Download
| Alert*
Dangling Database Cursor ('Cursor Injection')
Description If a database cursor is not closed properly, then it could become accessible to other users while retaining the same privileges that were originally assigned, leaving the cursor "dangling." Extended DescriptionFor example, an improper dangling cursor could arise from unhandled exceptions. The impact of the issue depends on the cursor's role, but SQL injection attacks are commonly possible. Applicable PlatformsLanguage: SQL Time Of Introduction
Common Consequences
Detection MethodsNone Potential Mitigations
Relationships
Demonstrative ExamplesNone White Box Definitions None Black Box Definitions None Taxynomy MappingsNone References:
|