Category: SFP Primary Cluster: Malware
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Malware cluster.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-506 | Embedded Malicious Code | This vulnerability occurs when an application or codebase contains intentionally harmful code inserted by a developer or third party. |
| CWE-507 | Trojan Horse | A Trojan Horse vulnerability occurs when software presents itself as legitimate and useful, but secretly contains malicious functionality that bypasses security controls. This hidden code operates without the user's knowledge, violating the intended security policy of the system or its administrator. |
| CWE-508 | Non-Replicating Malicious Code | This type of malicious code is designed to operate only on the specific system it initially infects. Unlike viruses or worms, it does not contain mechanisms to copy itself or spread to other devices or networks. |
| CWE-509 | Replicating Malicious Code (Virus or Worm) | This weakness describes software that is vulnerable to infection by self-replicating malicious programs like viruses or worms. Once such malware compromises a system, it can use that system as a launchpad to automatically spread and attack others. |
| CWE-510 | Trapdoor | A trapdoor, often called a backdoor, is a hidden piece of code intentionally placed within software. It activates in response to a specific, often secret, input—like a special password or sequence—bypassing standard authentication and authorization checks to grant unauthorized access. |
| CWE-511 | Logic/Time Bomb | A logic or time bomb is malicious code intentionally placed within software to trigger harmful actions when a specific condition is met or a predetermined time is reached. |
| CWE-512 | Spyware | Spyware is software that secretly gathers personal information about a user or their activities. It does this by accessing data from other sources on the system, without the user's direct input or explicit consent. |
| CWE-69 | Improper Handling of Windows ::DATA Alternate Data Stream | This vulnerability occurs when an application fails to properly secure or monitor Windows Alternate Data Streams (ADS), allowing them to be used to hide or bypass security controls. |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
| CWE-968 | SFP Secondary Cluster: Covert Channel | This category identifies Software Fault Patterns (SFPs) within the Covert Channel cluster. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.