CWE-680 - Integer Overflow to Buffer Overflow

CWE-680

Abstraction:
Compound

Structure:
Chain

Status:
Draft

Weakness Name: Integer Overflow to Buffer Overflow

Description: The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.

Common Consequences: Scope: Integrity, Availability, Confidentiality
Impact: Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands

Related Weaknesses: CWE-190Integer Overflow or WraparoundMedium

Release Date:
2008-04-11

Latest Modification Date:
2024-02-29

Free security scan for your website

Don't show website scan report rating on the leaderboard