CWE WEAKNESSES / CWE-788
CWE-788
Access of Memory Location After End of Buffer
Base
What it is
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
This typically occurs when a pointer or its index is incremented to a position after the buffer; or when pointer arithmetic results in a position after the buffer.
Impact
| Confidentiality | Read Memory |
| Integrity, Availability | Modify Memory, DoS: Crash, Exit, or Restart |
| Integrity | Modify Memory, Execute Unauthorized Code or Commands |
Real-world CVE examples
- CVE-2009-2550 — Classic stack-based buffer overflow in media player using a long entry in a playlist
- CVE-2009-2403 — Heap-based buffer overflow in media player using a long entry in a playlist
- CVE-2009-0689 — large precision value in a format string triggers overflow
- CVE-2009-0558 — attacker-controlled array index leads to code execution
- CVE-2008-4113 — OS kernel trusts userland-supplied length value, allowing reading of sensitive information
- CVE-2007-4268 — Chain: integer signedness error (CWE-195) passes signed comparison, leading to heap overflow (CWE-122)
Related weaknesses
Test & detect
Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.
Source: MITRE CWE. View on cwe.mitre.org →