SEI CERT Oracle Secure Coding Standard for Java - Guidelines 06. Methods (MET)

A category in the Common Weakness Enumeration published by The MITRE Corporation.

  • Source

    CWE Catalog - 4.12

  • Identifier

    CWE-1140

  • Status

    Stable

Contents

Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to the rules and recommendations in the Methods (MET) section of the SEI CERT Oracle Secure Coding Standard for Java.

Weaknesses

Call to Non-ubiquitous API

The product uses an API function that does not exist on all versions of the target platform. This could cause portability problems or inconsistencies that allow denial...

Explicit Call to Finalize()

The product makes an explicit call to the finalize() method from outside the finalizer.

finalize() Method Declared Public

The product violates secure coding principles for mobile code by declaring a finalize() method public.

finalize() Method Without super.finalize()

The product contains a finalize() method that does not call super.finalize().

Improper Following of Specification by Caller

The product does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform.

Incorrect Comparison

The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.

Object Model Violation: Just One of Equals and Hashcode Defined

The product does not maintain equal hashcodes for equal objects.

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe th...

Concepts

Weaknesses Addressed by the SEI CERT Oracle Coding Standard for Java

CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the online wiki that reflects that current rules and recommen...

See Also

  1. SEI CERT Oracle Coding Standard for Java : Rule 06. Methods (MET)

    The Software Engineering Institute

  2. SEI CERT Oracle Coding Standard for Java : Rec 06. Methods (MET)

    The Software Engineering Institute

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.