Test case 149241

Type: source code
Pairs: 149242-v4.0.0
State: bad
Author: NIST, SecureSoftware, Alexander Hoole, Aurelien Delaitre
Status: candidate
Language: C
Submission Date: 19 Jun 2015

Description

Command injection problems are a subset of injection problem, in which the process is tricked into calling external processes of the attackers choice through the injection of control-plane data into the data plane.

Flaws

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Have any comments on this test case? Please, send us an email.