CWE-1056
Invokable Control Element with Variadic Parameters
Incomplete
2019-01-03
00h00 +00:00
00h00 +00:00
2024-02-29
00h00 +00:00
00h00 +00:00
Notifications pour un CWE
Restez informé de toutes modifications pour un CWE spécifique.
Nom: Invokable Control Element with Variadic Parameters
A named-callable or method control element has a signature that
supports a variable (variadic) number of parameters or arguments.
Description du CWE
This issue can prevent the product from running reliably. If the relevant code is reachable by an attacker, then this reliability problem might introduce a vulnerability.
With variadic arguments, it can be difficult or inefficient for manual analysis to be certain of which function/method is being invoked.
Informations générales
Conséquences courantes
| Portée | Impact | Probabilité |
|---|---|---|
| Other | Reduce Reliability |
Notes de cartographie des vulnérabilités
Justification : This entry is primarily a quality issue with no direct security implications.Commentaire : Look for weaknesses that are focused specifically on insecure behaviors that have more direct security implications.
Références
REF-961
Automated Source Code Reliability Measure (ASCRM)Object Management Group (OMG).
http://www.omg.org/spec/ASCRM/1.0/
Soumission
| Nom | Organisation | Date | Date de publication | Version |
|---|---|---|---|---|
| CWE Content Team | MITRE | 3.2 |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Mapping_Notes |
