Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-509:Replicating Malicious Code (Virus or Worm)
Weakness ID:509
Version:v4.17
Weakness Name:Replicating Malicious Code (Virus or Worm)
Vulnerability Mapping:Allowed
Abstraction:Base
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
▼Description

Replicating malicious code, including viruses and worms, will attempt to attack other systems once it has successfully compromised the target system or the product.

▼Extended Description

▼Alternate Terms
▼Relationships
Relevant to the view"Research Concepts - (1000)"
NatureMappingTypeIDName
ChildOfAllowedB507Trojan Horse
Nature: ChildOf
Mapping: Allowed
Type: Base
ID: 507
Name: Trojan Horse
▼Memberships
NatureMappingTypeIDName
MemberOfProhibitedC904SFP Primary Cluster: Malware
MemberOfProhibitedC1412Comprehensive Categorization: Poor Coding Practices
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 904
Name: SFP Primary Cluster: Malware
Nature: MemberOf
Mapping: Prohibited
Type:Category
ID: 1412
Name: Comprehensive Categorization: Poor Coding Practices
▼Tags
NatureMappingTypeIDName
MemberOfProhibitedBSBOSS-311Execute Unauthorized Code or Commands (impact)
Nature: MemberOf
Mapping: Prohibited
Type:BOSSView
ID: BOSS-311
Name: Execute Unauthorized Code or Commands (impact)
▼Relevant To View
Relevant to the view"Software Fault Pattern (SFP) Clusters - (888)"
NatureMappingTypeIDName
MemberOfProhibitedC904SFP Primary Cluster: Malware
Nature: MemberOf
Mapping: Prohibited
Type: Category
ID: 904
Name: SFP Primary Cluster: Malware
▼Background Detail

▼Common Consequences
ScopeLikelihoodImpactNote
ConfidentialityIntegrityAvailabilityN/AExecute Unauthorized Code or Commands
N/A
Scope: Confidentiality, Integrity, Availability
Likelihood: N/A
Impact: Execute Unauthorized Code or Commands
Note:
N/A
▼Potential Mitigations
Phase:Operation
Mitigation ID:
Strategy:
Effectiveness:
Description:

Antivirus software scans for viruses or worms.

Note:

Phase:Installation
Mitigation ID:
Strategy:
Effectiveness:
Description:

Always verify the integrity of the software that is being installed.

Note:

▼Modes Of Introduction
Phase: Implementation
Note:

N/A

Phase: Operation
Note:

N/A

▼Applicable Platforms
▼Demonstrative Examples
▼Observed Examples
ReferenceDescription
▼Affected Resources
    ▼Functional Areas
      ▼Weakness Ordinalities
      OrdinalityDescription
      ▼Detection Methods
      ▼Vulnerability Mapping Notes
      Usage:Allowed
      Reason:Acceptable-Use
      Rationale:

      This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.

      Comments:

      Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

      Suggestions:
      ▼Notes
      ▼Taxonomy Mappings
      Taxonomy NameEntry IDFitEntry Name
      LandwehrN/AN/AReplicating (virus)
      Taxonomy Name: Landwehr
      Entry ID: N/A
      Fit: N/A
      Entry Name: Replicating (virus)
      ▼Related Attack Patterns
      IDName
      ▼References
      Reference ID: REF-1431
      Title: A Taxonomy of Computer Program Security Flaws, with Examples
      Author: Carl E. Landwehr, Alan R. Bull, John P. McDermott, William S. Choi
      Section:
      Publication:
      Publisher:
      Edition:
      URL:https://cwe.mitre.org/documents/sources/ATaxonomyofComputerProgramSecurityFlawswithExamples%5BLandwehr93%5D.pdf
      URL Date:2024-11-17
      Day:19
      Month:11
      Year:1993
      Details not found