Category: SFP Primary Cluster: Malware
Incomplete
Summary
This category identifies Software Fault Patterns (SFPs) within the Malware cluster.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-506 | Embedded Malicious Code | The product contains code that appears to be malicious in nature. |
| CWE-507 | Trojan Horse | The product appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security policy of the user or the system administrator. |
| CWE-508 | Non-Replicating Malicious Code | Non-replicating malicious code only resides on the target system or product that is attacked; it does not attempt to spread to other systems. |
| CWE-509 | Replicating Malicious Code (Virus or Worm) | Replicating malicious code, including viruses and worms, will attempt to attack other systems once it has successfully compromised the target system or the product. |
| CWE-510 | Trapdoor | A trapdoor is a hidden piece of code that responds to a special input, allowing its user access to resources without passing through the normal security enforcement mechanism. |
| CWE-511 | Logic/Time Bomb | The product contains code that is designed to disrupt the legitimate operation of the product (or its environment) when a certain time passes, or when a certain logical condition is met. |
| CWE-512 | Spyware | The product collects personally identifiable information about a human user or the user's activities, but the product accesses this information using other resources besides itself, and it does not require that user's explicit approval or direct input into the product. |
| CWE-69 | Improper Handling of Windows ::DATA Alternate Data Stream | The product does not properly prevent access to, or detect usage of, alternate data streams (ADS). |
| CWE-888 | Software Fault Pattern (SFP) Clusters | CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs). |
| CWE-968 | SFP Secondary Cluster: Covert Channel | This category identifies Software Fault Patterns (SFPs) within the Covert Channel cluster. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.