CWE-234 - Failure to Handle Missing Parameter

  • 摘要:Variant
  • 结构:Simple
  • 状态:Incomplete
  • 发布日期:2006-07-19
  • 更新日期:2025-12-11

名称

Failure to Handle Missing Parameter

描述

If too few arguments are sent to a function, the function will still pop the expected number of arguments from the stack. Potentially, a variable number of arguments could be exhausted in a function as well.

常见后果

范围:Integrity, Confidentiality, Availability, Access Control

影响:Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity

注释:There is the potential for arbitrary code execution with privileges of the vulnerable program if function parameter list is exhausted.

范围:Availability

影响:DoS: Crash, Exit, or Restart

注释:Potentially a program could fail if it needs more arguments then are available.

相关 CWE