| CWE-567 |
The product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes. |
| CWE-568 |
The software contains a finalize() method that does not call super.finalize(). |
| CWE-57 |
The software contains protection mechanisms to restrict access to 'realdir/filename', but it constructs pathnames using external input in the form of 'fakedir/../realdir/filename' that are not handled by those mechanisms. This allows attackers to perform unauthorized actions against the targeted file. |
| CWE-570 |
The software contains an expression that will always evaluate to false. |
| CWE-571 |
The software contains an expression that will always evaluate to true. |
| CWE-572 |
The program calls a thread's run() method instead of calling start(), which causes the code to run in the thread of the caller instead of the callee. |
| CWE-573 |
The software does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform. |
| CWE-574 |
The program violates the Enterprise JavaBeans (EJB) specification by using thread synchronization primitives. |
| CWE-575 |
The program violates the Enterprise JavaBeans (EJB) specification by using AWT/Swing. |
| CWE-576 |
The program violates the Enterprise JavaBeans (EJB) specification by using the java.io package. |
