CWE•Base•Incomplete•3 recent CVEs
CWE-805Buffer Access with Incorrect Length Value
Description
The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
When the length value exceeds the size of the destination, a buffer overflow could occur.
Common consequences
- Integrity,Confidentiality,Availability→Read Memory,Modify Memory,Execute Unauthorized Code or CommandsBuffer overflows often can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy. This can often be used to subvert any other security service.
- Availability→Modify Memory,DoS: Crash, Exit, or Restart,DoS: Resource Consumption (CPU)Buffer overflows generally lead to crashes. Other attacks leading to lack of availability are possible, including putting the program into an infinite loop.
Potential mitigations
- Requirements[object Object]
- Architecture and Design[object Object]
- Operation,Build and Compilation[object Object]
- Implementation[object Object]
- Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
- Operation,Build and Compilation[object Object]
- Operation[object Object]
- Architecture and Design,OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the product or its environment. For example, database applications rarely need to run as the database adm
- Architecture and Design,Operation[object Object]