Scope | Impact | Likelihood |
---|---|---|
Confidentiality | Read Memory Note: If the expired pointer is used in a read operation, an attacker might be able to control data read in by the application. | |
Availability | DoS: Crash, Exit, or Restart Note: If the expired pointer references a memory location that is not accessible to the product, or points to a location that is "malformed" (such as NULL) or larger than expected by a read or write operation, then a crash may occur. | |
Integrity Confidentiality Availability | Execute Unauthorized Code or Commands Note: If the expired pointer is used in a function call, or points to unexpected data in a write operation, then code execution may be possible. |
Reference | Description |
---|---|
access of expired memory address leads to arbitrary code execution | |
stale pointer issue leads to denial of service and possibly other consequences | |
Chain: a message having an unknown message type may cause a reference to uninitialized memory resulting in a null pointer dereference (CWE-476) or dangling pointer (CWE-825), possibly crashing the system or causing heap corruption. | |
read of value at an offset into a structure after the offset is no longer valid |
Name | Organization | Date | Date Release | Version |
---|---|---|---|---|
CWE Content Team | MITRE | 1.10 |
Name | Organization | Date | Comment |
---|---|---|---|
CWE Content Team | MITRE | updated Demonstrative_Examples, Potential_Mitigations, Relationships | |
CWE Content Team | MITRE | updated Demonstrative_Examples, Relationships | |
CWE Content Team | MITRE | updated Alternate_Terms | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Observed_Examples | |
CWE Content Team | MITRE | updated Research_Gaps | |
CWE Content Team | MITRE | updated Common_Consequences, Description | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Mapping_Notes |