Tag Archives: CWE- 236

CWE-236 – Improper Handling of Undefined Parameters

Read Time:24 Second

Description

The software does not handle or incorrectly handles when a particular parameter, field, or argument name is not defined or supported by the product.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-233

 

Consequences

Integrity: Unexpected State

 

Potential Mitigations

CVE References

  • CVE-2002-1488
    • Crash in IRC client via PART message from a channel the user is not in.
  • CVE-2001-0650
    • Router crash or bad route modification using BGP updates with invalid transitive attribute.