CWE-786
Access of Memory Location Before Start of Buffer
Description
The product reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
This typically occurs when a pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of the valid memory location, or when a negative index is used.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
Read Memory
Scope
Impact
Modify Memory, DoS: Crash, Exit, or Restart
Scope
Impact
Modify Memory, Execute Unauthorized Code or Commands
CVE-2002-2227Unchecked length of SSLv2 challenge value leads to buffer underflow.
CVE-2007-4580Buffer underflow from a small size value with a large buffer (length parameter inconsistency, CWE-130)
CVE-2007-1584Buffer underflow from an all-whitespace string, which causes a counter to be decremented before the buffer while looking for a non-whitespace character.
CVE-2007-0886Buffer underflow resultant from encoded data that triggers an integer overflow.
CVE-2006-6171Product sets an incorrect buffer size limit, leading to "off-by-two" buffer underflow.
CVE-2006-4024Negative value is used in a memcpy() operation, leading to buffer underflow.
CVE-2004-2620Buffer underflow due to mishandled special characters
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now