logo

CWE-787 - Out-of-bounds Write

CWE-787 High

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Out-of-bounds Write

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Common Consequences

Scope: Integrity

Impact: Modify Memory, Execute Unauthorized Code or Commands

Notes: Write operations could cause memory corruption. In some cases, an adversary can modify control data such as return addresses in order to execute unexpected code.

Scope: Availability

Impact: DoS: Crash, Exit, or Restart

Notes: Attempting to access out-of-range, invalid, or unauthorized memory could cause the product to crash.

Scope: Other

Impact: Unexpected State

Notes: Subsequent write operations can produce undefined or unexpected results.

Related Weaknesses
CWE-119
  • Release Date:
  • 2009-10-29
  • Latest Modification Date:
  • 2024-07-16