CWE-239: Failure to Handle Incomplete Element
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product does not properly handle when a particular element is not completely specified.
常见后果
影响范围: Integrity Other
技术影响: Varies by Context Unexpected State
观察示例
参考: CVE-2002-1532
HTTP GET without \r\n\r\n CRLF sequences causes product to wait indefinitely and prevents other users from accessing it.
参考: CVE-2003-0195
Partial request is not timed out.
参考: CVE-2005-2526
MFV. CPU exhaustion in printer via partial printing request then early termination of connection.
参考: CVE-2002-1906
CPU consumption by sending incomplete HTTP requests and leaving the connections open.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
适用平台
编程语言
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| PLOVER | - | Incomplete Element | - |