SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CWE

Integer Overflow to Buffer Overflow

ID: 680		Date: (C)2012-05-14 (M)2022-10-10
Type: compound element		Status: DRAFT
Abstraction Type: Base

Description

The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.

Applicable Platforms
Language Class: All

Related Attack Patterns

CAPEC-10
CAPEC-100
CAPEC-14
CAPEC-24
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-67
CAPEC-8
CAPEC-9
CAPEC-92

Common Consequences

Scope	Technical Impact	Notes
Integrity Availability Confidentiality	Modify memory DoS: crash / exit / restart Execute unauthorized code or commands

Detection Methods
None

Potential Mitigations
None

Relationships

Related CWE	Type	View	Chain
CWE-680 StartsWith CWE-190	Weakness	CWE-709	CWE-680

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings
None

References:
None


30430



423868



247621



909



194512



282