logo

CWE-681 - Incorrect Conversion between Numeric Types

CWE-681 High

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Incorrect Conversion between Numeric Types

Description

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

Common Consequences

Scope: Other, Integrity

Impact: Unexpected State, Quality Degradation

Notes: The program could wind up using the wrong number and generate incorrect results. If the number is used to allocate resources or make a security decision, then this could introduce a vulnerability.

Related Weaknesses
  • Release Date:
  • 2008-04-11
  • Latest Modification Date:
  • 2024-02-29

Free security scan for your website