Description
The product isn't able to perform a proper verification of input. Such problems can influence program data flow handling.
In case of absence of proper input checking attackers can create and input data causing changes of control flow, arbitrary control of a resource, or arbitrary code execution.
The weakness is introduced during Architecture and Design, Implementation stages. It allows offenders:
-to bring the program to stop;
-to provoke excessive spending of the resources;
-to read and compromise private data;
-to set arbitrary command execution.
Latest vulnerabilities for CWE-20
References
Description of CWE-20 on Mitre website