Statements (40)
Predicate | Object |
---|---|
gptkbp:instanceOf |
software vulnerability category
|
gptkbp:affects |
memory safety
|
gptkbp:alsoKnownAs |
gptkb:Buffer_Overflow
|
gptkbp:category |
memory corruption vulnerabilities
|
gptkbp:cause |
arbitrary code execution
data corruption system crash security bypass |
gptkbp:commonIn |
C and C++ programs
|
gptkbp:consequence |
information disclosure
denial of service escalation of privilege |
gptkbp:describes |
failure to restrict operations within the bounds of a buffer
|
gptkbp:documentedIn |
MITRE CWE database
|
gptkbp:example |
reading before the start of a buffer
writing past the end of an array |
gptkbp:firstPublished |
2006
|
gptkbp:hasChild |
CWE-120 (Classic Buffer Overflow)
CWE-121 (Stack-based Buffer Overflow) CWE-122 (Heap-based Buffer Overflow) CWE-124 (Buffer Underwrite) CWE-131 (Incorrect Calculation of Buffer Size) CWE-805 (Buffer Access with Incorrect Length Value) |
gptkbp:hasIdol |
gptkb:CWE-119
|
https://www.w3.org/2000/01/rdf-schema#label |
CWE-119 (Buffer Overflow)
|
gptkbp:mitigatedBy |
bounds checking
compiler protections safe programming languages |
gptkbp:name |
Improper Restriction of Operations within the Bounds of a Memory Buffer
|
gptkbp:parent |
CWE-664 (Improper Control of a Resource Through its Lifetime)
|
gptkbp:partOf |
gptkb:Common_Weakness_Enumeration_(CWE)
|
gptkbp:referencedIn |
https://cwe.mitre.org/data/definitions/119.html
|
gptkbp:relatedTo |
CWE-120 (Classic Buffer Overflow)
CWE-121 (Stack-based Buffer Overflow) CWE-122 (Heap-based Buffer Overflow) |
gptkbp:usedBy |
vulnerability databases
static analysis tools software security researchers |
gptkbp:bfsParent |
gptkb:Common_Weakness_Enumeration_(CWE)
|
gptkbp:bfsLayer |
7
|