CAPEC | Related Weakness |
Overflow Variables and Tags |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
CWE-733 | Compiler Optimization Removal or Modification of Security-critical Code |
|
Buffer Overflow in an API Call |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
CWE-733 | Compiler Optimization Removal or Modification of Security-critical Code |
|
String Format Overflow in syslog() |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-134 | Use of Externally-Controlled Format String |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
|
Buffer Overflow via Environment Variables |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-99 | Improper Control of Resource Identifiers ('Resource Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-302 | Authentication Bypass by Assumed-Immutable Data |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
CWE-733 | Compiler Optimization Removal or Modification of Security-critical Code |
|
Filter Failure through Buffer Overflow |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
CWE-733 | Compiler Optimization Removal or Modification of Security-critical Code |
|
Buffer Overflow via Parameter Expansion |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-130 | Improper Handling of Length Parameter Inconsistency |
CWE-131 | Incorrect Calculation of Buffer Size |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
|
Buffer Overflow in Local Command-Line Utilities |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
CWE-733 | Compiler Optimization Removal or Modification of Security-critical Code |
|
Client-side Injection-induced Buffer Overflow |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-353 | Missing Support for Integrity Check |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
CWE-713 | OWASP Top Ten 2007 Category A2 - Injection Flaws |
|
Overflow Binary Resource File |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-697 | Incorrect Comparison |
CWE-713 | OWASP Top Ten 2007 Category A2 - Injection Flaws |
|
MIME Conversion |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
|
Buffer Overflow via Symbolic Links |
CWE-20 | Improper Input Validation |
CWE-74 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CWE-118 | Incorrect Access of Indexable Resource ('Range Error') |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-285 | Improper Authorization |
CWE-302 | Authentication Bypass by Assumed-Immutable Data |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
|
Overflow Buffers |
CWE-19 | Data Processing Errors |
CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-129 | Improper Validation of Array Index |
CWE-131 | Incorrect Calculation of Buffer Size |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-805 | Buffer Access with Incorrect Length Value |
|
Forced Integer Overflow |
CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') |
CWE-122 | Heap-based Buffer Overflow |
CWE-128 | Wrap-around Error |
CWE-190 | Integer Overflow or Wraparound |
CWE-196 | Unsigned to Signed Conversion Error |
CWE-680 | Integer Overflow to Buffer Overflow |
CWE-697 | Incorrect Comparison |
|