CWE-619: Dangling Database Cursor ('Cursor Injection')

BaseIncomplete

If a database cursor is not closed properly, then it could become accessible to other users while retaining the same privileges that were originally assigned, leaving the cursor "dangling."

View on MITRE

Back to CWE Lookup

Extended Description

For example, an improper dangling cursor could arise from unhandled exceptions. The impact of the issue depends on the cursor's role, but SQL injection attacks are commonly possible.

Technical Details

Structure: Simple

Applicable To

Languages

SQL

Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-619

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references