Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  

CWE-666: Operation on Resource in Wrong Phase of Lifetime

Weakness ID: 666
Abstraction: Base
Status: Draft
Presentation Filter:
+ Description

Description Summary

The software performs an operation on a resource at the wrong phase of the resource's lifecycle, which can lead to unexpected behaviors.

Extended Description

When a developer wants to initialize, use or release a resource, it is important to follow the specifications outlined for how to operate on that resource and to ensure that the resource is in the expected state. In this case, the software wants to perform a normally valid operation, initialization, use or release, on a resource when it is in the incorrect phase of its lifetime.

+ Time of Introduction
  • Implementation
  • Operation
+ Common Consequences

Technical Impact: Other

+ Potential Mitigations

Phase: Architecture and Design

Follow the resource's lifecycle from creation to release.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class664Improper Control of a Resource Through its Lifetime
Research Concepts (primary)1000
ChildOfCategoryCategory840Business Logic Errors
Development Concepts (primary)699
ChildOfCategoryCategory984SFP Secondary Cluster: Life Cycle
Software Fault Pattern (SFP) Clusters (primary)888
ParentOfWeakness VariantWeakness Variant415Double Free
Research Concepts1000
ParentOfWeakness VariantWeakness Variant593Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base605Multiple Binds to the Same Port
Research Concepts1000
ParentOfWeakness BaseWeakness Base672Operation on a Resource after Expiration or Release
Research Concepts (primary)1000
ParentOfWeakness BaseWeakness Base826Premature Release of Resource During Expected Lifetime
Development Concepts (primary)699
Research Concepts (primary)1000
+ Content History
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Potential_Mitigations, Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Description
2010-09-27CWE Content TeamMITREInternal
updated Relationships
2011-03-29CWE Content TeamMITREInternal
updated Relationships
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Relationships
2012-10-30CWE Content TeamMITREInternal
updated Potential_Mitigations
2014-07-30CWE Content TeamMITREInternal
updated Relationships

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017