Category-802: 2010 Top 25 - Risky Resource Management

ID: 802 Status: Obsolete

Summary

Weaknesses in this category are listed in the "Risky Resource Management" section of the 2010 CWE/SANS Top 25 Programming Errors.

Membership

ID NAME
CWE-120 未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
CWE-129 对数组索引的验证不恰当
CWE-131 缓冲区大小计算不正确
CWE-190 整数溢出或超界折返
CWE-22 对路径名的限制不恰当(路径遍历)
CWE-494 下载代码缺少完整性检查
CWE-754 对因果或异常条件的不恰当检查
CWE-770 不加限制或调节的资源分配
CWE-805 使用不正确的长度值访问缓冲区
CWE-98 PHP程序中Include/Require语句包含文件控制不恰当(PHP远程文件包含)

References

REF-732 2010 CWE/SANS Top 25 Most Dangerous Software Errors