CWE-681 - Incorrect Conversion between Numeric Types
CWE-681 High
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Incorrect Conversion between Numeric Types
- Description
When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.
- Common Consequences
Scope: Other, Integrity
Impact: Unexpected State, Quality Degradation
Notes: The program could wind up using the wrong number and generate incorrect results. If the number is used to allocate resources or make a security decision, then this could introduce a vulnerability.
- Related Weaknesses
- Release Date:
- 2008-04-11
- Latest Modification Date:
- 2024-02-29
Free security scan for your website