Home > CWE List > VIEW SLICE: CWE-844: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011) (4.16) |
|
CWE VIEW: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)
CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the book "The CERT Oracle Secure Coding Standard for Java" published in 2011. This view is considered obsolete as a newer version of the coding standard is available.
The following graph shows the tree-like relationships between
weaknesses that exist at different levels of abstraction. At the highest level, categories
and pillars exist to group weaknesses. Categories (which are not technically weaknesses) are
special CWE entries used to group weaknesses that share a common characteristic. Pillars are
weaknesses that are described in the most abstract fashion. Below these top-level entries
are weaknesses are varying levels of abstraction. Classes are still very abstract, typically
independent of any specific language or technology. Base level weaknesses are used to
present a more specific type of weakness. A variant is a weakness that is described at a
very low level of detail, typically limited to a specific language or technology. A chain is
a set of weaknesses that must be reachable consecutively in order to produce an exploitable
vulnerability. While a composite is a set of weaknesses that must all be present
simultaneously in order to produce an exploitable vulnerability.
Show Details:
844 - Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS))
Weaknesses in this category are related to rules in the Input Validation and Data Sanitization (IDS) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
116
(Improper Encoding or Escaping of Output)
The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.
Output Sanitization
Output Validation
Output Encoding
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
134
(Use of Externally-Controlled Format String)
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
144
(Improper Neutralization of Line Delimiters)
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as line delimiters when they are sent to a downstream component.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
150
(Improper Neutralization of Escape, Meta, or Control Sequences)
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
180
(Incorrect Behavior Order: Validate Before Canonicalize)
The product validates input before it is canonicalized, which prevents the product from detecting data that becomes invalid after the canonicalization step.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
182
(Collapse of Data into Unsafe Value)
The product filters data in a way that causes it to be reduced or "collapsed" into an unsafe value that violates an expected security property.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
289
(Authentication Bypass by Alternate Name)
The product performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
409
(Improper Handling of Highly Compressed Data (Data Amplification))
The product does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
625
(Permissive Regular Expression)
The product uses a regular expression that does not sufficiently restrict the set of allowed values.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
647
(Use of Non-Canonical URL Paths for Authorization Decisions)
The product defines policy namespaces and makes authorization decisions based on the assumption that a URL is canonical. This can allow a non-canonical URL to bypass the authorization.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
78
(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'))
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Shell injection
Shell metacharacters
OS Command Injection
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
845
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)) >
838
(Inappropriate Encoding for Output Context)
The product uses or specifies an encoding when generating output to a downstream component, but the specified encoding is not the same as the encoding that is expected by the downstream component.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
846
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 3 - Declarations and Initialization (DCL))
Weaknesses in this category are related to rules in the Declarations and Initialization (DCL) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
846
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 3 - Declarations and Initialization (DCL)) >
665
(Improper Initialization)
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
847
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 4 - Expressions (EXP))
Weaknesses in this category are related to rules in the Expressions (EXP) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
847
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 4 - Expressions (EXP)) >
252
(Unchecked Return Value)
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
847
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 4 - Expressions (EXP)) >
479
(Signal Handler Use of a Non-reentrant Function)
The product defines a signal handler that calls a non-reentrant function.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
847
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 4 - Expressions (EXP)) >
595
(Comparison of Object References Instead of Object Contents)
The product compares object references instead of the contents of the objects themselves, preventing it from detecting equivalent objects.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
847
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 4 - Expressions (EXP)) >
597
(Use of Wrong Operator in String Comparison)
The product uses the wrong operator when comparing a string, such as using "==" when the .equals() method should be used instead.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
848
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 5 - Numeric Types and Operations (NUM))
Weaknesses in this category are related to rules in the Numeric Types and Operations (NUM) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
848
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 5 - Numeric Types and Operations (NUM)) >
197
(Numeric Truncation Error)
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
848
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 5 - Numeric Types and Operations (NUM)) >
369
(Divide By Zero)
The product divides a value by zero.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
848
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 5 - Numeric Types and Operations (NUM)) >
681
(Incorrect Conversion between Numeric Types)
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ))
Weaknesses in this category are related to rules in the Object Orientation (OBJ) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
374
(Passing Mutable Objects to an Untrusted Method)
The product sends non-cloned mutable data as an argument to a method or function.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
375
(Returning a Mutable Object to an Untrusted Caller)
Sending non-cloned mutable data as a return value may result in that data being altered or deleted by the calling function.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
486
(Comparison of Classes by Name)
The product compares classes by name, which can cause it to use the wrong class when multiple classes can have the same name.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
491
(Public cloneable() Method Without Final ('Object Hijack'))
A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
492
(Use of Inner Class Containing Sensitive Data)
Inner classes are translated into classes that are accessible at package scope and may expose code that the programmer intended to keep private to attackers.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
493
(Critical Public Variable Without Final Modifier)
The product has a critical public variable that is not final, which allows the variable to be modified to contain unexpected values.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
498
(Cloneable Class Containing Sensitive Information)
The code contains a class with sensitive data, but the class is cloneable. The data can then be accessed by cloning the class.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
500
(Public Static Field Not Marked Final)
An object contains a public static field that is not marked final, which might allow it to be modified in unexpected ways.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
582
(Array Declared Public, Final, and Static)
The product declares an array public, final, and static, which is not sufficient to prevent the array's contents from being modified.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
849
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)) >
766
(Critical Data Element Declared Public)
The product declares a critical variable, field, or member to be public when intended security policy requires it to be private.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET))
Weaknesses in this category are related to rules in the Methods (MET) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
487
(Reliance on Package-level Scope)
Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
568
(finalize() Method Without super.finalize())
The product contains a finalize() method that does not call super.finalize().
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
573
(Improper Following of Specification by Caller)
The product does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
581
(Object Model Violation: Just One of Equals and Hashcode Defined)
The product does not maintain equal hashcodes for equal objects.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
583
(finalize() Method Declared Public)
The product violates secure coding principles for mobile code by declaring a finalize() method public.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
586
(Explicit Call to Finalize())
The product makes an explicit call to the finalize() method from outside the finalizer.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
589
(Call to Non-ubiquitous API)
The product uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
850
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)) >
617
(Reachable Assertion)
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
assertion failure
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR))
Weaknesses in this category are related to rules in the Exceptional Behavior (ERR) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
209
(Generation of Error Message Containing Sensitive Information)
The product generates an error message that includes sensitive information about its environment, users, or associated data.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
230
(Improper Handling of Missing Values)
The product does not handle or incorrectly handles when a parameter, field, or argument name is specified, but the associated value is missing, i.e. it is empty, blank, or null.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
232
(Improper Handling of Undefined Values)
The product does not handle or incorrectly handles when a value is not defined or supported for the associated parameter, field, or argument name.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
248
(Uncaught Exception)
An exception is thrown from a function, but it is not caught.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
382
(J2EE Bad Practices: Use of System.exit())
A J2EE application uses System.exit(), which also shuts down its container.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
390
(Detection of Error Condition Without Action)
The product detects a specific error, but takes no actions to handle the error.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
395
(Use of NullPointerException Catch to Detect NULL Pointer Dereference)
Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
397
(Declaration of Throws for Generic Exception)
Throwing overly broad exceptions promotes complex error handling code that is more likely to contain security vulnerabilities.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
460
(Improper Cleanup on Thrown Exception)
The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
497
(Exposure of Sensitive System Information to an Unauthorized Control Sphere)
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
584
(Return Inside Finally Block)
The code has a return statement inside a finally block, which will cause any thrown exception in the try block to be discarded.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
600
(Uncaught Exception in Servlet )
The Servlet does not catch all exceptions, which may reveal sensitive debugging information.
Missing Catch Block
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
690
(Unchecked Return Value to NULL Pointer Dereference)
The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
703
(Improper Check or Handling of Exceptional Conditions)
The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
851
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)) >
705
(Incorrect Control Flow Scoping)
The product does not properly return control flow to the proper location after it has completed a task or detected an unusual condition.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
852
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA))
Weaknesses in this category are related to rules in the Visibility and Atomicity (VNA) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
852
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA)) >
362
(Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'))
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Race Condition
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
852
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA)) >
366
(Race Condition within a Thread)
If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
852
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA)) >
413
(Improper Resource Locking)
The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
852
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA)) >
567
(Unsynchronized Access to Shared Data in a Multithreaded Context)
The product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
852
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA)) >
662
(Improper Synchronization)
The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
852
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA)) >
667
(Improper Locking)
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
853
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK))
Weaknesses in this category are related to rules in the Locking (LCK) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
853
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK)) >
412
(Unrestricted Externally Accessible Lock)
The product properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
853
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK)) >
413
(Improper Resource Locking)
The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
853
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK)) >
609
(Double-Checked Locking)
The product uses double-checked locking to access a resource without the overhead of explicit synchronization, but the locking is insufficient.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
853
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK)) >
667
(Improper Locking)
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
853
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK)) >
820
(Missing Synchronization)
The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
853
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK)) >
833
(Deadlock)
The product contains multiple threads or executable segments that are waiting for each other to release a necessary lock, resulting in deadlock.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
854
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 11 - Thread APIs (THI))
Weaknesses in this category are related to rules in the Thread APIs (THI) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
854
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 11 - Thread APIs (THI)) >
572
(Call to Thread run() instead of start())
The product calls a thread's run() method instead of calling start(), which causes the code to run in the thread of the caller instead of the callee.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
854
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 11 - Thread APIs (THI)) >
705
(Incorrect Control Flow Scoping)
The product does not properly return control flow to the proper location after it has completed a task or detected an unusual condition.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
855
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 12 - Thread Pools (TPS))
Weaknesses in this category are related to rules in the Thread Pools (TPS) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
855
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 12 - Thread Pools (TPS)) >
392
(Missing Report of Error Condition)
The product encounters an error but does not provide a status code or return value to indicate that an error has occurred.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
855
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 12 - Thread Pools (TPS)) >
405
(Asymmetric Resource Consumption (Amplification))
The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
855
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 12 - Thread Pools (TPS)) >
410
(Insufficient Resource Pool)
The product's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
856
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 13 - Thread-Safety Miscellaneous (TSM))
Weaknesses in this category are related to rules in the Thread-Safety Miscellaneous (TSM) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO))
Weaknesses in this category are related to rules in the Input Output (FIO) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
135
(Incorrect Calculation of Multi-Byte String Length)
The product does not correctly calculate the length of strings that can contain wide or multi-byte characters.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
198
(Use of Incorrect Byte Ordering)
The product receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causing an incorrect number or value to be used.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
276
(Incorrect Default Permissions)
During installation, installed file permissions are set to allow anyone to modify those files.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
279
(Incorrect Execution-Assigned Permissions)
While it is executing, the product sets the permissions of an object in a way that violates the intended permissions that have been specified by the user.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
359
(Exposure of Private Personal Information to an Unauthorized Actor)
The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.
Privacy violation
Privacy leak
Privacy leakage
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
377
(Insecure Temporary File)
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
404
(Improper Resource Shutdown or Release)
The product does not release or incorrectly releases a resource before it is made available for re-use.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
405
(Asymmetric Resource Consumption (Amplification))
The product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
459
(Incomplete Cleanup)
The product does not properly "clean up" and remove temporary or supporting resources after they have been used.
Insufficient Cleanup
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
532
(Insertion of Sensitive Information into Log File)
The product writes sensitive information to a log file.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
67
(Improper Handling of Windows Device Names)
The product constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a Windows device name such as AUX or CON. This typically leads to denial of service or an information exposure when the application attempts to process the pathname as a regular file.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
732
(Incorrect Permission Assignment for Critical Resource)
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
857
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)) >
770
(Allocation of Resources Without Limits or Throttling)
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER))
Weaknesses in this category are related to rules in the Serialization (SER) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)) >
250
(Execution with Unnecessary Privileges)
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)) >
319
(Cleartext Transmission of Sensitive Information)
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)) >
400
(Uncontrolled Resource Consumption)
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Resource Exhaustion
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)) >
499
(Serializable Class Containing Sensitive Data)
The code contains a class with sensitive data, but the class does not explicitly deny serialization. The data can be accessed by serializing the class through another class.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)) >
502
(Deserialization of Untrusted Data)
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Marshaling, Unmarshaling
Pickling, Unpickling
PHP Object Injection
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)) >
589
(Call to Non-ubiquitous API)
The product uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
858
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)) >
770
(Allocation of Resources Without Limits or Throttling)
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC))
Weaknesses in this category are related to rules in the Platform Security (SEC) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
111
(Direct Use of Unsafe JNI)
When a Java application uses the Java Native Interface (JNI) to call code written in another programming language, it can expose the application to weaknesses in that code, even if those weaknesses cannot occur in Java.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
266
(Incorrect Privilege Assignment)
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
272
(Least Privilege Violation)
The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
300
(Channel Accessible by Non-Endpoint)
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
Adversary-in-the-Middle / AITM
Man-in-the-Middle / MITM
Person-in-the-Middle / PITM
Monkey-in-the-Middle
Monster-in-the-Middle
Manipulator-in-the-Middle
On-path attack
Interception attack
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
302
(Authentication Bypass by Assumed-Immutable Data)
The authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
319
(Cleartext Transmission of Sensitive Information)
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
347
(Improper Verification of Cryptographic Signature)
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
470
(Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection'))
The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.
Reflection Injection
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
494
(Download of Code Without Integrity Check)
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
732
(Incorrect Permission Assignment for Critical Resource)
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
859
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)) >
807
(Reliance on Untrusted Inputs in a Security Decision)
The product uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
860
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 17 - Runtime Environment (ENV))
Weaknesses in this category are related to rules in the Runtime Environment (ENV) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
860
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 17 - Runtime Environment (ENV)) >
349
(Acceptance of Extraneous Untrusted Data With Trusted Data)
The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
860
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 17 - Runtime Environment (ENV)) >
732
(Incorrect Permission Assignment for Critical Resource)
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC))
Weaknesses in this category are related to rules in the Miscellaneous (MSC) chapter of The CERT Oracle Secure Coding Standard for Java (2011).
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
259
(Use of Hard-coded Password)
The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
311
(Missing Encryption of Sensitive Data)
The product does not encrypt sensitive or critical information before storage or transmission.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
330
(Use of Insufficiently Random Values)
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
332
(Insufficient Entropy in PRNG)
The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
333
(Improper Handling of Insufficient Entropy in TRNG)
True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
336
(Same Seed in Pseudo-Random Number Generator (PRNG))
A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
337
(Predictable Seed in Pseudo-Random Number Generator (PRNG))
A Pseudo-Random Number Generator (PRNG) is initialized from a predictable seed, such as the process ID or system time.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
400
(Uncontrolled Resource Consumption)
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Resource Exhaustion
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
401
(Missing Release of Memory after Effective Lifetime)
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.
Memory Leak
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
543
(Use of Singleton Pattern Without Synchronization in a Multithreaded Context)
The product uses the singleton pattern when creating a resource within a multithreaded environment.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
770
(Allocation of Resources Without Limits or Throttling)
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
![]() ![]()
844
(Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)) >
861
(The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)) >
798
(Use of Hard-coded Credentials)
The product contains hard-coded credentials, such as a password or cryptographic key.
Relationship
The relationships in this view were determined based on specific statements within the rules from the standard. Not all rules have direct relationships to individual weaknesses, although they likely have chaining relationships in specific circumstances.
View ComponentsA | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.
![]()
![]() ![]()
![]() ![]()
![]() ![]()
![]()
![]() Languages Class: Not Language-Specific (Undetermined Prevalence)
![]()
CWE-770: Allocation of Resources Without Limits or Throttling
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
Code frequently has to work with limited resources, so programmers must be careful to ensure that resources are not consumed too quickly, or too easily. Without use of quotas, resource limits, or other protection mechanisms, it can be easy for an attacker to consume many resources by rapidly making many requests, or causing larger resources to be used than is needed. When too many resources are allocated, or if a single resource is too large, then it can prevent the code from working correctly, possibly leading to a denial of service. ![]()
![]() ![]()
![]() ![]()
![]() ![]()
![]() ![]()
![]()
![]() Languages Class: Not Language-Specific (Often Prevalent) Example 1 This code allocates a socket and forks each time it receives a new connection. (bad code)
Example Language: C
sock=socket(AF_INET, SOCK_STREAM, 0);
while (1) { newsock=accept(sock, ...); }printf("A connection has been accepted\n"); pid = fork(); The program does not track how many connections have been made, and it does not limit the number of connections. Because forking is a relatively expensive operation, an attacker would be able to cause the system to run out of CPU, processes, or memory by making a large number of connections. Alternatively, an attacker could consume all available connections, preventing others from accessing the system remotely. Example 2 In the following example a server socket connection is used to accept a request to store data on the local file system using a specified filename. The method openSocketConnection establishes a server socket to accept requests from a client. When a client establishes a connection to this service the getNextMessage method is first used to retrieve from the socket the name of the file to store the data, the openFileToWrite method will validate the filename and open a file to write to on the local file system. The getNextMessage is then used within a while loop to continuously read data from the socket and output the data to the file until there is no longer any data from the socket. (bad code)
Example Language: C
int writeDataFromSocketToFile(char *host, int port)
{ char filename[FILENAME_SIZE]; char buffer[BUFFER_SIZE]; int socket = openSocketConnection(host, port); if (socket < 0) { printf("Unable to open socket connection"); }return(FAIL); if (getNextMessage(socket, filename, FILENAME_SIZE) > 0) { if (openFileToWrite(filename) > 0) {
while (getNextMessage(socket, buffer, BUFFER_SIZE) > 0){
if (!(writeToFile(buffer) > 0)) }break;
closeFile(); closeSocket(socket); This example creates a situation where data can be dumped to a file on the local file system without any limits on the size of the file. This could potentially exhaust file or disk resources and/or limit other clients' ability to access the service. Example 3 In the following example, the processMessage method receives a two dimensional character array containing the message to be processed. The two-dimensional character array contains the length of the message in the first character array and the message body in the second character array. The getMessageLength method retrieves the integer value of the length from the first character array. After validating that the message length is greater than zero, the body character array pointer points to the start of the second character array of the two-dimensional character array and memory is allocated for the new body character array. (bad code)
Example Language: C
/* process message accepts a two-dimensional character array of the form [length][body] containing the message to be processed */ int processMessage(char **message) { char *body;
int length = getMessageLength(message[0]); if (length > 0) { body = &message[1][0]; }processMessageBody(body); return(SUCCESS); else { printf("Unable to process message; invalid message length"); }return(FAIL); This example creates a situation where the length of the body character array can be very large and will consume excessive memory, exhausting system resources. This can be avoided by restricting the length of the second character array with a maximum length check Also, consider changing the type from 'int' to 'unsigned int', so that you are always guaranteed that the number is positive. This might not be possible if the protocol specifically requires allowing negative values, or if you cannot control the return value from getMessageLength(), but it could simplify the check to ensure the input is positive, and eliminate other errors such as signed-to-unsigned conversion errors (CWE-195) that may occur elsewhere in the code. (good code)
Example Language: C
unsigned int length = getMessageLength(message[0]);
if ((length > 0) && (length < MAX_LENGTH)) {...} Example 4 In the following example, a server object creates a server socket and accepts client connections to the socket. For every client connection to the socket a separate thread object is generated using the ClientSocketThread class that handles request made by the client through the socket. (bad code)
Example Language: Java
public void acceptConnections() {
try {
ServerSocket serverSocket = new ServerSocket(SERVER_PORT);
int counter = 0; boolean hasConnections = true; while (hasConnections) { Socket client = serverSocket.accept(); }Thread t = new Thread(new ClientSocketThread(client)); t.setName(client.getInetAddress().getHostName() + ":" + counter++); t.start(); serverSocket.close(); } catch (IOException ex) {...} In this example there is no limit to the number of client connections and client threads that are created. Allowing an unlimited number of client connections and threads could potentially overwhelm the system and system resources. The server should limit the number of client connections and the client threads that are created. This can be easily done by creating a thread pool object that limits the number of threads that are generated. (good code)
Example Language: Java
public static final int SERVER_PORT = 4444;
public static final int MAX_CONNECTIONS = 10; ... public void acceptConnections() { try {
ServerSocket serverSocket = new ServerSocket(SERVER_PORT);
int counter = 0; boolean hasConnections = true; while (hasConnections) { hasConnections = checkForMoreConnections(); }Socket client = serverSocket.accept(); Thread t = new Thread(new ClientSocketThread(client)); t.setName(client.getInetAddress().getHostName() + ":" + counter++); ExecutorService pool = Executors.newFixedThreadPool(MAX_CONNECTIONS); pool.execute(t); serverSocket.close(); } catch (IOException ex) {...} Example 5 An unnamed web site allowed a user to purchase tickets for an event. A menu option allowed the user to purchase up to 10 tickets, but the back end did not restrict the actual number of tickets that could be purchased.
Example 6 Here the problem is that every time a connection is made, more memory is allocated. So if one just opened up more and more connections, eventually the machine would run out of memory. (bad code)
Example Language: C
bar connection() {
foo = malloc(1024); }return foo; endConnection(bar foo) { free(foo); }int main() { while(1) { }foo=connection(); }endConnection(foo)
![]()
Relationship
This entry is different from uncontrolled resource consumption (CWE-400) in that there are other weaknesses that are related to inability to control resource consumption, such as holding on to a resource too long after use, or not correctly keeping track of active resources so that they can be managed and released when they are finished (CWE-771).
Theoretical
Vulnerability theory is largely about how behaviors and resources interact. "Resource exhaustion" can be regarded as either a consequence or an attack, depending on the perspective. This entry is an attempt to reflect one of the underlying weaknesses that enable these attacks (or consequences) to take place.
CWE-582: Array Declared Public, Final, and Static
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe product declares an array public, final, and static, which is not sufficient to prevent the array's contents from being modified.
Because arrays are mutable objects, the final constraint requires that the array object itself be assigned only once, but makes no guarantees about the values of the array elements. Since the array is public, a malicious program can change the values stored in the array. As such, in most cases an array declared public, final and static is a bug.
![]()
![]() ![]()
![]()
![]() Languages Java (Undetermined Prevalence) Example 1 The following Java Applet code mistakenly declares an array public, final and static. (bad code)
Example Language: Java
public final class urlTool extends Applet {
public final static URL[] urls; }...
![]()
CWE-405: Asymmetric Resource Consumption (Amplification)
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe product does not properly control situations in which an adversary can cause the product to consume or produce excessive resources without requiring the adversary to invest equivalent work or otherwise prove authorization, i.e., the adversary's influence is "asymmetric."
This can lead to poor performance due to "amplification" of resource consumption, typically in a non-linear fashion. This situation is worsened if the product allows malicious users or attackers to consume more resources than their access level permits.
![]()
![]() ![]()
![]()
![]() Languages Class: Not Language-Specific (Undetermined Prevalence) Operating Systems Class: Not OS-Specific (Undetermined Prevalence) Architectures Class: Not Architecture-Specific (Undetermined Prevalence) Technologies Class: Not Technology-Specific (Undetermined Prevalence) Class: Client Server (Undetermined Prevalence) Example 1 This code listens on a port for DNS requests and sends the result to the requesting address. (bad code)
Example Language: Python
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.bind( (UDP_IP,UDP_PORT) ) while true: data = sock.recvfrom(1024)
if not data: break
(requestIP, nameToResolve) = parseUDPpacket(data) record = resolveName(nameToResolve) sendResponse(requestIP,record) This code sends a DNS record to a requesting IP address. UDP allows the source IP address to be easily changed ('spoofed'), thus allowing an attacker to redirect responses to a target, which may be then be overwhelmed by the network traffic. Example 2 This function prints the contents of a specified file requested by a user. (bad code)
Example Language: PHP
function printFile($username,$filename){
//read file into string $file = file_get_contents($filename); if ($file && isOwnerOf($username,$filename)){ echo $file; }return true; else{ echo 'You are not authorized to view this file'; }return false; This code first reads a specified file into memory, then prints the file if the user is authorized to see its contents. The read of the file into memory may be resource intensive and is unnecessary if the user is not allowed to see the file anyway. Example 3 The DTD and the very brief XML below illustrate what is meant by an XML bomb. The ZERO entity contains one character, the letter A. The choice of entity name ZERO is being used to indicate length equivalent to that exponent on two, that is, the length of ZERO is 2^0. Similarly, ONE refers to ZERO twice, therefore the XML parser will expand ONE to a length of 2, or 2^1. Ultimately, we reach entity THIRTYTWO, which will expand to 2^32 characters in length, or 4 GB, probably consuming far more data than expected. (attack code)
Example Language: XML
<?xml version="1.0"?>
<!DOCTYPE MaliciousDTD [ <!ENTITY ZERO "A"> <!ENTITY ONE "&ZERO;&ZERO;"> <!ENTITY TWO "&ONE;&ONE;"> ... <!ENTITY THIRTYTWO "&THIRTYONE;&THIRTYONE;"> ]> <data>&THIRTYTWO;</data> Example 4 This example attempts to check if an input string is a "sentence" [REF-1164]. (bad code)
Example Language: JavaScript
var test_string = "Bad characters: $@#";
var bad_pattern = /^(\w+\s?)*$/i; var result = test_string.search(bad_pattern); The regular expression has a vulnerable backtracking clause inside (\w+\s?)*$ which can be triggered to cause a Denial of Service by processing particular phrases. To fix the backtracking problem, backtracking is removed with the ?= portion of the expression which changes it to a lookahead and the \2 which prevents the backtracking. The modified example is: (good code)
Example Language: JavaScript
var test_string = "Bad characters: $@#";
var good_pattern = /^((?=(\w+))\2\s?)*$/i; var result = test_string.search(good_pattern); Note that [REF-1164] has a more thorough (and lengthy) explanation of everything going on within the RegEx. Example 5 An adversary can cause significant resource consumption on a server by filtering the cryptographic algorithms offered by the client to the ones that are the most resource-intensive on the server side. After discovering which cryptographic algorithms are supported by the server, a malicious client can send the initial cryptographic handshake messages that contains only the resource-intensive algorithms. For some cryptographic protocols, these messages can be completely prefabricated, as the resource-intensive part of the handshake happens on the server-side first (such as TLS), rather than on the client side. In the case of cryptographic protocols where the resource-intensive part should happen on the client-side first (such as SSH), a malicious client can send a forged/precalculated computation result, which seems correct to the server, so the resource-intensive part of the handshake is going to happen on the server side. A malicious client is required to send only the initial messages of a cryptographic handshake to initiate the resource-consuming part of the cryptographic handshake. These messages are usually small, and generating them requires minimal computational effort, enabling a denial-of-service attack. An additional risk is the fact that higher key size increases the effectiveness of the attack. Cryptographic protocols where the clients have influence over the size of the used key (such as TLS 1.3 or SSH) are most at risk, as the client can enforce the highest key size supported by the server.
![]()
CWE-289: Authentication Bypass by Alternate Name
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe product performs authentication based on the name of a resource being accessed, or the name of the actor performing the access, but it does not properly check all possible names for that resource or actor.
![]()
![]() ![]()
![]() ![]()
![]() ![]()
![]()
![]() Languages Class: Not Language-Specific (Undetermined Prevalence)
![]()
Relationship
Overlaps equivalent encodings, canonicalization, authorization, multiple trailing slash, trailing space, mixed case, and other equivalence issues.
Theoretical
Alternate names are useful in data driven manipulation attacks, not just for authentication.
CWE-302: Authentication Bypass by Assumed-Immutable Data
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe authentication scheme or implementation uses key data elements that are assumed to be immutable, but can be controlled or modified by the attacker.
![]()
![]() ![]()
![]() ![]()
![]()
![]() Languages Class: Not Language-Specific (Undetermined Prevalence) Example 1 In the following example, an "authenticated" cookie is used to determine whether or not a user should be granted access to a system. (bad code)
Example Language: Java
boolean authenticated = new Boolean(getCookieValue("authenticated")).booleanValue();
if (authenticated) { ... }Modifying the value of a cookie on the client-side is trivial, but many developers assume that cookies are essentially immutable.
![]()
CWE-589: Call to Non-ubiquitous API
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe product uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial of service or other consequences.
Some functions that offer security features supported by the OS are not available on all versions of the OS in common use. Likewise, functions are often deprecated or made obsolete for security reasons and should not be used.
![]()
![]() ![]()
![]()
![]()
CWE-572: Call to Thread run() instead of start()
View customized information:
For users who are interested in more notional aspects of a weakness. Example: educators, technical writers, and project/program managers.
For users who are concerned with the practical application and details about the nature of a weakness and how to prevent it from happening. Example: tool developers, security researchers, pen-testers, incident response analysts.
For users who are mapping an issue to CWE/CAPEC IDs, i.e., finding the most appropriate CWE for a specific issue (e.g., a CVE record). Example: tool developers, security researchers.
For users who wish to see all available information for the CWE/CAPEC entry.
For users who want to customize what details are displayed.
×
Edit Custom FilterThe product calls a thread's run() method instead of calling start(), which causes the code to run in the thread of the caller instead of the callee.
In most cases a direct call to a Thread object's run() method is a bug. The programmer intended to begin a new thread of control, but accidentally called run() instead of start(), so the run() method will execute in the caller's thread of control.
![]()
![]() ![]()
![]()
![]() Languages Java (Undetermined Prevalence) Example 1 The following excerpt from a Java program mistakenly calls run() instead of start(). (bad code)
Example Language: Java
Thread thr = new Thread() {
public void run() { };... }thr.run();
![]()
|