CWE-788

Access of Memory Location After End of Buffer

Base

Incomplete

Description

The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.

This typically occurs when a pointer or its index is incremented to a position after the buffer; or when pointer arithmetic results in a position after the buffer.

Parent Weaknesses (ChildOf)

CWE-119: Improper Restriction of Operat...

Common Consequences

Scope

Confidentiality

Impact

Read Memory

Scope

Integrity

Availability

Impact

Modify Memory, DoS: Crash, Exit, or Restart

Scope

Integrity

Impact

Modify Memory, Execute Unauthorized Code or Commands

CVE-2009-2550

Classic stack-based buffer overflow in media player using a long entry in a playlist

CVE-2009-2403

Heap-based buffer overflow in media player using a long entry in a playlist

CVE-2009-0689

large precision value in a format string triggers overflow

CVE-2009-0558

attacker-controlled array index leads to code execution

CVE-2008-4113

OS kernel trusts userland-supplied length value, allowing reading of sensitive information

CVE-2007-4268

Chain: integer signedness error (CWE-195) passes signed comparison, leading to heap overflow (CWE-122)

Applicable Platforms

Memory-Unsafe

C++

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-788

Access of Memory Location After End of Buffer

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms