CWE-122: Heap-based Buffer Overflow

ID CWE-122
Abstraction Variant
Structure Simple
Status Draft
Number of CVEs 1158
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Modes of Introduction

Phase Note
Implementation

Applicable Platforms

Type Class Name Prevalence
Language C
Language C++

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-788 Access of Memory Location After End of Buffer Base Simple Incomplete
CWE-1000 Research Concepts Draft CWE-787 Out-of-bounds Write Base Simple Draft

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org
# ID Name Weaknesses
CAPEC-92 Forced Integer Overflow CWE-122

CVEs Published

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date
Loading...
Loading...