Tag Archives: Failure to Handle Incomplete Element

CWE-239 – Failure to Handle Incomplete Element

Read Time:31 Second

Description

The software does not properly handle when a particular element is not completely specified.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-237
CWE-404

 

Consequences

Integrity, Other: Varies by Context, Unexpected State

 

Potential Mitigations

CVE References

  • CVE-2002-1532
    • HTTP GET without rnrn CRLF sequences causes product to wait indefinitely and prevents other users from accessing it.
  • CVE-2005-2526
    • MFV. CPU exhaustion in printer via partial printing request then early termination of connection.
  • CVE-2002-1906
    • CPU consumption by sending incomplete HTTP requests and leaving the connections open.