CWE-264

Category ID:264(Category)

Status: Incomplete

�ｽF�ｽﾂ・�ｽ�ｽ�ｽ�ｽ�ｽE�ｽA�ｽN�ｽZ�ｽX�ｽ�ｽ�ｽ�ｽ

�ｽ�ｽ�ｽ

�ｽ�ｽ�ｽ�ｽv�ｽ�ｽ

�ｽ�ｽ�ｽﾌカ�ｽe�ｽS�ｽ�ｽ�ｽﾌ脆弱性�ｽﾍ、�ｽA�ｽN�ｽZ�ｽX�ｽ�ｽ�ｽ�ｽﾉ暦ｿｽ�ｽp�ｽ�ｽ�ｽ�ｽ�ｽA�ｽF�ｽﾂ、�ｽ�ｽ�ｽ�ｽ�ｽy�ｽﾑゑｿｽ�ｽﾌ托ｿｽ�ｽﾌセ�ｽL�ｽ�ｽ�ｽ�ｽ�ｽe�ｽB�ｽ@�ｽ\�ｽﾉ関連�ｽ�ｽ�ｽ�ｽ�ｽ�ｽﾌでゑｿｽ�ｽB

�ｽY�ｽ�ｽ�ｽ�ｽ�ｽ�ｽv�ｽ�ｽ�ｽb�ｽg�ｽt�ｽH�ｽ[�ｽ�ｽ

�ｽ�ｽ�ｽ�ｽ

�ｽS�ｽ�ｽ

�ｽ�ｽQ�ｽﾌ緩和�ｽ�ｽ

�ｽ\�ｽt�ｽg�ｽE�ｽF�ｽA�ｽ�ｽ�ｽﾌエ�ｽ�ｽ�ｽe�ｽB�ｽe�ｽB�ｽﾉア�ｽN�ｽZ�ｽX�ｽ�ｽ�ｽ�ｽ�ｽ�ｽt�ｽ^�ｽ�ｽ�ｽ�ｽ鼾�ｿｽA�ｽﾅ擾ｿｽ�ｽ�ｽ�ｽ�ｽ�ｽﾌ鯉ｿｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ轤ｵ�ｽﾄ会ｿｽ�ｽ�ｽ�ｽ�ｽ�ｽB

�ｽﾖ係�ｽ�ｽ

Nature	Type	ID	Name	View(s) this relationship pertains to
ChildOf	Category	254	Security Features	Development Concepts (primary)699
ParentOf	Weakness Class	250	Execution with Unnecessary Privileges	Development Concepts699
ParentOf	Category	265	Privilege / Sandbox Issues	Development Concepts (primary)699
ParentOf	Category	275	Permission Issues	Development Concepts (primary)699
ParentOf	Weakness Class	282	Improper Ownership Management	Development Concepts (primary)699
ParentOf	Weakness Class	284	Access Control (Authorization) Issues	Development Concepts (primary)699
ParentOf	Weakness Class	286	Incorrect User Management	Development Concepts (primary)699
MemberOf	View	635	Weaknesses Used by NVD	Weaknesses Used by NVD (primary)635
CanAlsoBe	Weakness Base	283	Unverified Ownership	Research Concepts1000

�ｽ�ｽ�ｽg�ｽD�ｽﾅの包ｿｽ�ｽ�ｽ

�ｽg�ｽD�ｽ�ｽ�ｽﾜゑｿｽ�ｽﾍ組�ｽD�ｽﾅの包ｿｽ�ｽ�ｽ	�ｽm�ｽ[�ｽh ID	CWE�ｽﾌ包ｿｽ�ｽﾞとの適�ｽ�ｽ�ｽx	�ｽ�ｽ�ｽﾞ厄ｿｽ
PLOVER			Permissions, Privileges, and ACLs

�ｽﾖ連�ｽ�ｽ�ｽ�ｽU�ｽ�ｽ�ｽp�ｽ^�ｽ[�ｽ�ｽ

CAPEC-ID	�ｽU�ｽ�ｽ�ｽp�ｽ^�ｽ[�ｽ�ｽ�ｽ�ｽ (CAPEC Version 1.5)
5	Analog In-band Switching Signals (aka Blue Boxing)
17	Accessing, Modifying or Executing Executable Files
35	Leverage Executable Code in Nonexecutable Files
58	Restful Privilege Elevation
69	Target Programs with Elevated Privileges
76	Manipulating Input to File System Calls

�ｽQ�ｽ�ｽ

[REF-11] M. Howard and D. LeBlanc. "Writing Secure Code". Chapter 7, "How Tokens, Privileges, SIDs, ACLs, and Processes Relate" Page 218. 2nd Edition. Microsoft. 2002.

�ｽX�ｽV�ｽ�ｽ�ｽ�ｽ

[2011�ｽN04�ｽ�ｽ21�ｽ�ｽ]
  2010�ｽN10�ｽ�ｽ12�ｽ�ｽ�ｽ�ｽ�ｽ_�ｽﾌデ�ｽ[�ｽ^�ｽ�ｽ�ｽ�ｽ�ｽﾉ更�ｽV
[2009�ｽN06�ｽ�ｽ29�ｽ�ｽ]
  2009�ｽN02�ｽ�ｽ02�ｽ�ｽ�ｽ�ｽ�ｽ_�ｽﾌ会ｿｽ�ｽL URL �ｽ�ｽ�ｽ�ｽ�ｽﾉ作成
    http://cwe.mitre.org/data/definitions/264.html

�ｽo�ｽ^�ｽ�ｽ 2011/04/21

�ｽﾅ終�ｽX�ｽV�ｽ�ｽ 2023/04/04