SFP Primary Cluster: Malware

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

This category identifies Software Fault Patterns (SFPs) within the Malware cluster.

Weaknesses

Embedded Malicious Code

The application contains code that appears to be malicious in nature.

Improper Handling of Windows ::DATA Alternate Data Stream

The software does not properly prevent access to, or detect usage of, alternate data streams (ADS).

Logic/Time Bomb

The software contains code that is designed to disrupt the legitimate operation of the software (or its environment) when a certain time passes, or when a certain logi...

Non-Replicating Malicious Code

Non-replicating malicious code only resides on the target system or software that is attacked; it does not attempt to spread to other systems.

Replicating Malicious Code (Virus or Worm)

Replicating malicious code, including viruses and worms, will attempt to attack other systems once it has successfully compromised the target system or software.

Spyware

The software collects personally identifiable information about a human user or the user's activities, but the software accesses this information using other resources...

Trapdoor

A trapdoor is a hidden piece of code that responds to a special input, allowing its user access to resources without passing through the normal security enforcement me...

Trojan Horse

The software appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security poli...

Categories

SFP Secondary Cluster: Covert Channel

This category identifies Software Fault Patterns (SFPs) within the Covert Channel cluster.

Concepts

Software Fault Pattern (SFP) Clusters

CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.