CWE-469 - Use of Pointer Subtraction to Determine Size
CWE-469 Medium
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Use of Pointer Subtraction to Determine Size
- Description
The product subtracts one pointer from another in order to determine size, but this calculation can be incorrect if the pointers do not exist in the same memory chunk.
- Common Consequences
Scope: Access Control, Integrity, Confidentiality, Availability
Impact: Modify Memory, Read Memory, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity
Notes: There is the potential for arbitrary code execution with privileges of the vulnerable program.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free security scan for your website