CWE-680β€”Integer Overflow to Buffer Overflow

PUBLISHEDweakness record
released 2008-04-11 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-680
Abstraction:
Compound
Structure:
Chain
Status:
Draft
Release Date:
2008-04-11
Latest Modification Date:
2025-12-11

Weakness Name

Integer Overflow to Buffer Overflow

Description

The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.

Common Consequences

Scope:
Integrity, Availability, Confidentiality
Impact:
Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands

Related Weaknesses