CWE-797 – Only Filtering Special Elements at an Absolute Position

Read Time:18 Second

Description

The software receives data from an upstream component, but only accounts for special elements at an absolute position (e.g. “byte number 10”), thereby missing remaining special elements that may exist before sending it to a downstream component.

Modes of Introduction:

– Implementation

Likelihood of Exploit:

 

Related Weaknesses

CWE-795

 

Consequences

Integrity: Unexpected State

 

Potential Mitigations

CVE References