- What is CWE-119?
- The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
- What CVEs are caused by CWE-119?
- 1,804 recorded CVEs are attributed to CWE-119, including CVE-2021-22991, CVE-2010-3765, CVE-2008-4250. 45 are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Is CWE-119 part of the OWASP Top 10?
- CWE-119 maps to OWASP Top Ten 2004: Buffer Overflows (A5) in the OWASP security taxonomy.
- How do you prevent CWE-119?
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- How is CWE-119 detected?
- Automated Static Analysis: This weakness can often be detected using automated static analysis tools. Many modern tools use data flow analysis or constraint-based techniques to minimize the number of false positives.
- What are the consequences of CWE-119?
- Exploiting CWE-119 can lead to: Execute Unauthorized Code or Commands, Modify Memory, Read Memory, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory).
- Is CWE-119 actively exploited?
- Yes. 45 CWE-119 vulnerabilities are in CISA's KEV catalog of actively exploited flaws, out of 1,804 recorded CVEs.