CWE-619

Dangling Database Cursor ('Cursor Injection')

AI Translation Available

If a database cursor is not closed properly, then it could become accessible to other users while retaining the same privileges that were originally assigned, leaving the cursor 'dangling.'

Status

incomplete

Abstraction

base

Affected Platforms

SQL Database Server

Extended Description

AI Translation

For example, an improper dangling cursor could arise from unhandled exceptions. The impact of the issue depends on the cursor's role, but SQL injection attacks are commonly possible.

Technical Details

AI Translation

Common Consequences

confidentiality integrity

Impacts

read application data modify application data

Potential Mitigations

Phases:

implementation

Descriptions:

• Close cursors immediately after access to them is complete. Ensure that you close cursors if exceptions occur.

AI Generated Translation

Common Consequences

riservatezza integrità

Impacts

leggere dati applicazione modificare dati applicazione

Potential Mitigations

Phases:

implementazione

Descriptions:

• Chiudi i cursori immediatamente dopo aver completato l'accesso ad essi. Assicurati di chiudere i cursori anche in caso di eccezioni.

CWE-619

Common Consequences

Impacts

Potential Mitigations

Common Consequences

Impacts

Potential Mitigations

Iscriviti alla newsletter