The CWE team researches handled the obtained data according to theView-1003method to reduce the specificity of records. For example, CWE-122 (Heap-Based Buffer Overflow) is converted to basic CWE-787 (Out-of-Bounds Write). The CWE team also filtered the data and removed from the Top 25 l...
121 Stack-based buffer overflow Array access with tainted index (Polyspace Bug Finder) Destination buffer overflow in string manipulation (Polyspace Bug Finder) 122 Heap-based buffer overflow Pointer dereference with tainted offset (Polyspace Bug Finder) 124 Buffer underwrite ('Buffer underflow') Array...
Red Hat has also suggested several improvements to the CWE Software Development View. We proposed adding a common weakness in the software developmentCWE-416: Use After Freeto the “Resource Management Errors” category. Additionally, we proposed adding theCWE-122: Heap-based Buffer Overflowweakness ...
void bad_heap() { int *buffer = (int *) malloc(10 * sizeof(int)); // 40 bytes int i = 0; for(; i <= 10; i++) { // Defect: writes buffer[10] and overruns memory buffer[i] = i; } } 下面的示例显示了在运行时确定缓冲区大小时的缓冲区越界访问错误。 void test(int i) ...
CVE-2009-2403 Heap-based buffer overflow in media player using a long entry in a playlist CVE-2009-0689 large precision value in a format string triggers overflow CVE-2009-0690 negative offset value leads to out-of-bounds read CVE-2009-1532 malformed inputs cause accesses of uninitialized or...
Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-122: Heap-based Buffer Overflow CWE-123: Write-what-where Condition CWE-124: Buffer Underwrite ('Buffer Underflow') CWE-125: Out-of-bounds Read CWE-126: Buffer ...
Red Hat has also suggested several improvements to the CWE Software Development View. We proposed adding a common weakness in the software developmentCWE-416: Use After Freeto the “Resource Management Errors” category. Additionally, we proposed adding theCWE-122: Heap-based Buffer Overflowweakness...
Red Hat has also suggested several improvements to the CWE Software Development View. We proposed adding a common weakness in the software developmentCWE-416: Use After Freeto the “Resource Management Errors” category. Additionally, we proposed adding theCWE-122: Heap-based Buffer Overflowweakness...
Erfahren Sie, wie wir eine flexiblere Zukunft mit Hybrid Clouds schaffen. Sicherheit Erfahren Sie, wie wir Risiken in verschiedenen Umgebungen und Technologien reduzieren Edge Computing Erfahren Sie das Neueste von den Plattformen, die die Operations am Edge vereinfachen ...