QwikSec

Security Database

CVE

CWE

Training

CWE Database
/

CWE-683

Back to CWE list

CWE-683

Function Call With Incorrect Order of Arguments

Variant
Draft

Description

The product calls a function, procedure, or routine, but the caller specifies the arguments in an incorrect order, leading to resultant weaknesses.

While this weakness might be caught by the compiler in some languages, it can occur more frequently in cases in which the called function accepts variable numbers or types of arguments, such as format strings in C. It also can occur in languages or environments that do not enforce strong typing.

Common Consequences

Scope

Other

Impact

Quality Degradation

Potential Mitigations

Implementation

Use the function, procedure, or routine as specified.

CVE-2006-7049

Application calls functions with arguments in the wrong order, allowing attacker to bypass intended access restrictions.

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now