Common Weakness Enumeration
Back to CWE stats page
CWE-123
Write-what-where Condition
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.
Mitigation
Phase: Architecture and Design
Strategy: Language Selection
Description:
- Use a language that provides appropriate memory abstractions.
Mitigation
Phase: Operation
Description:
- Use OS-level preventative functionality integrated after the fact. Not a complete solution.
No CAPEC attack patterns related to this CWE.