...
Unexpected behavior can lead to a buffer overflow and the execution of arbitrary code by an attacker. This behavior is most likely if the program in one case checks the value correctly and then fails to do so later. Such a situation could allow an attacker to avoid verification of a buffer's length, and so on.
Automated detection should be possible for most cases, but it might not be able to guarantee if the value in range.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT50-CPP | Medium | Unlikely | Medium | P4 | L3 |
Automated Detection
...
Tool
...
Version
...
Checker
...
Description
...
Automated detection should be possible for most cases, but it might not be able to guarantee if the value in range.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...