CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Read Time:36 Second

Description

The software does not handle or incorrectly handles a compressed input with a very high compression ratio that produces a large output.

An example of data amplification is a “decompression bomb,” a small ZIP file that can produce a large amount of data when it is decompressed.

Modes of Introduction:

– Architecture and Design

Related Weaknesses

CWE-405

Consequences

Availability: DoS: Amplification, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)

System resources, CPU and memory, can be quickly consumed. This can lead to poor system performance or system crash.

Potential Mitigations

CVE References

CVE-2009-1955
- XML bomb in web server module

CVE-2003-1564
- Parsing library allows XML bomb

InCVE-2009-1955, CWE- 409, Improper Handling of Highly Compressed Data (Data Amplification)

The Most Dangerous Vulnerabilities in Apache Tomcat and How to Protect Against Them

Apache Tomcat is an open-source web server and servlet container that is widely used in enterprise environments to run Java...

rocco

February 19, 2023February 19, 2023

ZDI-CAN-18333: A Critical Zero-Day Vulnerability in Microsoft Windows

Zero-day vulnerabilities are a serious threat to cybersecurity, as they can be exploited by malicious actors to gain unauthorized access...

rocco

February 19, 2023February 19, 2023

CWE-669 – Incorrect Resource Transfer Between Spheres

Description The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere,...

rocco

May 26, 2022

CWE-67 – Improper Handling of Windows Device Names

Description The software constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a...

rocco

May 26, 2022May 26, 2022

CWE-670 – Always-Incorrect Control Flow Implementation

Description The code contains a control flow path that does not reflect the algorithm that the path is intended to...

rocco

May 26, 2022May 26, 2022

CWE-671 – Lack of Administrator Control over Security

Description The product uses security features in a way that prevents the product's administrator from tailoring security settings to reflect...

rocco

May 26, 2022May 26, 2022

Ransomware Attack Exposes Data of 5.6 Million Ascension Patients

Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP

Criminal Complaint against LockBit Ransomware Writer

Cryptomining Malware Found in Popular Open Source Packages

Interpol Identifies Over 140 Human Traffickers in New Initiative

ICO Warns of Mobile Phone Festive Privacy Snafu

Friday Squid Blogging: Squid Sticker

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

CWE-409 – Improper Handling of Highly Compressed Data (Data Amplification)

Description

Related Weaknesses

Consequences

Potential Mitigations

CVE References

The Most Dangerous Vulnerabilities in Apache Tomcat and How to Protect Against Them

ZDI-CAN-18333: A Critical Zero-Day Vulnerability in Microsoft Windows

CWE-669 – Incorrect Resource Transfer Between Spheres

CWE-67 – Improper Handling of Windows Device Names

CWE-670 – Always-Incorrect Control Flow Implementation

CWE-671 – Lack of Administrator Control over Security