CWE
Home > CWE List > VIEW LIST: CWE-630: Weaknesses Examined by SAMATE (1.6)  

CWE-630: Weaknesses Examined by SAMATE

 
Weaknesses Examined by SAMATE
Definition in a New Window Definition in a New Window
View ID: 630 (View: Explicit Slice)Status: Draft
+ View Data

View Objective

CWE nodes in this view (slice) are being focused on by SAMATE.

+ View Metrics
CWEs in this viewTotal CWEs
Total21out of791
Views0out of22
Categories1out of106
Weaknesses20out of651
Compound_Elements0out of12
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
HasMemberWeakness BaseWeakness Base78Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection')
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness VariantWeakness Variant80Improper Sanitization of Script-Related HTML Tags in a Web Page (Basic XSS)
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base89Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection')
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base99Improper Control of Resource Identifiers ('Resource Injection')
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness VariantWeakness Variant121Stack-based Buffer Overflow
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness VariantWeakness Variant122Heap-based Buffer Overflow
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base134Uncontrolled Format String
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base170Improper Null Termination
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness VariantWeakness Variant244Failure to Clear Heap Memory Before Release ('Heap Inspection')
Weaknesses Examined by SAMATE (primary)630
HasMemberCategoryCategory251Often Misused: String Management
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base259Hard-Coded Password
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base367Time-of-check Time-of-use (TOCTOU) Race Condition
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base391Unchecked Error Condition
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base401Failure to Release Memory Before Removing Last Reference ('Memory Leak')
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base412Unrestricted Externally Accessible Lock
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness VariantWeakness Variant415Double Free
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base416Use After Free
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness VariantWeakness Variant457Use of Uninitialized Variable
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base468Incorrect Pointer Scaling
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base476NULL Pointer Dereference
Weaknesses Examined by SAMATE (primary)630
HasMemberWeakness BaseWeakness Base489Leftover Debug Code
Weaknesses Examined by SAMATE (primary)630
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, References, View Structure
more
Weakness VariantWeakness Variant Double Free - (415)
Weakness VariantWeakness Variant Failure to Clear Heap Memory Before Release ('Heap Inspection') - (244)
Weakness BaseWeakness Base Failure to Release Memory Before Removing Last Reference ('Memory Leak') - (401)
Weakness BaseWeakness Base Hard-Coded Password - (259)
Weakness VariantWeakness Variant Heap-based Buffer Overflow - (122)
Weakness BaseWeakness Base Improper Control of Resource Identifiers ('Resource Injection') - (99)
Weakness BaseWeakness Base Improper Null Termination - (170)
Weakness VariantWeakness Variant Improper Sanitization of Script-Related HTML Tags in a Web Page (Basic XSS) - (80)
Weakness BaseWeakness Base Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') - (78)
Weakness BaseWeakness Base Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') - (89)
Weakness BaseWeakness Base Incorrect Pointer Scaling - (468)
Weakness BaseWeakness Base Leftover Debug Code - (489)
Weakness BaseWeakness Base NULL Pointer Dereference - (476)
CategoryCategory Often Misused: String Management - (251)
Weakness VariantWeakness Variant Stack-based Buffer Overflow - (121)
Weakness BaseWeakness Base Time-of-check Time-of-use (TOCTOU) Race Condition - (367)
Weakness BaseWeakness Base Unchecked Error Condition - (391)
Weakness BaseWeakness Base Uncontrolled Format String - (134)
Weakness BaseWeakness Base Unrestricted Externally Accessible Lock - (412)
Weakness BaseWeakness Base Use After Free - (416)
Weakness VariantWeakness Variant Use of Uninitialized Variable - (457)
Page Last Updated: October 29, 2009
 

CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us