C or C++ : Buffer overflow

Classification

OWASP ASVS

Configuration Validation, Sanitization and Encoding

PCI DSS 4.0

6.2.4

CWE

CWE-119 CWE-120 CWE-121 CWE-122 CWE-125 CWE-787

CWE/SANS Top 25 2011

CWE-120

CWE/SANS Top 25 2021

CWE-119 CWE-125 CWE-787

Overview

The program contains a possible buffer overflow. An attacker is able to overrun the buffer’s boundary and execute an arbitrary code or perform a DoS attack on the system.

References

Buffer Overflow Exploit - Dhaval Kapil
CWE-120
CWE-121
CWE-122

CRITICAL

C or C++ : Buffer overflow

Classification

Overview

References

DerScanner Severity Score

Do you want to fix C or C++ : Buffer overflow in your application?

See also

C or C++ : Dead store

C or C++ : Use after free

C or C++ : va_list uninitialized