CWE WEAKNESSES / CWE-240
CWE-240
Improper Handling of Inconsistent Structural Elements
Base
What it is
The product does not handle or incorrectly handles when two or more structural elements should be consistent, but are not.
Impact
| Integrity, Other | Varies by Context, Unexpected State |
Real-world CVE examples
- CVE-2014-0160 — Chain: "Heartbleed" bug receives an inconsistent length parameter (CWE-130) enabling an out-of-bounds read (CWE-126), returning memory that could include privat
- CVE-2009-2299 — Web application firewall consumes excessive memory when an HTTP request contains a large Content-Length value but no POST data.
Related weaknesses
Test & detect
Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.
Source: MITRE CWE. View on cwe.mitre.org →