CWE: 191 Integer Underflow BadSource: rand Set data to result of rand() GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause an Underflow Flow...

CWE: 191 Integer Underflow BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data...

CWE: 191 Integer Underflow BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause an Unde...

CWE: 191 Integer Underflow BadSource: Environment Read data from an environment variable GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause a...

The product does not properly check inputs that are used for loop conditions when creating a random file name. If the target size of filename is too large for the filesystem, an IOException is raised and kills the current thread. Metadata - Base program: Apache POI - Source Taint: SOCKET - ...

Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. Metadata -Base program: Apache Lenya - Source Taint: FILE_CONTENTS - Data Type: simple - Data Flow: index_alias_1 -...

This test takes in a value from a taint source, which is then used to allocate an array. This value is positive when stored in a byte, but if the value is between 128 and 255, becomes negative if stored in a byte. When this negative value is stored in a larger container (an int) it becomes a ...

CWE: 89 SQL Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(), which could ...

CWE: 83 Cross Site Scripting (XSS) in attributes; Examples(replace QUOTE with an actual double quote): ?img_loc=http://www.google.comQUOTE%20onerror=QUOTEalert(1) and ?img_loc=http://www.google.comQUOTE%20onerror=QUOTEjavascript:alert(1) BadSource: File Read data from file (named c:\data.txt) G...

CWE: 78 OS Command Injection BadSource: Property Read data from a system property GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 67 Data flow: data passed in a class from one method to another in different source ...

CWE: 789 Uncontrolled Memory Allocation BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: HashSet BadSink : Create a HashSet using data as the initial size Flow Variant: 54 Data flow: data passed as ...

CWE: 789 Uncontrolled Memory Allocation BadSource: Environment Read data from an environment variable GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: HashSet BadSink : Create a HashSet using data as the initial size Flow Variant: 21 Control flow: Flow controlled by val...

CWE: 400 Resource Exhaustion BadSource: listen_tcp Read count using a listening tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: GoodSink: Validate count before using it as a parameter in sleep function BadSink : Use count as the parameter for sleep withh...

CWE: 400 Resource Exhaustion BadSource: PropertiesFile Read count from a .properties file (in property named data) GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop BadSink : Use count as...

CWE: 400 Resource Exhaustion BadSource: console_readLine Read count from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop BadSink : Use count as the loop varia...

CWE: 400 Resource Exhaustion BadSource: Environment Read count from an environment variable GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: write GoodSink: Write to a file count number of times, but first validate count BadSink : Write to a file count number of times ...

CWE: 369 Divide by zero BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: modulo GoodSink: Check for zero before modulo BadSink : Modulo by a value that may be zero Flow Variant: 45 Data flow: data passed ...

CWE: 319 Cleartext Transmission of Sensitive Information BadSource: URLConnection Read password from a web server with URLConnection GoodSource: Set password to a hardcoded value (one that was not sent over the network) Sinks: passwordAuth GoodSink: Decrypt password before using in PasswordAu...

CWE: 259 Hard Coded Password BadSource: hardcodedPassword Set data to a hardcoded string GoodSource: Read data from the console using readLine() Sinks: driverManager BadSink : data used as password in database connection Flow Variant: 31 Data flow: make a copy of data within the same method

CWE: 197 Numeric Truncation Error BadSource: large Set data to a number larger than Byte.MAX_VALUE GoodSource: A hardcoded non-zero, non-min, non-max, even number BadSink: to_byte Convert data to a byte Flow Variant: 13 Control flow: if(IO.STATIC_FINAL_FIVE==5) and if(IO.STATIC_FINAL_FIVE!=5)

CWE: 197 Numeric Truncation Error BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number BadSink: to_byte Convert data to a byte Flow Variant: 51 Data flow: data passed as an argument from one function to another in di...

CWE: 191 Integer Underflow BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: multiply GoodSink: Ensure there will not be an underflow before multiplying data by 2 BadSink : If data is negative, multiply by ...

CWE: 191 Integer Underflow BadSource: Property Read data from a system property GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause an Underfl...

CWE: 191 Integer Underflow BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: multiply GoodSink: Ensure there will not be an underflow before multiplying data by 2 BadSink : If data is negative, multiply by...

CWE: 191 Integer Underflow BadSource: min Set data to the max value for byte GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: multiply GoodSink: Ensure there will not be an underflow before multiplying data by 2 BadSink : If data is negative, multiply by 2, which can ca...