CWE-680 - Integer Overflow to Buffer Overflow
- Abstraction:Compound
- Structure:Chain
- Status:Draft
- Release Date:2008-04-11
- Latest Modification Date:2024-02-29
Weakness Name
Integer Overflow to Buffer Overflow
Description
The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.
Common Consequences
Scope: Integrity, Availability, Confidentiality
Impact: Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands