CWE-789 - Memory Allocation with Excessive Size Value
CWE-789
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Draft
- Weakness Name
Memory Allocation with Excessive Size Value
- Description
The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
- Common Consequences
Scope: Availability
Impact: DoS: Resource Consumption (Memory)
Notes: Not controlling memory allocation can result in a request for too much system memory, possibly leading to a crash of the application due to out-of-memory conditions, or the consumption of a large amount of memory on the system.
- Related Weaknesses
- Release Date:
- 2009-10-29
- Latest Modification Date:
- 2023-06-29
Free security scan for your website