CWE

CWE-236 – Improper Handling of Undefined Parameters

May 26, 2022 rocco

Read Time:24 Second

Description

The software does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product.

Modes of Introduction:

– Architecture and Design

Related Weaknesses

Consequences

Integrity: Unexpected State

Potential Mitigations

CVE References

CVE-2002-1488
- Crash in IRC client via PART message from a channel the user is not in.

CVE-2001-0650
- Router crash or bad route modification using BGP updates with invalid transitive attribute.

News, Advisories and much more

Exit mobile version