CWE
Home > CWE List > VIEW LIST: CWE-680: Integer Overflow to Buffer Overflow (1.6)  

CWE-680: Integer Overflow to Buffer Overflow

 
Integer Overflow to Buffer Overflow
Definition in a New Window Definition in a New Window
Compound Element ID: 680 (Compound Element Base: Chain)Status: Draft
+ Description

Description Summary

The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.
+ Applicable Platforms

Languages

All

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)Named Chain(s) this relationship pertains toChain(s)
ChildOfWeakness ClassWeakness Class20Improper Input Validation
Research Concepts (primary)1000
StartsWithWeakness BaseWeakness Base190Integer Overflow or Wraparound
Named Chains (primary)709
Integer Overflow to Buffer Overflow680
+ Relevant Properties
  • Validity
+ Content History
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships
2009-03-10CWE Content TeamMITREInternal
updated Related Attack Patterns
more
Page Last Updated: October 29, 2009
 

CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.

This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CWE and the CWE logo are trademarks of The MITRE Corporation.

Contact cwe@mitre.org for more information.
Privacy policy
Terms of use
Contact us