Technology-Specific Special Elements
Category ID: 169 (Category)Status: Draft
+ Description

Description Summary

Weaknesses in this category are related to improper handling of special elements within particular technologies.
+ Applicable Platforms

Languages

All

+ Potential Mitigations

Developers should anticipate that technology-specific special elements will be injected/removed/manipulated in the input vectors of their software system. Use an appropriate combination of black lists and white lists to ensure only valid, expected and appropriate input is processed by the system.

+ Other Notes

Note that special elements problems can arise from designs or languages that (1) do not separate "code" from "data" or (2) mix meta-information with information.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class138Improper Sanitization of Special Elements
Development Concepts (primary)699
ParentOfWeakness BaseWeakness Base170Improper Null Termination
Development Concepts (primary)699
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERTechnology-Specific Special Elements
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other Notes, Taxonomy Mappings
Back to top