CWE-240

Improper Handling of Inconsistent Structural Elements

Base

Draft

Description

The product does not handle or incorrectly handles when two or more structural elements should be consistent, but are not.

Parent Weaknesses (ChildOf)

CWE-237: Improper Handling of Structura...

CWE-707: Improper Neutralization...

Common Consequences

Scope

Integrity

Other

Impact

Varies by Context, Unexpected State

CVE-2014-0160

Chain: "Heartbleed" bug receives an inconsistent length parameter (CWE-130) enabling an out-of-bounds read (CWE-126), returning memory that could include private cryptographic keys and other sensitive data.

CVE-2009-2299

Web application firewall consumes excessive memory when an HTTP request contains a large Content-Length value but no POST data.

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-240

Improper Handling of Inconsistent Structural Elements

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms