CWE-239: Failure to Handle Incomplete Element

Description

The product does not properly handle when a particular element is not completely specified.

Extended Description

N/A

ThreatScore

Threat Mapped score: 0.0

Industry: Finiancial

Threat priority: Unclassified

Observed Examples (CVEs)

CVE: CVE-2002-1532

HTTP GET without \r\n\r\n CRLF sequences causes product to wait indefinitely and prevents other users from accessing it.
CVE: CVE-2003-0195

Partial request is not timed out.
CVE: CVE-2005-2526

MFV. CPU exhaustion in printer via partial printing request then early termination of connection.
CVE: CVE-2002-1906

CPU consumption by sending incomplete HTTP requests and leaving the connections open.

Related Attack Patterns (CAPEC)

N/A

Attack TTPs

N/A

Modes of Introduction

Phase	Note
Implementation	N/A

Common Consequences

Impact: Varies by Context, Unexpected State — Notes:

Potential Mitigations

None listed.

Applicable Platforms

None (Not Language-Specific, Undetermined)

Demonstrative Examples

N/A

Notes

No notes available.

← Back to CWE list