|
|
|
|
CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) | |
| | Improper Handling of Highly Compressed Data (Data Amplification) |
|
| Weakness ID: 409 (Weakness Base) | | Status: Incomplete |
 Description
Description Summary The software does not handle or incorrectly handles a
compressed input with a very high compression ratio that produces a large
output.
Extended Description
An example of data amplification is a "decompression bomb," a small ZIP
file that can produce a large amount of data when it is decompressed.
Time of Introduction
- Architecture and Design
- Implementation
Relationships Taxonomy Mappings | Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
|---|
| PLOVER | | | Data Amplification |
Content History | Submissions |
|---|
| Submission Date | Submitter | Organization | Source |
|---|
| PLOVER | | Externally Mined | | | Modifications |
|---|
| Modification Date | Modifier | Organization | Source |
|---|
| 2008-07-01 | Eric Dalci | Cigital | External | | updated Time of Introduction | | 2008-09-08 | CWE Content Team | MITRE | Internal | | updated Relationships,
Taxonomy Mappings | | 2008-10-14 | CWE Content Team | MITRE | Internal | | updated Description | | 2009-05-27 | CWE Content Team | MITRE | Internal | | updated Description, Name | | 2009-07-27 | CWE Content Team | MITRE | Internal | | updated Relationships |
|
