Error Conditions, Return Values, Status Codes
Description If a function in a product does not generate the correct return/status codes, or if the product does not handle all possible return/status codes that could be generated by a function, then security issues may result. Extended DescriptionThis type of problem is most often found in conditions that are rarely encountered during the normal operation of the product. Presumably, most bugs related to common conditions are found and eliminated during development and testing. In some cases, the attacker can directly control or influence the environment to trigger the rare conditions. Applicable PlatformsLanguage Class: All Common ConsequencesNone Detection MethodsNone Potential MitigationsNone Relationships
Demonstrative ExamplesNone White Box Definitions None Black Box Definitions None Taxynomy Mappings
References:None |