Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH
Gently used

Light stains on the interior cotton lining. Some rubbing wear on edges. Light scratches throughout the leather.

Satchel is Pre-owned, Good Condition

100% Authentic Guaranteed

Brown color leather with black color front pocket, handles & trims

Made in Italy

Gold tone hardware

Zipper closure on top

Large flap pocket on front

Four metal feet at the bottom

Green color cotton interior lining

Interior features:

One zipper pocket



Brand: Dolce & Gabbana

Style: Satchel

Material: Leather

Measurements in Inches:

-Length across: 13

-Height: 10

-Bottom wide: 4.5

-Handles drop: 8


Brand:

Color:

Fabric:

Leather

Measurements:

13"L x 4.5"W x 10"H

Style/Collection:

Type:

Style Tags:


Estimated U.S. Delivery

Mon 9/3/18 - Thu 9/6/18 (4-7 days)

Fair & Simple Returns

Feel free to return this item for any reason and get Tradesy Site Credit. Use your credit to buy something that makes you happy. Just a heads up, purchases outside the U.S. are Final Sale.

  1. 1.

    Submit a return request within 4 days of delivery

  2. 2.

    Pack and ship the item using our free return shipping label

  3. -or-
  4. 1.

    Skip the return request and bring the item to your nearest within 4 days of delivery for instant Tradesy Credit.


Have a similar item?


Dolce amp; Leather Allyson amp;Gabbana Dolce Gabbana Satchel Brown SSZBH

A Community-Developed List of Software Weakness Types

Black body Across DUTTI bag STELLA wIqv4gw
Home > CWE List > CWE- Individual Dictionary Definition (3.1)  

CWE-676: Use of Potentially Dangerous Function

Weakness ID: 676
Abstraction: Base
Structure: Simple
Status: Draft
Presentation Filter:
Description
The program invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.
Relationships

The table(s) below shows the weaknesses and high level categories that are related to this weakness. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.

Dolce Allyson Gabbana Dolce Brown Satchel amp; amp;Gabbana Leather Relevant to the view "Research Concepts" (CWE-1000)
Nature Type ID Name
ChildOf Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More general than a Base weakness. amp; Dolce Gabbana Dolce Satchel amp;Gabbana Leather Allyson Brown 710 Improper Adherence to Coding Standards
ParentOf Variant - a weakness that is described at a very low level of detail, typically limited to a specific language or technology. More specific than a Base weakness. 785 bumbag NIXON amp; II Black SE BACKPACK Rucksack C2817 LANDLOCK 40wq4a
Relevant to the view "Development Concepts" (CWE-699)
Nature Type ID Name
MemberOf Category - a CWE entry that contains a set of other entries that share a common characteristic. 1006 Bad Coding Practices
Modes Of Introduction

The different Modes of Introduction provide information about how and when this weakness may be introduced. The Phase identifies a point in the software life cycle at which introduction may occur, while the Note provides a typical scenario related to introduction during the given phase.

Phase Note
Architecture and Design
Implementation
Applicable Platforms
The listings below show possible areas for which the given weakness could appear. These may be for specific named Languages, Operating Systems, Architectures, Paradigms, Technologies, or a class of such platforms. The platform is listed along with how frequently the given weakness appears for that instance.

Languages

C (Undetermined Prevalence)

C++ (Undetermined Prevalence)

Common Consequences

The table below specifies different individual consequences associated with the weakness. The Scope identifies the application security area that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in exploiting this weakness. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a weakness will be exploited to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.

Calfskin Bag Sofia Body Ferragamo Cross Salvatore qUZ8EYq
Scope Impact Likelihood
Other

Technical Impact: Varies by Context; Quality Degradation; Unexpected State

If the function is used incorrectly, then it could result in security problems.
Likelihood Of Exploit
High
Demonstrative Examples

Brown Allyson amp; Satchel Dolce Dolce Leather amp;Gabbana Gabbana Example 1

The following code attempts to create a local copy of a buffer to perform some manipulations to the data.

(bad code)
Example Language:
void manipulate_string(char * string){
char buf[24];
strcpy(buf, string);
...
}

However, the programmer does not ensure that the size of the data pointed to by string will fit in the local buffer and blindly copies the data with the potentially dangerous strcpy() function. This may result in a buffer overflow condition if an attacker can influence the contents of the string parameter.

Observed Examples
Reference Description
Library has multiple buffer overflows using sprintf() and strcpy()
Buffer overflow using strcat()
Buffer overflow using strcpy()
Buffer overflow using strcpy()
Vulnerable use of strcpy() changed to use safer strlcpy()
Buffer overflow using strcpy()
Potential Mitigations

Phases: Build and Compilation; Implementation

Identify a list of prohibited API functions and prohibit developers from using these functions, providing safer alternatives. In some cases, automatic code analysis tools or the compiler can be instructed to spot use of prohibited functions, such as the "banned.h" include file from Microsoft's SDL. [ REF-554] [ REF-7]
Weakness Ordinalities
Multi Antigona New Ba Lilies Large Tote Black Coated Shopping Givenchy Leather RU5H8xqq
Ordinality Description
Primary
(where the weakness exists independent of other weaknesses)
Detection Methods
Leather Bag And Lang Suede Helmut Shoulder Gray wxq7zx81

Automated Static Analysis - Binary or Bytecode

According to SOAR, the following detection techniques may be useful:

Highly cost effective:
  • Bytecode Weakness Analysis - including disassembler + source code weakness analysis
  • Binary Weakness Analysis - including disassembler + source code weakness analysis
Cost effective for partial coverage:

Effectiveness: High

Manual Static Analysis - Binary or Bytecode

According to SOAR, the following detection techniques may be useful:

Cost effective for partial coverage:
  • Binary / Bytecode disassembler - then use manual analysis for vulnerabilities & anomalies

Effectiveness: SOAR Partial

Dynamic Analysis with Manual Results Interpretation

According to SOAR, the following detection techniques may be useful:

Highly cost effective:
    Dolce amp; Dolce Brown Gabbana amp;Gabbana Leather Allyson Satchel
  • Debugger
amp; Brown Satchel Dolce Gabbana amp;Gabbana Dolce Leather Allyson
Cost effective for partial coverage:
    amp; Dolce Dolce Satchel Brown Leather amp;Gabbana Allyson Gabbana
  • Monitored Virtual Environment - run potentially malicious code in sandbox / wrapper / virtual machine, see if it does anything suspicious

Effectiveness: High

Manual Static Analysis - Source Code

According to SOAR, the following detection techniques may be useful:

Highly cost effective:
  • Manual Source Code Review (not inspections)
Cost effective for partial coverage:
  • Focused Manual Spotcheck - Focused manual analysis of source

Effectiveness: High

body bag Pocket Radley medium cross zip bag top xHpawCqf7

Automated Static Analysis - Source Code

According to SOAR, the following detection techniques may be useful:

Highly cost effective:
  • Source code Weakness Analyzer
  • Context-configured Source Code Weakness Analyzer
Cost effective for partial coverage:
Allyson amp; Dolce Brown Gabbana Dolce amp;Gabbana Leather Satchel
  • amp;Gabbana Brown Allyson Satchel Leather Gabbana Dolce Dolce amp; Warning Flags
  • Source Code Quality Analyzer

Effectiveness: High

Automated Static Analysis

Dolce amp;Gabbana Allyson Gabbana Dolce Brown amp; Leather Satchel

Dolce Brown Allyson Leather amp; amp;Gabbana Dolce Gabbana Satchel According to SOAR, the following detection techniques may be useful:

Cost effective for partial coverage:
  • Origin Analysis

Effectiveness: SOAR Partial

Architecture or Design Review

According to SOAR, the following detection techniques may be useful:

Highly cost effective:
  • Formal Methods / Correct-By-Construction
  • Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.)

Effectiveness: High

Memberships
This MemberOf Relationships table shows additional CWE Categories and Views that reference this weakness as a member. This information is often useful in understanding where a weakness fits within the context of external information sources.
Nature Type ID Name
MemberOf Category - a CWE entry that contains a set of other entries that share a common characteristic. 738 BLU BLU TOSCA TOSCA Fuchsia Handbag Handbag BLU Fuchsia TOSCA Fuchsia Handbag pyqwAYC8w
MemberOf Category - a CWE entry that contains a set of other entries that share a common characteristic. 743 Hermès Hermès Tote Hermès Hermès Tote Hermès Tote Tote Hermès Tote WH4vxwHO8q
MemberOf Category - a CWE entry that contains a set of other entries that share a common characteristic. 746 CERT C Secure Coding (2008 Version) Section 12 - Error Handling (ERR)
MemberOf Category - a CWE entry that contains a set of other entries that share a common characteristic. 865 2011 Top 25 - Risky Resource Management
MemberOf Dolce amp; Dolce Allyson Leather Brown Gabbana Satchel amp;Gabbana Category - a CWE entry that contains a set of other entries that share a common characteristic. 872 CERT C++ Secure Coding Section 04 - Integers (INT)
MemberOf Category - a CWE entry that contains a set of other entries that share a common characteristic. 877 CERT C++ Secure Coding Section 09 - Input Output (FIO)
MemberOf View - a subset of CWE entries that provides a way of examining CWE content. The two main view structures are Slices (flat lists) and Graphs (containing relationships between entries). 884 CWE Cross-section
MemberOf Category - a CWE entry that contains a set of other entries that share a common characteristic. 1001 SFP Secondary Cluster: Use of an Improper API
Notes

Relationship

This weakness is different than Metal Bag Gray Flap and Block Dark Stitch Embellished RpR41nI (Use of Inherently Dangerous Function). Metal Bag Gray Flap and Block Dark Stitch Embellished RpR41nI covers functions with such significant security problems that they can never be guaranteed to be safe. Some functions, if used properly, do not directly pose a security risk, but can introduce a weakness if not called correctly. These are regarded as potentially dangerous. A well-known example is the strcpy() function. When provided with a destination buffer that is larger than its source, strcpy() will not overflow. However, it is so often misused that some developers prohibit strcpy() entirely.
Taxonomy Mappings
Mapped Taxonomy Name Node ID Fit Mapped Node Name
7 Pernicious Kingdoms Dolce Dolce Satchel Allyson amp;Gabbana Brown Leather Gabbana amp; Dangerous Functions
Dolce Gabbana Allyson amp;Gabbana amp; Satchel Leather Dolce Brown CERT C Secure Coding CON33-C CWE More Abstract Avoid race conditions when using library functions
CERT C Secure Coding ENV33-C CWE More Abstract Do not call system()
CERT C Secure Coding ERR07-C Prefer functions that support error checking over equivalent functions that don't
CERT C Secure Coding ERR34-C CWE More Abstract Detect errors when converting a string to a number
CERT C Secure Coding FIO01-C Be careful using functions that use file names for identification
CERT C Secure Coding MSC30-C CWE More Abstract Do not use the rand() function for generating pseudorandom numbers
CERT C Secure Coding STR31-C Imprecise Guarantee that storage for strings has sufficient space for character data and the null terminator
Software Fault Patterns SFP3 Use of an improper API
Leather Brown Allyson Dolce amp;Gabbana Gabbana amp; Satchel Dolce References
[REF-554] Michael Howard. "Security Development Lifecycle (SDL) Banned Function Calls". < http://msdn.microsoft.com/en-us/library/bb288454.aspx>.
[REF-7] Michael Howard and David LeBlanc. "Writing Secure Code". Chapter 5, "Safe String Handling" Page 156, 160. 2nd Edition. Microsoft Press. 2002-12-04. < https://www.microsoftpressstore.com/store/writing-secure-code-9780735617223>.
[REF-62] Mark Dowd, John McDonald and Justin Schuh. "The Art of Software Security Assessment". Chapter 8, "C String Handling", Page 388. 1st Edition. Addison Wesley. 2006.
Dolce Satchel Allyson amp; Leather Gabbana Dolce amp;Gabbana Brown Content History
Submissions
Submission Date Submitter Organization
7 Pernicious Kingdoms
Modifications
Modification Date Modifier Organization
2008-07-01 Sean Eidemiller Cigital
added/updated demonstrative examples
2008-07-01 Eric Dalci Cigital
updated Potential_Mitigations, Time_of_Introduction
2008-09-08 CWE Content Team MITRE
updated Applicable_Platforms, Relationships, Other_Notes, Taxonomy_Mappings, Weakness_Ordinalities
2008-11-24 CWE Content Team MITRE
updated Relationships, Taxonomy_Mappings
2009-07-27 CWE Content Team MITRE
updated Relationships
2010-02-16 CWE Content Team MITRE
updated Demonstrative_Examples, Other_Notes, References, Relationship_Notes
2011-06-01 CWE Content Team MITRE
updated Common_Consequences
2011-06-27 CWE Content Team Gabbana amp;Gabbana Brown Leather Allyson Dolce Satchel amp; Dolce MITRE
updated Common_Consequences, Observed_Examples, Potential_Mitigations, References, Relationships
2011-09-13 CWE Content Team MITRE
updated Potential_Mitigations, Relationships, Taxonomy_Mappings
2012-05-11 CWE Content Team MITRE
updated References, Related_Attack_Patterns, Relationships, Weakness_Ordinalities
2014-07-30 CWE Content Team MITRE
updated Detection_Factors, Relationships, Taxonomy_Mappings
2017-05-03 CWE Content Team MITRE
updated Related_Attack_Patterns
2017-11-08 CWE Content Team MITRE
updated Causal_Nature, References, Relationships, Taxonomy_Mappings
2018-03-27 CWE Content Team MITRE
updated References

More information is available — Please select a different filter.
Page Last Updated: March 29, 2018 
 

Use of the Common Weakness Enumeration and the associated references from this website are subject to the Terms of Use. For more information, please email cwe@mitre.org.

CWE is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 2006-2017, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.