CWE-680Integer Overflow to Buffer Overflow

PUBLISHEDweakness record
released 2008-04-11 · last modified 2025-12-11

Metadata

CWE ID:
CWE-680
摘要:
Compound
结构:
Chain
状态:
Draft
发布日期:
2008-04-11
更新日期:
2025-12-11

名称

Integer Overflow to Buffer Overflow

描述

The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.

常见后果

范围:
Integrity, Availability, Confidentiality
影响:
Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands

相关 CWE