The system files must be referenced through absolute paths.
This requirement is verified in following services
- CWE™-73. External control of file name or path
- CWE™-710. Improper adherence to coding standards
- SANS 25-8. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- SANS 25-11. NULL Pointer Dereference
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.