DerScanner
Home / Vulnerability Database / Config files : Incorrect array handling
Config files

Config files : Incorrect array handling

Classification

CWE
CWE-119CWE-129
CWE/SANS Top 25 2021
CWE-119

Overview

Incorrect array processing may lead to various security problems, for example:

  1. Buffer overflow: If the program does not check the length of an array before writing data to it, an attacker can inject more data than the allocated buffer allows. This can cause adjacent memory areas to be overwritten, allowing the attacker to execute arbitrary code or change the state of the program.

  2. Array overruns: If the code does not include checks for array overruns when accessing array elements, an error may be introduced allowing an attacker to access memory or change variable values, which can cause the program to malfunction or perform unwanted actions.

  3. Read/write errors: Uncontrolled access to an array may lead to read/write errors. It is leads to information leaks or data changes that may affect the correct operation of the program.

References

  1. CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  2. CWE-129: Improper Validation of Array Index
LOW

DerScanner Severity Score

Do you want to fix Config files : Incorrect array handling in your application?

See also

Config files

Config files : Text4Shell Vulnerability

Config files

Config files : Incorrect directory deletion

Config files

Config files : Code injection