DEPRECATED: Improper Sanitization of Custom Special Characters |
Weakness ID: 92 (Deprecated Weakness Base) | Status: Deprecated |
Description Summary
The software uses a custom or proprietary language or representation, but when it receives input from an upstream component, it does not sanitize or incorrectly sanitizes special elements when they are sent to a downstream component.
Extended Description
This allows attackers to modify the syntax, content, or commands before they are processed by a downstream component.
This and some other CWE entries were distinct in PLOVER but effectively have overlap in CWE. PLOVER sometimes defined "other" and "miscellaneous" categories in order to satisfy exhaustiveness requirements for taxonomies. Within the context of CWE, the use of a more abstract entry is preferred in mapping situations. |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Maintenance Notes, Relationships, Relationship Notes, Taxonomy Mappings, Weakness Ordinalities | ||||
2008-10-14 | CWE Content Team | MITRE | Internal | |
updated Description, Name | ||||
2009-05-27 | CWE Content Team | MITRE | Internal | |
updated Description, Name | ||||
2009-07-27 | CWE Content Team | MITRE | Internal | |
updated Applicable Platforms, Causal Nature, Maintenance Notes, Name, Observed Examples, Potential Mitigations, Related Attack Patterns, Relationship Notes, Relationships, Research Gaps, Taxonomy Mappings, Time of Introduction, Type, Weakness Ordinalities | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Relationships | ||||
2009-12-28 | CWE Content Team | MITRE | Internal | |
updated Related Attack Patterns | ||||
Previous Entry Names | ||||
Change Date | Previous Entry Name | |||
2008-10-14 | Custom Special Character Injection | |||
2009-05-27 | Insufficient Sanitization of Custom Special Characters | |||
2009-07-27 | Improper Sanitization of Custom Special Characters | |||