CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

BaseIncompleteExploit Likelihood: High

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

View on MITRE

Back to CWE Lookup

Technical Details

Structure: Simple

Applicable To

Languages

CC++Assembly

Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-120

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references