2021年11月8日20:02:03评论41 views字数 624阅读2分4秒阅读模式

CWE-695 使用底层的功能例程

Use of Low-Level Functionality

结构: Simple

Abstraction: Base

状态: Incomplete

被利用可能性: unkown

基本描述

The software uses low-level functionality that is explicitly prohibited by the framework or specification under which the software is supposed to operate.

扩展描述

The use of low-level functionality can violate the specification in unexpected ways that effectively disable built-in protection mechanisms, introduce exploitable inconsistencies, or otherwise expose the functionality to attack.

常见的影响

范围	影响	注释
Other	Other

CWE-695 使用底层的功能例程

CWE-695 使用底层的功能例程

Use of Low-Level Functionality

基本描述

扩展描述

相关缺陷

常见的影响

相关攻击模式

View-999: Weaknesses without Software Fault Patterns

View-884: CWE Cross-section

View-868: Weaknesses Addressed by the SEI CERT C++ Coding Standard (2016 Version)

View-844: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)

View-809: Weaknesses in OWASP Top Ten (2010)

View-800: Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors

View-750: Weaknesses in the 2009 CWE/SANS Top 25 Most Dangerous Programming Errors

View-734: Weaknesses Addressed by the CERT C Secure Coding Standard (2008)

View-711: Weaknesses in OWASP Top Ten (2004)

View-709: Named Chains

发表评论

在线咨询

微信