| Checksum Spoofing |
|
CWE-354
|
Improper Validation of Integrity Check Value
|
|
| Padding Oracle Crypto Attack |
|
CWE-209
|
Generation of Error Message Containing Sensitive Information
|
|
CWE-347
|
Improper Verification of Cryptographic Signature
|
|
CWE-354
|
Improper Validation of Integrity Check Value
|
|
CWE-514
|
Covert Channel
|
|
CWE-649
|
Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking
|
|
CWE-696
|
Incorrect Behavior Order
|
|
| Manipulating Writeable Configuration Files |
|
CWE-77
|
Improper Neutralization of Special Elements used in a Command ('Command Injection')
|
|
CWE-99
|
Improper Control of Resource Identifiers ('Resource Injection')
|
|
CWE-346
|
Origin Validation Error
|
|
CWE-349
|
Acceptance of Extraneous Untrusted Data With Trusted Data
|
|
CWE-353
|
Missing Support for Integrity Check
|
|
CWE-354
|
Improper Validation of Integrity Check Value
|
|
CWE-713
|
OWASP Top Ten 2007 Category A2 - Injection Flaws
|
|