Description

The product divides a value by zero.

Extended Description

This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.

Likelihood of Exploit: Medium

Applicable Platforms
None

Time Of Introduction

• Implementation

Common Consequences

Detection Methods
None

Potential Mitigations
None

Relationships

Demonstrative Examples   (Details)

1. The following C# example contains a function that divides two numeric values without verifying that the input value used as the denominator is not zero. This will create an error for attempting to divide by zero, if this error is not caught by the error handling capabilities of the language, unexpected results can occur.
2. The following C/C++ example contains a function that divides two numeric values without verifying that the input value used as the denominator is not zero. This will create an error for attempting to divide by zero, if this error is not caught by the error handling capabilities of the language, unexpected results can occur.
3. The following Java example contains a function to compute an average but does not validate that the input value used as the denominator is not zero. This will create an exception for attempting to divide by zero. If this error is not handled by Java exception handling, unexpected results can occur.

Observed Examples

1. CVE-2007-3268 : Invalid size value leads to divide by zero.
2. CVE-2007-2723 : "Empty" content triggers divide by zero.
3. CVE-2007-2237 : Height value of 0 triggers divide by zero.

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

References:
None