Path Equivalence: 'file...name' (Multiple Internal Dot) |
Weakness ID: 45 (Weakness Variant) | Status: Incomplete |
Description Summary
This variant does not have any easily findable, publicly reported vulnerabilities, but it can be an effective manipulation in weaknesses such as validate-before-cleanse, which might use a regular expression that removes ".." sequences from a string to produce an unexpected string. |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Variant | 44 | Path Equivalence: 'file.name' (Internal Dot) | Development Concepts (primary)699 Research Concepts (primary)1000 |
ChildOf | Weakness Variant | 165 | Improper Sanitization of Multiple Internal Special Elements | Research Concepts1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
PLOVER | Multiple Internal Dot - 'file...dir' |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Relationships, Other Notes, Taxonomy Mappings | ||||
2009-05-27 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Path Issue - Multiple Internal Dot - 'file...dir' | |||
Security-Database help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.
28 June 2016