This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Description
Attack Execution Flow
4
1
Step 1
ExploreThe first step is exploratory meaning the attacker looks for an integer variable that they can control.
AI Translation
Il primo passo è esplorativo, ovvero l'attaccante cerca una variabile intera che possa controllare.
2
Step 2
ExperimentThe attacker finds an integer variable that they can write into or manipulate and try to get the value of the integer out of the possible range.
AI Translation
L'attaccante individua una variabile intera su cui può scrivere o manipolare e cerca di far uscire il valore dell'intero dal range possibile.
3
Step 3
ExploitThe integer variable is forced to have a value out of range which set its final value to an unexpected value.
AI Translation
La variabile intera viene forzata ad assumere un valore fuori dal range, impostando il suo valore finale a un valore inatteso.
4
Step 4
ExploitThe target host acts on the data and unexpected behavior may happen.
AI Translation
L'host di destinazione agisce sui dati e potrebbe verificarsi un comportamento inatteso.
Mitigations
4
Always Do Bound Checking Before Consuming User Input Data.
Carefully Review The Service'S Implementation Before Making It Available To User. For Instance You Can Use Manual Or Automated Code Review To Uncover Vulnerabilities Such As Integer Overflow.
Use A Language Or Compiler That Performs Automatic Bounds Checking.
Use An Abstraction Library To Abstract Away Risky Apis. Not A Complete Solution.
Consequences
Security Scopes Affected
Access Control
Authorization
Availability
Confidentiality
Integrity
Potential Impacts
Execute Unauthorized Commands
Gain Privileges
Modify Data
Read Data
Unreliable Execution