Improper Handling of File Names that Identify Virtual Resources |
Weakness ID: 66 (Weakness Base) | Status: Draft |
Description Summary
The product does not handle or incorrectly handles a file name that identifies a "virtual" resource that is not directly specified within the directory that is associated with the file name, causing the product to perform file-based operations on a resource that is not a file.
Extended Description
Virtual file names are represented like normal file names, but they are effectively aliases for other resources that do not behave like normal files. Depending on their functionality, they could be alternate entities. They are not necessarily listed in directories.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Category | 21 | Pathname Traversal and Equivalence Errors | Development Concepts (primary)699 |
ChildOf | Weakness Class | 706 | Use of Incorrectly-Resolved Name or Reference | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 67 | Improper Handling of Windows Device Names | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Category | 68 | Windows Virtual File Problems | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 69 | Failure to Handle Windows ::DATA Alternate Data Stream | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Category | 70 | Mac Virtual File Problems | Development Concepts (primary)699 |
ParentOf | Weakness Variant | 71 | Apple '.DS_Store' | Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 72 | Improper Handling of Apple HFS+ Alternate Data Stream Path | Development Concepts (primary)699 Research Concepts (primary)1000 |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Description, Relationships, Taxonomy Mappings, Type | ||||
2009-03-10 | CWE Content Team | MITRE | Internal | |
updated Description, Name | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-04-11 | Virtual Files | |||
2009-03-10 | Failure to Handle File Names that Identify Virtual Resources | |||