Out-of-bounds Read |
Weakness ID: 125 (Weakness Base) | Status: Draft |
Description Summary
The software reads data past the end, or before the beginning, of the intended buffer.
Extended Description
This typically occurs when the pointer or its index is incremented or decremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in corruption of sensitive information, a crash, or code execution among other things.
Reference | Description |
---|---|
CVE-2004-0112 | out-of-bounds read due to improper length check |
CVE-2004-0183 | packet with large number of specified elements cause out-of-bounds read. |
CVE-2004-0221 | packet with large number of specified elements cause out-of-bounds read. |
CVE-2004-0184 | out-of-bounds read, resultant from integer underflow |
CVE-2004-1940 | large length value causes out-of-bounds read |
CVE-2004-0421 | malformed image causes out-of-bounds read |
Ordinality | Description |
---|---|
Primary | (where the weakness exists independent of other weaknesses) |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Class | 119 | Failure to Constrain Operations within the Bounds of a Memory Buffer | Development Concepts (primary)699 Research Concepts (primary)1000 |
ParentOf | Weakness Variant | 126 | Buffer Over-read | Development Concepts699 Research Concepts1000 |
ParentOf | Weakness Variant | 127 | Buffer Under-read | Development Concepts699 Research Concepts1000 |
Under-studied and under-reported. Most issues are probably labeled as buffer overflows. |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Applicable Platforms, Relationships, Taxonomy Mappings, Weakness Ordinalities | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Description |