Exposed Dangerous Method or Function
For cooperation with external actors the software has a dangerous Applications Programming Interface (API) containing unproperly limited method and function and causing other weaknesses related with different technique and approaches (e.g. ActiveX controls, Java functions, IOCTLs).
The vulnerability exposure is revealed through using of method/function only for a limited set of actors such as Internet-based access from a single web site but never for outside actors. Exposed Dangerous Method or Function allows attackers to gain privileges, obtain potentially sensitive data and even cause arbitrary code execution.
The weakness is introduced during Architecture and Design, Implementation stages.
The vulnerability exposure is revealed through using of method/function only for a limited set of actors such as Internet-based access from a single web site but never for outside actors. Exposed Dangerous Method or Function allows attackers to gain privileges, obtain potentially sensitive data and even cause arbitrary code execution.
The weakness is introduced during Architecture and Design, Implementation stages.