Failure to Handle Incomplete Element
Weakness ID: 239 (Weakness Base)Status: Draft
+ Description

Description Summary

The software does not properly handle when a particular element is not completely specified.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms



+ Observed Examples
CVE-2002-1532HTTP GET without \r\n\r\n CRLF sequences causes product to wait indefinitely and prevents other users from accessing it.
CVE-2003-0195Partial request is not timed out.
CVE-2005-2526MFV. CPU exhaustion in printer via partial printing request then early termination of connection.
CVE-2002-1906CPU consumption by sending incomplete HTTP requests and leaving the connections open.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class237Improper Handling of Structural Elements
Development Concepts (primary)699
Research Concepts (primary)1000
PeerOfWeakness BaseWeakness Base404Improper Resource Shutdown or Release
Research Concepts1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERIncomplete Element
+ Content History
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Observed Example, Taxonomy Mappings
2009-10-29CWE Content TeamMITREInternal
updated Description
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Incomplete Element