CWE
Home > CWE List > CWE-118 Individual Dictionary Definition (Draft 9)   View the CWE List

CWE-118 Individual Dictionary Definition (Draft 9)

Range Errors
Weakness ID
Status: Incomplete

118 (Weakness Class)

Description

Summary

Weaknesses in this category occur when expected boundaries can be exceeded.

Relationships
NatureTypeIDName
ChildOfCategoryCategory19Data Handling
ParentOfWeakness ClassWeakness ClassWeakness Class119Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer
ParentOfWeakness BaseWeakness BaseWeakness Base130Length Parameter Inconsistency
Applicable Platforms

All

Related Attack Patterns
CAPEC-IDAttack Pattern Name
10Buffer Overflow via Environment Variables
14Client-side Injection-induced Buffer Overflow
24Filter Failure through Buffer Overflow
8Buffer Overflow in an API Call
9Buffer Overflow in Local Command-Line Utilities
45Buffer Overflow via Symbolic Links
46Overflow Variables and Tags
47Buffer Overflow via Parameter Expansion
Back to top
Page Last Updated: April 21, 2008
 

CWE is sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is hosted by The MITRE Corporation.
Copyright 2008, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us