Command injection problems are a subset of injection problem, in which the process is tricked into calling external processes of the attackers choice through the injection of control-plane data into the data plane. (from TCCLASP-5_2_25_10)

Format string problems occur when a user has the ability to control or write completely the format string used to format data in the printf style family of C/ C++ functions. (from TCCLASP-5_2_23_10)

Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow. (from TCCLASP-5_2_2_10)

Freeing or deleting the same memory chunk twice may - when combined with other flaws - result in a write-what-where condition. (from TCCLASP-5_2_20_10)

A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an arra...

The use of heap allocated memory after it has been freed or deleted leads to undefined system behavior and, in many cases, to a write-what-where condition. (from TCCLASP-5_2_19_10)

Improper string length checking takes place when wide or multi-byte character strings are mistaken for standard character strings. (from TCCLASP-5_2_15_10)

Miscalculated null termination occurs when the placement of a null character at the end of a buffer of characters (or string) is misplaced or omitted. (from TCCLASP-5_2_14_9)

An unsigned-to-signed conversion error takes place when a large unsignedprimitive is used as an signed value - usually as a size variable. (from TCCLASP-5_2_12_10)[br][br]Duplicate code of Test Case 19

If one extends a signed number incorrectly, if negative numbers are used, an incorrect extension may result. (from TCCLASP-5_2_10_10)