DerScanner
Home / Vulnerability Database / C or C++ : Using an insecure method
C/C++

C or C++ : Using an insecure method

Classification

CWE
CWE-676
CWE/SANS Top 25 2011
CWE-676

Overview

There is a safer analogue to the function to be called. For example, for many functions whose execution may lead to buffer overflow, there are analogues that check the buffer size: use PathCchAppend instead of PathAppend, memcpy_s instead of memcpy.

References

  1. CWE-676: Use of Potentially Dangerous Function
LOW

DerScanner Severity Score

Do you want to fix C or C++ : Using an insecure method in your application?

See also

C/C++

C or C++ : Dead store

C/C++

C or C++ : Use after free

C/C++

C or C++ : va_list uninitialized