Description
A parent class has a virtual destructor method, but the parent has a child class that does not have a virtual destructor.
Modes of Introduction:
Related Weaknesses
Consequences
Other: Reduce Reliability
A parent class has a virtual destructor method, but the parent has a child class that does not have a virtual destructor.
Modes of Introduction:
Other: Reduce Reliability
The software’s architecture contains too many – or too few –
horizontal layers.
Modes of Introduction:
– Architecture and Design
Other: Reduce Maintainability
The software uses a data element that has an excessively large
number of sub-elements with non-primitive data types such as structures or aggregated objects.
Modes of Introduction:
Other: Reduce Performance
The code contains a member element that is declared as static (but not final), in which
its parent class element
is not a singleton class – that is, a class element that can be used only once in
the ‘to’ association of a Create action.
Modes of Introduction:
Other: Reduce Performance
The software has multiple functions, methods, procedures, macros, etc. that
contain the same code.
Modes of Introduction:
Other: Reduce Maintainability
If a form bean does not extend an ActionForm subclass of the Validator framework, it can expose the application to other weaknesses related to insufficient input validation.
In order to use the Struts Validator, a form must extend one of the following: ValidatorForm, ValidatorActionForm, DynaValidatorActionForm, and DynaValidatorForm. One of these classes must be extended because the Struts Validator ties in to the application by implementing the validate() method in these classes. Forms derived from the ActionForm and DynaActionForm classes cannot use the Struts Validator.
Modes of Introduction:
– Implementation
Other: Other
Bypassing the validation framework for a form exposes the application to numerous types of attacks. Unchecked input is an important component of vulnerabilities like cross-site scripting, process control, and SQL injection.
Confidentiality, Integrity, Availability, Other: Other
Although J2EE applications are not generally susceptible to memory corruption attacks, if a J2EE application interfaces with native code that does not perform array bounds checking, an attacker may be able to use an input validation mistake in the J2EE application to launch a buffer overflow attack.
Phase: Implementation
Description:
Ensure that all forms extend one of the Validation Classes.
The product uses an automated mechanism such as machine learning to recognize complex data inputs (e.g. image or audio) as a particular concept or category, but it does not properly detect or handle inputs that have been modified or constructed in a way that causes the mechanism to detect a different, incorrect concept.
Modes of Introduction:
– Architecture and Design
Integrity: Bypass Protection Mechanism
When the automated recognition is used in a protection mechanism, an attacker may be able to craft inputs that are misinterpreted in a way that grants excess privileges.
The product uses a mechanism that automatically optimizes code, e.g. to improve a characteristic such as performance, but the optimizations can have an unintended side effect that might violate an intended security assumption.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: Low
Integrity: Alter Execution Logic
The optimizations alter the order of execution resulting in side effects that were not intended by the original developer.
The developer builds a security-critical protection mechanism into the software, but the processor optimizes the execution of the program such that the mechanism is removed or modified.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: Low
Integrity: Bypass Protection Mechanism
A successful exploitation of this weakness will change the order of an application’s execution and will likely be used to bypass specific protection mechanisms. This bypass can be exploited further to potentially read data that should otherwise be unaccessible.
The application has a validator form that either does not define a validate() method, or defines a validate() method but does not call super.validate().
If the code does not call super.validate(), the Validation Framework cannot check the contents of the form against a validation form. In other words, the validation framework will be disabled for the given form.
The Struts Validator uses a form’s validate() method to check the contents of the form properties against the constraints specified in the associated validation form. That means the following classes have a validate() method that is part of the validation framework: ValidatorForm, ValidatorActionForm, DynaValidatorForm, and DynaValidatorActionForm. If the code creates a class that extends one of these classes, and if that class implements custom validation logic by overriding the validate() method, the code must call super.validate() in the validate() implementation.
Modes of Introduction:
– Implementation
Other: Other
Disabling the validation framework for a form exposes the application to numerous types of attacks. Unchecked input is the root cause of vulnerabilities like cross-site scripting, process control, and SQL injection.
Confidentiality, Integrity, Availability, Other: Other
Although J2EE applications are not generally susceptible to memory corruption attacks, if a J2EE application interfaces with native code that does not perform array bounds checking, an attacker may be able to use an input validation mistake in the J2EE application to launch a buffer overflow attack.
Phase: Implementation
Description:
Implement the validate() method and call super.validate() within that method.