Code Vulnerability Categories
From Guidance Share
Contents |
[edit]
Authentication, Authorization, and Trust
- Comparing Classes by Name
- Failure to Drop Privileges When Reasonable
- Failure to Check Whether Privileges Were Dropped
- Reflection Attack in an Authentication Protocol
- Capture-Replay
- Trusting Self Reported IP Address
- Trusting Self Reported DNS Name
- Using Referrer Field for Authentication
- Using Single-factor Authentication
- Use of Hard-coded Password
- Weak Password Systems
- Not Allowing Password Aging
[edit]
Cryptography and Secrets
- Non-cryptographic PRNG
- Insufficient Entropy in PRNG
- Failure of TRNG
- Failure to Follow Chain of Trust in Certificate Validation
- Key Exchange Without Entity Authentication
- Failure to Validate Host-Specific Certificate Data
- Failure to Validate Certificate Expiration
- Failure to Check for Certificate Revocation
- Failure to Encrypt Data
- Failure to Add Integrity Check Value
- Failure to Check Integrity Check Value
- Use of Hard Coded Cryptographic Key
- Storing Passwords in a Recoverable Format
- Using a Broken or Risky Cryptographic Algorithm
- Reusing a Nonce, Key Pair in Encryption
- Using a Key Past its Expiration Date
- Not Using a Random IV with CBC Mode
[edit]
Environmental Problems
[edit]
Input Validation
[edit]
Language Feature Misuse
[edit]
Logic Errors
- Covert Storage Channel
- Invoking Untrusted Mobile Code
- Info Disclosure Through Error Messages
- Info Disclosure Through Data Queries
- Ignored Function Return Value
- Missing Parameter
- Uninitialized Variable
- Deletion of Data-structure Sentinel
- Use of sizeof() on a Pointer Type
- Unintentional Pointer Scaling
- Improper Pointer Subtraction
- Assigning Instead of Comparing
- Comparing Instead of Assigning
- Incorrect Block Delimitation
- Omitted Break Statement
- Improper Cleanup on Thrown Exception
- Uncaught Exception
- Improper Error Handling
- Improper Temp File Opening
- Guessed or Visible Temporary File
- Failure to Deallocate Memory
- Failure to Account for Default Case in Switch
[edit]
Memory
[edit]
Range
- Buffer Overflow
- Stack Overflow
- Heap Overflow
- Buffer Underwrite
- Integer Overflow
- Unchecked Array Indexing
- Miscalculated Null Termination
- Improper String Length Checking
[edit]
Synchronization and Timing
- Covert Timing Channel
- Race Condition in Time of Check, Time of Use
- Race Condition in Thread
- Race Condition in Switch
- Race Condition in Signal Handler
- Race Condition in Checking for Certificate Revocation
- Unsafe Function Call from Signal Handler
- Passing Mutable Objects to an Untrusted Method
- Returning Mutable Object to an Untrusted Method
[edit]