CWE-131 - Incorrect Calculation of Buffer Size
CWE-131 High
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Incorrect Calculation of Buffer Size
- Description
The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
- Common Consequences
Scope: Integrity, Availability, Confidentiality
Impact: DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Read Memory, Modify Memory
Notes: If the incorrect calculation is used in the context of memory allocation, then the software may create a buffer that is smaller or larger than expected. If the allocated buffer is smaller than expected, this could lead to an out-of-bounds read or write (CWE-119), possibly causing a crash, allowing arbitrary code execution, or exposing sensitive data.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website