[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The UI performs the wrong action with respect to the user's request.

A software system that accepts path input in the form of multiple internal dot ('file...dir') without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

The UI has multiple interpretations of user input but does not prompt the user when it selects the less secure interpretation.

The UI does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

Weaknesses in this category occur in behaviors that are used for initialization and breakdown.

The software, by default, initializes an internal variable with an insecure or less secure value than is possible.

The software initializes critical internal variables or data stores using inputs that can be modified by untrusted actors.

The software does not exit or otherwise modify its operation when security-relevant errors occur during initialization, such as when a configuration file has a format error, which can cause the software to execute in a less secure fashion than intended by the administrator.

The software does not initialize critical variables, which causes the execution environment to use unexpected values.

The code uses a variable that has not been initialized, leading to unpredictable or unintended results.


Pages:      Start    30    31    32    33    34    35    36    37    38    39    40    41    42    43    ..   90

© SecPod Technologies