Failure to Handle Exceptional Conditions |
Weakness ID: 703 (Weakness Class) | Status: Incomplete |
Description Summary
The software does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the software.
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ParentOf | Weakness Base | 166 | Improper Handling of Missing Special Element | Research Concepts1000 |
ParentOf | Weakness Base | 167 | Improper Handling of Additional Special Element | Research Concepts1000 |
ParentOf | Weakness Base | 168 | Failure to Resolve Inconsistent Special Elements | Research Concepts1000 |
ParentOf | Weakness Class | 228 | Improper Handling of Syntactically Invalid Structure | Research Concepts1000 |
ParentOf | Weakness Base | 248 | Uncaught Exception | Research Concepts1000 |
ParentOf | Weakness Base | 274 | Improper Handling of Insufficient Privileges | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 280 | Improper Handling of Insufficient Permissions or Privileges | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 283 | Unverified Ownership | Research Concepts1000 |
ParentOf | Weakness Variant | 333 | Improper Handling of Insufficient Entropy in TRNG | Research Concepts1000 |
ParentOf | Weakness Base | 391 | Unchecked Error Condition | Research Concepts (primary)1000 |
ParentOf | Weakness Base | 392 | Failure to Report Error in Status Code | Research Concepts1000 |
ParentOf | Weakness Base | 393 | Return of Wrong Status Code | Research Concepts1000 |
ParentOf | Weakness Base | 397 | Declaration of Throws for Generic Exception | Research Concepts1000 |
ParentOf | Weakness Class | 754 | Improper Check for Unusual or Exceptional Conditions | Research Concepts (primary)1000 |
ParentOf | Weakness Class | 755 | Improper Handling of Exceptional Conditions | Research Concepts (primary)1000 |
MemberOf | View | 1000 | Research Concepts | Research Concepts (primary)1000 |
This is a high-level class that might have some overlap with other classes. It could be argued that even "normal" weaknesses such as buffer overflows involve a failure to handle exceptional conditions. In that sense, this might be an inherent aspect of most other weaknesses within CWE, similar to API Abuse (CWE-227) and Indicator of Poor Code Quality (CWE-398). However, this entry is currently intended to unify disparate concepts that do not have other places within the Research Concepts view (CWE-1000). |
Taimur Aslam. "A Taxonomy of Security Faults in the UNIX Operating System". 1995-08-01. <http://ftp.cerias.purdue.edu/pub/papers/taimur-aslam/aslam-taxonomy-msthesis.pdf>. |
Taimur Aslam, Ivan Krsul and Eugene H. Spafford. "Use of A Taxonomy of Security Faults". 1995-08-01. <http://csrc.nist.gov/nissc/1996/papers/NISSC96/paper057/PAPER.PDF>. |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
2008-09-09 | MITRE | Internal CWE Team | ||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2009-03-10 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Other Notes |