OWASP Top Ten 2007 Category A3 - Malicious File Execution
Category ID: 714 (Category)Status: Incomplete
+ Description

Description Summary

Weaknesses in this category are related to the A3 category in the OWASP Top Ten 2007.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ParentOfWeakness BaseWeakness Base78Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection')
Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOfWeakness BaseWeakness Base95Improper Sanitization of Directives in Dynamically Evaluated Code ('Eval Injection')
Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOfWeakness BaseWeakness Base98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP File Inclusion')
Weaknesses in OWASP Top Ten (2007) (primary)629
ParentOfWeakness BaseWeakness Base434Unrestricted Upload of File with Dangerous Type
Weaknesses in OWASP Top Ten (2007) (primary)629
MemberOfViewView629Weaknesses in OWASP Top Ten (2007)
Weaknesses in OWASP Top Ten (2007) (primary)629
+ Related Attack Patterns
CAPEC-IDAttack Pattern Name
(CAPEC Version: 1.4)
35Leverage Executable Code in Nonexecutable Files
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
2008-09-09MITREInternal CWE Team
Modifications
Modification DateModifierOrganizationSource
2009-12-28CWE Content TeamMITREInternal
updated Related Attack Patterns