CWE-697 - CERT CVE

CWE-697 - Incorrect Comparison

The software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.

CAPEC ID Naziv
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-120 Double Encoding
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-15 Command Delimiters
CAPEC-182 Flash Injection
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-267 Leverage Alternate Encoding
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-34 HTTP Response Splitting
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-52 Embedding NULL Bytes
CAPEC-53 Postfix, Null Terminate, and Backslash
CAPEC-6 Argument Injection
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-67 String Format Overflow in syslog()
CAPEC-7 Blind SQL Injection
CAPEC-71 Using Unicode Encoding to Bypass Validation Logic
CAPEC-73 User-Controlled Filename
CAPEC-78 Using Escaped Slashes in Alternate Encoding
CAPEC-79 Using Slashes in Alternate Encoding
CAPEC-8 Buffer Overflow in an API Call
CAPEC-80 Using UTF-8 Encoding to Bypass Validation Logic
CAPEC-88 OS Command Injection
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-92 Forced Integer Overflow