logo

CWE-469 - Use of Pointer Subtraction to Determine Size

CWE-469 Medium

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Use of Pointer Subtraction to Determine Size

Description

The product subtracts one pointer from another in order to determine size, but this calculation can be incorrect if the pointers do not exist in the same memory chunk.

Common Consequences

Scope: Access Control, Integrity, Confidentiality, Availability

Impact: Modify Memory, Read Memory, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity

Notes: There is the potential for arbitrary code execution with privileges of the vulnerable program.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website