CWE-130 - Improper Handling of Length Parameter Inconsistency

Description

The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

Latest vulnerabilities for CWE-130

Multiple vulnerabilities in Mitsubishi Electric MELSEC and MELIPC Series 2021-12-01
Medium Yes

Multiple vulnerabilities in lMitsubishi Electric FA engineering software products 2021-02-22
Medium Yes

References

Description of CWE-130 on Mitre website