[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CWE
view XML

Out-of-bounds Read

ID: 125Date: (C)2012-05-14   (M)2022-10-10
Type: weaknessStatus: DRAFT
Abstraction Type: Base





Description

The software reads data past the end, or before the beginning, of the intended buffer.

Extended Description

This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things.

Applicable Platforms
Language: C
Language: C++

Time Of Introduction

  • Implementation

Common Consequences

ScopeTechnical ImpactNotes
Confidentiality
 
Read memory
 
 

Detection Methods
None

Potential Mitigations
None

Relationships

Related CWETypeViewChain
CWE-125 ChildOf CWE-890 Category CWE-888  

Demonstrative Examples   (Details)

  1. In the following code, the method retrieves a value from an array at a specific array index location that is given as an input parameter to the method (Demonstrative Example Id DX-100)

Observed Examples

  1. CVE-2004-0112 : out-of-bounds read due to improper length check
  2. CVE-2004-0183 : packet with large number of specified elements cause out-of-bounds read.
  3. CVE-2004-0221 : packet with large number of specified elements cause out-of-bounds read.
  4. CVE-2004-0184 : out-of-bounds read, resultant from integer underflow
  5. CVE-2004-1940 : large length value causes out-of-bounds read
  6. CVE-2004-0421 : malformed image causes out-of-bounds read

For more examples, refer to CVE relations in the bottom box.

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

TaxynomyIdNameFit
PLOVER  Out-of-bounds Read
 
 

References:

  1. Michael Howard David LeBlanc John Viega .24 Deadly Sins of Software Security. McGraw-Hill. Section:'"Sin 5: Buffer Overruns." Page 89'. Published on 2010.
CVE    3579
CVE-2011-1120
CVE-2011-1122
CVE-2011-1192
CVE-2011-1113
...

© SecPod Technologies