CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > CWE List > CWE- Individual Dictionary Definition (2.11)  
ID

CWE-239: Failure to Handle Incomplete Element

Weakness ID: 239
Abstraction: Variant
Status: Draft
Presentation Filter:
+ Description

Description Summary

The software does not properly handle when a particular element is not completely specified.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

All

+ Common Consequences
ScopeEffect
Integrity
Other

Technical Impact: Varies by context; Unexpected state

+ Observed Examples
ReferenceDescription
HTTP GET without \r\n\r\n CRLF sequences causes product to wait indefinitely and prevents other users from accessing it.
Partial request is not timed out.
MFV. CPU exhaustion in printer via partial printing request then early termination of connection.
CPU consumption by sending incomplete HTTP requests and leaving the connections open.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness BaseWeakness Base237Improper Handling of Structural Elements
Development Concepts (primary)699
Research Concepts (primary)1000
ChildOfCategoryCategory993SFP Secondary Cluster: Incorrect Input Handling
Software Fault Pattern (SFP) Clusters (primary)888
PeerOfWeakness BaseWeakness Base404Improper Resource Shutdown or Release
Research Concepts1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERIncomplete Element
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time_of_Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Observed_Example, Taxonomy_Mappings
2009-10-29CWE Content TeamMITREInternal
updated Description
2011-06-01CWE Content TeamMITREInternal
updated Common_Consequences
2011-06-27CWE Content TeamMITREInternal
updated Common_Consequences
2012-05-11CWE Content TeamMITREInternal
updated Relationships
2013-07-17CWE Content TeamMITREInternal
updated Type
2014-07-30CWE Content TeamMITREInternal
updated Relationships
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Incomplete Element

More information is available — Please select a different filter.
Page Last Updated: May 05, 2017