[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 909 Download | Alert*

The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize multiple internal "../" sequences that can resolve to a location that is outside of that directory.

The software does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.

The software does not drop privileges before passing control of a resource to an actor that does not have those privileges.

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

The software does not handle or incorrectly handles when it has insufficient privileges to perform an operation, leading to resultant weaknesses.

Weaknesses in this category are related to improper assignment or handling of permissions.

The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor.

A product defines a set of insecure permissions that are inherited by objects that are created by the program.

Pages:      Start    10    11    12    13    14    15    16    17    18    19    20    21    22    23    ..   90

© SecPod Technologies