|
|
|
|
CWE-236: Improper Handling of Undefined Parameters| | Improper Handling of Undefined Parameters |
|
| Weakness ID: 236 (Weakness Base) | | Status: Draft |
 Description
Description Summary The software does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product.
Time of Introduction
- Architecture and Design
- Implementation
Common Consequences | Scope | Effect |
|---|
Integrity | Technical Impact: Unexpected state |
Observed Examples | Reference | Description |
|---|
| CVE-2002-1488 | Crash in IRC client via PART message from a
channel the user is not in. |
| CVE-2001-0650 | Router crash or bad route modification using BGP
updates with invalid transitive attribute. |
Relationships | Nature | Type | ID | Name | View(s) this relationship pertains to |
|---|
| ChildOf |  Weakness Class | 233 | Parameter Problems | Development Concepts (primary)699 Research Concepts (primary)1000 |
Taxonomy Mappings | Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
|---|
| PLOVER | | | Undefined Parameter Error |
Content History | Submissions |
|---|
| Submission Date | Submitter | Organization | Source |
|---|
| PLOVER | | Externally Mined | | | Modifications |
|---|
| Modification Date | Modifier | Organization | Source |
|---|
| 2008-07-01 | Eric Dalci | Cigital | External | | updated Time_of_Introduction | | 2008-09-08 | CWE Content Team | MITRE | Internal | | updated Relationships, Observed_Example,
Taxonomy_Mappings | | 2009-03-10 | CWE Content Team | MITRE | Internal | | updated Description, Name | | 2011-06-01 | CWE Content Team | MITRE | Internal | | updated Common_Consequences | | 2011-06-27 | CWE Content Team | MITRE | Internal | | updated Common_Consequences | | Previous Entry Names |
|---|
| Change Date | Previous Entry
Name |
|---|
| 2008-04-11 | Undefined Parameter
Error | | | 2009-03-10 | Failure to Handle Undefined
Parameter | |
|
