A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference.
Extended Description
N/A
ThreatScore
Threat Mapped score: 0.0
Industry: Finiancial
Threat priority: Unclassified
Observed Examples (CVEs)
No observed examples available.
Related Attack Patterns (CAPEC)
N/A
Attack TTPs
N/A
Modes of Introduction
Phase
Note
Implementation
N/A
Common Consequences
Impact: Read Memory, Modify Memory — Notes:
Potential Mitigations
None listed.
Applicable Platforms
C (N/A, Undetermined)
C++ (N/A, Undetermined)
Demonstrative Examples
N/A
Notes
Maintenance: This entry should have a chaining relationship with CWE-119 instead of a parent / child relationship, however the focus of this weakness does not map cleanly to any existing entries in CWE. A new parent is being considered which covers the more generic problem of incorrect return values. There is also an abstract relationship to weaknesses in which one component sends incorrect messages to another component; in this case, one routine is sending an incorrect value to another.