CWE-1056
Invokable Control Element with Variadic Parameters
Incomplete
2019-01-03 00:00 +00:00
2024-02-29 00:00 +00:00
Alerte pour un CWE
Stay informed of any changes for a specific CWE.
Invokable Control Element with Variadic Parameters
A named-callable or method control element has a signature that
supports a variable (variadic) number of parameters or arguments.
Extended Description
This issue can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.
With variadic arguments, it can be difficult or inefficient for manual analysis to be certain of which function/method is being invoked.
Informations
Common Consequences
| Scope | Impact | Likelihood |
|---|---|---|
| Other | Reduce Reliability |
Vulnerability Mapping Notes
Rationale : This entry is primarily a quality issue with no direct security implications.Comments : Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.
References
REF-961
Automated Source Code Reliability Measure (ASCRM)Object Management Group (OMG).
http://www.omg.org/spec/ASCRM/1.0/
Submission
| Name | Organization | Date | Date Release | Version |
|---|---|---|---|---|
| CWE Content Team | MITRE | 3.2 |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Mapping_Notes |
2024©
tesweb SA
