CategoryCategoryData Handling - (19)Data Handling - (19)
+Weakness ClassWeakness ClassImproper Access of Indexable Resource ('Range Error') - (118)Improper Access of Indexable Resource ('Range Error') - (118)
+Weakness ClassWeakness ClassFailure to Constrain Operations within the Bounds of a Memory Buffer - (119)Failure to Constrain Operations within the Bounds of a Memory Buffer - (119)
+Weakness BaseWeakness BaseOut-of-bounds Read - (125)Out-of-bounds Read - (125)
*Weakness VariantWeakness VariantBuffer Over-read - (126)Buffer Over-read - (126)
*Weakness VariantWeakness VariantBuffer Under-read - (127)Buffer Under-read - (127)
+Weakness ClassWeakness ClassImproper Handling of Syntactically Invalid Structure - (228)Improper Handling of Syntactically Invalid Structure - (228)
+Weakness ClassWeakness ClassImproper Input Validation - (20)Improper Input Validation - (20)
+Weakness ClassWeakness ClassFailure to Constrain Operations within the Bounds of a Memory Buffer - (119)Failure to Constrain Operations within the Bounds of a Memory Buffer - (119)
+Weakness BaseWeakness BaseOut-of-bounds Read - (125)Out-of-bounds Read - (125)
*Weakness VariantWeakness VariantBuffer Over-read - (126)Buffer Over-read - (126)
*Weakness VariantWeakness VariantBuffer Under-read - (127)Buffer Under-read - (127)
+Weakness ClassWeakness ClassFailure to Sanitize Data into a Different Plane ('Injection') - (74)Failure to Sanitize Data into a Different Plane ('Injection') - (74)
+Weakness BaseWeakness BaseFailure to Preserve Web Page Structure ('Cross-site Scripting') - (79)Failure to Preserve Web Page Structure ('Cross-site Scripting') - (79)
+Weakness ClassWeakness ClassImproper Sanitization of Special Elements - (138)Improper Sanitization of Special Elements - (138)
+Weakness ClassWeakness ClassFailure to Sanitize Special Element - (159)Failure to Sanitize Special Element - (159)
+CategoryCategoryPathname Traversal and Equivalence Errors - (21)Pathname Traversal and Equivalence Errors - (21)
+Weakness BaseWeakness BaseImproper Handling of File Names that Identify Virtual Resources - (66)Improper Handling of File Names that Identify Virtual Resources - (66)
+Weakness BaseWeakness BaseImproper Link Resolution Before File Access ('Link Following') - (59)Improper Link Resolution Before File Access ('Link Following') - (59)
+Weakness BaseWeakness BaseImproper Resolution of Path Equivalence - (41)Improper Resolution of Path Equivalence - (41)
+Weakness ClassWeakness ClassPath Traversal - (22)Path Traversal - (22)
+Weakness BaseWeakness BaseRelative Path Traversal - (23)Relative Path Traversal - (23)
*Weakness BaseWeakness BaseProcess Control - (114)Process Control - (114)
+CategoryCategoryTechnology-Specific Input Validation Problems - (100)Technology-Specific Input Validation Problems - (100)
+CategoryCategoryInformation Management Errors - (199)Information Management Errors - (199)
+Weakness ClassWeakness ClassInformation Leak (Information Disclosure) - (200)Information Leak (Information Disclosure) - (200)
+Weakness BaseWeakness BaseError Message Information Leak - (209)Error Message Information Leak - (209)
+Weakness BaseWeakness BaseFile and Directory Information Leaks - (538)File and Directory Information Leaks - (538)
+CategoryCategoryNumeric Errors - (189)Numeric Errors - (189)
*Weakness BaseWeakness BaseWrap-around Error - (128)Wrap-around Error - (128)
+CategoryCategoryRepresentation Errors - (137)Representation Errors - (137)
+CategoryCategoryCleansing, Canonicalization, and Comparison Errors - (171)Cleansing, Canonicalization, and Comparison Errors - (171)
*Weakness BaseWeakness BaseIncomplete Blacklist - (184)Incomplete Blacklist - (184)
*Weakness BaseWeakness BasePartial Comparison - (187)Partial Comparison - (187)
*Weakness BaseWeakness BasePermissive Whitelist - (183)Permissive Whitelist - (183)
+Weakness ClassWeakness ClassImproper Handling of Syntactically Invalid Structure - (228)Improper Handling of Syntactically Invalid Structure - (228)
+Weakness ClassWeakness ClassImproper Sanitization of Special Elements - (138)Improper Sanitization of Special Elements - (138)
+Weakness ClassWeakness ClassFailure to Sanitize Special Element - (159)Failure to Sanitize Special Element - (159)
+CategoryCategoryError Handling - (388)Error Handling - (388)
+CategoryCategoryError Conditions, Return Values, Status Codes - (389)Error Conditions, Return Values, Status Codes - (389)
+Weakness ClassWeakness ClassFailure to Fulfill API Contract ('API Abuse') - (227)Failure to Fulfill API Contract ('API Abuse') - (227)
+Weakness ClassWeakness ClassFailure to Follow Specification - (573)Failure to Follow Specification - (573)
+CategoryCategoryOften Misused: Arguments and Parameters - (559)Often Misused: Arguments and Parameters - (559)
*Weakness BaseWeakness BaseUncaught Exception - (248)Uncaught Exception - (248)
+CategoryCategoryHandler Errors - (429)Handler Errors - (429)
+Weakness ClassWeakness ClassIndicator of Poor Code Quality - (398)Indicator of Poor Code Quality - (398)
+Weakness VariantWeakness VariantDead Code - (561)Dead Code - (561)
*Weakness VariantWeakness VariantEmpty Synchronized Block - (585)Empty Synchronized Block - (585)
+CategoryCategoryExpression Issues - (569)Expression Issues - (569)
*Weakness VariantWeakness VariantReachable Assertion - (617)Reachable Assertion - (617)
+CategoryCategoryResource Management Errors - (399)Resource Management Errors - (399)
*Weakness VariantWeakness VariantDouble Free - (415)Double Free - (415)
+Weakness BaseWeakness BaseUncontrolled Resource Consumption ('Resource Exhaustion') - (400)Uncontrolled Resource Consumption ('Resource Exhaustion') - (400)
*Weakness BaseWeakness BaseUse After Free - (416)Use After Free - (416)
+CategoryCategoryChannel and Path Errors - (417)Channel and Path Errors - (417)
*Weakness VariantWeakness VariantSuspicious Comment - (546)Suspicious Comment - (546)
*Weakness VariantWeakness VariantUnused Variable - (563)Unused Variable - (563)
+CategoryCategoryInitialization and Cleanup Errors - (452)Initialization and Cleanup Errors - (452)
+Weakness ClassWeakness ClassInsufficient Encapsulation - (485)Insufficient Encapsulation - (485)
*Weakness BaseWeakness BaseLeftover Debug Code - (489)Leftover Debug Code - (489)
+CategoryCategoryMobile Code Issues - (490)Mobile Code Issues - (490)