CWE-706: Use of Incorrectly-Resolved Name or Reference

Description

The product uses a name or reference to access a resource, but the name/reference resolves to a resource that is outside of the intended control sphere.

Submission Date :

Sept. 9, 2008, midnight

Modification Date :

2023-06-29 00:00:00+00:00

Organization :

MITRE

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Go to
CWE-41: Improper Resolution of Path Equivalence
Go to
CWE-59: Improper Link Resolution Before File Access ('Link Following')
Go to
CWE-66: Improper Handling of File Names that Identify Virtual Resources
Go to
CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Go to
CWE-99: Improper Control of Resource Identifiers ('Resource Injection')
Go to
CWE-178: Improper Handling of Case Sensitivity
Go to
CWE-386: Symbolic Name not Mapping to Correct Object
Go to
CWE-664: Improper Control of a Resource Through its Lifetime
Go to
CWE-827: Improper Control of Document Type Definition
Go to

Visit http://cwe.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Nov. 23, 2024 8:21