CWE-789: Memory Allocation with Excessive Size Value

VariantDraft

The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

View on MITRE

Back to CWE Lookup

Technical Details

Structure: Simple

Applicable To

Languages

CC++Not Language-Specific

Platforms

Learn More

Find Related CVEs

Search for vulnerabilities that exploit CWE-789

CVE vs CWE: What's the Difference?

Understanding vulnerabilities vs weaknesses

Understanding CVSS Scoring

How vulnerability severity is measured

View Full MITRE Entry

Complete technical details and references