CWE-123: Write-what-where Condition
ID
CWE-123
Abstraction
Base
Structure
Simple
Status
Draft
Number of CVEs
29
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.
Modes of Introduction
| Phase | Note |
|---|---|
| Implementation |
Applicable Platforms
| Type | Class | Name | Prevalence |
|---|---|---|---|
| Language | C | ||
| Language | C++ |
Relationships
| View | Weakness | |||||||
|---|---|---|---|---|---|---|---|---|
| # ID | View | Status | # ID | Name | Abstraction | Structure | Status | |
| CWE-1000 | Research Concepts | Draft | CWE-787 | Out-of-bounds Write | Base | Simple | Draft | |
| CWE-1305 | CISQ Quality Measures (2020) | Incomplete | CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | Class | Simple | Stable | |
| CWE-1340 | CISQ Data Protection Measures | Incomplete | CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer | Class | Simple | Stable | |
CVEs Published
CVSS Severity
CVSS Severity - By Year
CVSS Base Score
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |
Loading...