CWE-127: Buffer Under-read

VariantDraft

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations prior to the targeted buffer.

View on MITRE

Back to CWE Lookup

Extended Description

This typically occurs when the pointer or its index is decremented to a position before the buffer, when pointer arithmetic results in a position before the beginning of the valid memory location, or when a negative index is used. This may result in exposure of sensitive information or possibly a crash.

Technical Details

Structure: Simple

Applicable To

Languages

CC++

Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-127

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references