Category: CERT C Secure Coding Standard (2008) Chapter 10 - Input Output (FIO)
Obsolete
Summary
Weaknesses in this category are related to the rules and recommendations in the Input Output (FIO) chapter of the CERT C Secure Coding Standard (2008).
Membership
| ID | Name | Description |
|---|---|---|
| CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | This vulnerability occurs when software accesses a memory buffer but reads from or writes to a location outside its allocated boundary. This can corrupt adjacent data, crash the program, or allow attackers to execute arbitrary code. |
| CWE-134 | Use of Externally-Controlled Format String | This vulnerability occurs when a program uses a format string from an untrusted, external source (like user input, a network packet, or a file) in a formatting function (e.g., printf, sprintf). An attacker can craft a malicious format string to read or write memory, potentially crashing the application or executing arbitrary code. |
| CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | This vulnerability occurs when an application builds a file path using user input but fails to properly validate it, allowing an attacker to break out of the intended directory and access files or folders anywhere on the server. |
| CWE-241 | Improper Handling of Unexpected Data Type | This vulnerability occurs when software fails to properly validate or safely process data that arrives in an unexpected format. For example, the system might expect a numeric input but receives text instead, leading to crashes, errors, or security issues. |
| CWE-276 | Incorrect Default Permissions | This vulnerability occurs when software installation scripts set overly permissive file or directory access rights by default. Instead of restricting write access to authorized users or processes, the installation allows unintended actors to modify, delete, or corrupt critical application files. |
| CWE-279 | Incorrect Execution-Assigned Permissions | This vulnerability occurs when a running application incorrectly changes an object's access permissions, overriding the security settings that a user or administrator intentionally configured. |
| CWE-362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') | A race condition occurs when multiple processes or threads access a shared resource simultaneously without proper coordination, creating a timing window where the resource's state can be unexpectedly altered, leading to unpredictable behavior or security vulnerabilities. |
| CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition | This vulnerability occurs when a program verifies a resource's state (like a file's permissions or existence) but then uses it after that state has already changed. The gap between checking and using creates a race window where an attacker can manipulate the resource, causing the program to operate on invalid or malicious data. |
| CWE-37 | Path Traversal: '/absolute/pathname/here' | This vulnerability occurs when an application accepts user input containing absolute file paths (starting with a forward slash like '/etc/passwd') and uses it to access files without proper security checks. Attackers can exploit this to read, write, or delete sensitive files anywhere on the server's filesystem. |
| CWE-379 | Creation of Temporary File in Directory with Insecure Permissions | This vulnerability occurs when an application creates a temporary file in a directory that is too permissive, allowing unauthorized users or processes to see, access, or manipulate the file. |
| CWE-38 | Path Traversal: '\absolute\pathname\here' | This vulnerability occurs when an application accepts user-supplied input containing Windows-style absolute paths (like '\absolute\pathname\here') without proper validation. Attackers can exploit this to navigate outside the intended directory and access or manipulate sensitive files anywhere on the server's file system. |
| CWE-39 | Path Traversal: 'C:dirname' | This vulnerability occurs when an application accepts user input containing Windows drive letters (like 'C:dirname') without proper validation, allowing attackers to redirect file operations to unintended locations or access arbitrary files on the system. |
| CWE-391 | Unchecked Error Condition | This vulnerability occurs when a program fails to properly check or handle error conditions, such as exceptions or return codes. By ignoring these failures, the software can enter an unexpected state that attackers might exploit, often without any logging or user notification. |
| CWE-403 | Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') | This vulnerability occurs when a parent process launches a child process without first closing sensitive file descriptors. The child process inherits these open handles, potentially gaining unauthorized access to files, sockets, or other resources it shouldn't be able to interact with. |
| CWE-404 | Improper Resource Shutdown or Release | This vulnerability occurs when a program fails to properly close or release a system resource—like a file handle, database connection, or memory block—after it's no longer needed, preventing its reuse. |
| CWE-41 | Improper Resolution of Path Equivalence | This vulnerability occurs when an application fails to properly handle different text representations that refer to the same file or directory on the system. Attackers can use special characters or alternative naming conventions to bypass security checks and access restricted files. |
| CWE-552 | Files or Directories Accessible to External Parties | This vulnerability occurs when an application exposes files or directories to users who shouldn't have access to them. |
| CWE-59 | Improper Link Resolution Before File Access ('Link Following') | This vulnerability occurs when an application uses a filename to access a file but fails to properly check if that name points to a symbolic link, shortcut, or junction. This allows an attacker to manipulate the link's target, causing the application to read or write to an unintended, potentially sensitive location. |
| CWE-62 | UNIX Hard Link | This vulnerability occurs when an application opens a file or directory without verifying if the name points to a hard link that leads outside its intended security boundary. Attackers can exploit this to trick the software into accessing or modifying unauthorized system files. |
| CWE-64 | Windows Shortcut Following (.LNK) | This vulnerability occurs when an application opens a file or directory without properly validating that it is a Windows shortcut (.LNK). If the shortcut's target points to a location outside the application's intended security boundary, an attacker can trick the software into accessing unauthorized files. |
| CWE-65 | Windows Hard Link | This vulnerability occurs when a Windows application opens a file or directory without properly verifying if the path points to a hard link. An attacker can exploit this by creating a hard link that redirects the application to access files outside its intended permissions, potentially leading to unauthorized data manipulation. |
| CWE-67 | Improper Handling of Windows Device Names | This vulnerability occurs when an application builds file paths from user input but fails to properly recognize or handle Windows reserved device names like AUX, CON, or COM1. Attackers can exploit this by submitting these special names, which typically causes the application to crash, hang, or leak sensitive information when it tries to access them as regular files. |
| CWE-675 | Multiple Operations on Resource in Single-Operation Context | This vulnerability occurs when a software component performs the same action on a resource multiple times, even though the action is designed to be executed only once. This redundant execution can lead to unintended side effects, data corruption, or resource exhaustion. |
| CWE-676 | Use of Potentially Dangerous Function | This vulnerability occurs when code calls a function that can be dangerous if misused, but can also be used safely with proper precautions. The risk lies not in the function itself, but in how it's implemented. |
| CWE-686 | Function Call With Incorrect Argument Type | This vulnerability occurs when a program calls a function or method but passes an argument of the wrong data type, which can cause unexpected behavior or security flaws. |
| CWE-732 | Incorrect Permission Assignment for Critical Resource | This vulnerability occurs when a system grants overly permissive access to a sensitive resource, allowing unauthorized users or processes to read or alter it. |
| CWE-734 | Weaknesses Addressed by the CERT C Secure Coding Standard (2008) | CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the book "The CERT C Secure Coding Standard" published in 2008. This view is considered obsolete, as a newer version of the coding standard is available. This view statically represents the coding rules as they were in 2008. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.