Read Time:54 Second

Description

The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

Modes of Introduction:

– Implementation

Likelihood of Exploit:

 

Related Weaknesses

CWE-704
CWE-704
CWE-119

 

Consequences

Availability, Integrity, Confidentiality: Read Memory, Modify Memory, Execute Unauthorized Code or Commands, DoS: Crash, Exit, or Restart

When a memory buffer is accessed using the wrong type, it could read or write memory out of the bounds of the buffer, if the allocated buffer is smaller than the type that the code is attempting to access, leading to a crash and possibly code execution.

 

Potential Mitigations

CVE References

 

  • CVE-2010-4577
    • Type confusion in CSS sequence leads to out-of-bounds read.
  • CVE-2011-0611
    • Size inconsistency allows code execution, first discovered when it was actively exploited in-the-wild.
  • CVE-2010-0258
    • Improperly-parsed file containing records of different types leads to code execution when a memory location is interpreted as a different object than intended.