DoS: Crash, Exit, or Restart, DoS: Resource Consumption (Memory), DoS: Instability
Affects: Availability
This weakness can generally lead to undefined behavior and therefore crashes. When the calculated result is used for resource allocation, this weakness can cause too many (or too few) resources to be allocated, possibly enabling crashes if the product requests more resources than can be provided.
Modify Memory
Affects: Integrity
If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the overflow/wraparound results in other conditions such as buffer overflows, further memory corruption may occur.
Execute Unauthorized Code or Commands, Bypass Protection Mechanism
Affects: Confidentiality, Availability, Access Control
This weakness can sometimes trigger buffer overflows, which can be used to execute arbitrary code. This is usually outside the scope of the product's implicit security policy.
Alter Execution Logic, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU)
Affects: Availability, Other
If the overflow/wraparound occurs in a loop index variable, this could cause the loop to terminate at the wrong time - too early, too late, or not at all (i.e., infinite loops). With too many iterations, some loops could consume too many resources such as memory, file handles, etc., possibly leading to a crash or other DoS.
Bypass Protection Mechanism
Affects: Access Control
If integer values are used in security-critical decisions, such as calculating quotas or allocation limits, integer overflows can be used to cause an incorrect security decision.
