2010 Top 25 - Insecure Interaction Between Components
Category ID: 801 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are listed in the "Insecure Interaction Between Components" section of the 2010 CWE/SANS Top 25 Programming Errors.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness BaseWeakness Base78Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection')
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base79Failure to Preserve Web Page Structure ('Cross-site Scripting')
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base89Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection')
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base209Information Exposure Through an Error Message
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfCompound Element: CompositeCompound Element: Composite352Cross-Site Request Forgery (CSRF)
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness ClassWeakness Class362Race Condition
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness BaseWeakness Base434Unrestricted Upload of File with Dangerous Type
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
ParentOfWeakness VariantWeakness Variant601URL Redirection to Untrusted Site ('Open Redirect')
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
MemberOfViewView800Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors
Weaknesses in the 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (primary)800
+ References
"2010 CWE/SANS Top 25 Most Dangerous Programming Errors". 2010-02-04. <http://cwe.mitre.org/top25>.
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2010-01-15Internal CWE Team