CWE-1045: Parent Class with a Virtual Destructor and a Child Class without a Virtual Destructor

Overview

CWE-1045 (Parent Class with a Virtual Destructor and a Child Class without a Virtual Destructor) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.

Common consequences

What can happen when CWE-1045 is exploited.

Reduce Reliability

Affects: Other

This issue can prevent the product from running reliably, since the child might not perform essential destruction operations. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability, such as a memory leak (CWE-401).

How it happens

When it is introduced

Typically introduced during these phases of the software lifecycle.

Implementation

How this weakness relates to others in the CWE hierarchy.

Parent

CWE-1076: Insufficient Adherence to Expected Conventions

Mapped taxonomies

CWE-1045: Parent Class with a Virtual Destructor and a Child Class without a Virtual Destructor

Overview

Common consequences

How it happens

When it is introduced

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-1045?

What are the consequences of CWE-1045?

References

Stay ahead of CWE-1045

Mapped taxonomies

Overview

Common consequences

How it happens

When it is introduced

Related weaknesses

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CWE-1045?

What are the consequences of CWE-1045?

References

Stay ahead of CWE-1045