CWE-672 - Operation on a Resource after Expiration or Release

  • 摘要:Class
  • 结构:Simple
  • 状态:Draft
  • 发布日期:2008-04-11
  • 更新日期:2025-12-11

名称

Operation on a Resource after Expiration or Release

描述

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

常见后果

范围:Integrity, Confidentiality

影响:Modify Application Data, Read Application Data

注释:If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.

范围:Other, Availability

影响:Other, DoS: Crash, Exit, or Restart

注释:When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.

相关 CWE

CWE-666Operation on Resource in Wrong Phase of Lifetime