Read Time:22 Second

Description

The product receives input that is expected to be well-formed – i.e., to comply with a certain syntax – but it does not validate or incorrectly validates that the input complies with the syntax.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-20

 

Consequences

Other: Varies by Context

 

Potential Mitigations

Phase: Implementation

Effectiveness: High

Description: 

CVE References

  • CVE-2007-5893
    • HTTP request with missing protocol version number leads to crash