CWE-587 1 個 CVE MITRE 定義 ↗

CWE-587:Assignment of a Fixed Address to a Pointer

概覽

CWE-587(Assignment of a Fixed Address to a Pointer)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。

安全影響
安全影響:因產品與情境而異;請結合 CVE 紀錄、嚴重度評分與 MITRE 說明進行優先級判斷。

描述

The product sets a pointer to a specific address other than NULL or 0.

適用平台

類型 名稱 普遍性 OS / CPE
language Memory-Unsafe Undetermined
language C Undetermined
language C++ Undetermined
language C# Undetermined
language Assembly Undetermined

本庫相關 CVE

下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。

CVE 公開時間 摘要
CVE-2021-28216 2021-08-05 BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.

內容提交

名稱
CWE Content Team
組織
MITRE
日期
2006-12-15
版本
Draft 5

內容修訂

日期 名稱 版本 重要性 評論
2008-07-01 Eric Dalci 1.0 updated Time_of_Introduction
2008-08-01 1.0 added/updated white box definitions
2008-09-08 CWE Content Team 1.0 updated Applicable_Platforms, Description, Relationships, Other_Notes, Weakness_Ordinalities
2008-11-24 CWE Content Team 1.1 updated Relationships, Taxonomy_Mappings
2009-03-10 CWE Content Team 1.3 updated Relationships
2009-07-27 CWE Content Team 1.5 updated Common_Consequences, Description, Other_Notes
2011-06-01 CWE Content Team 1.13 updated Common_Consequences
2011-09-13 CWE Content Team 2.1 updated Relationships, Taxonomy_Mappings
2012-05-11 CWE Content Team 2.2 updated Demonstrative_Examples, Relationships
2014-07-30 CWE Content Team 2.8 updated Relationships, Taxonomy_Mappings
2017-11-08 CWE Content Team 3.0 updated Applicable_Platforms, Taxonomy_Mappings, White_Box_Definitions
2019-01-03 CWE Content Team 3.2 updated Relationships
2021-03-15 CWE Content Team 4.4 updated Common_Consequences, Weakness_Ordinalities
2023-01-31 CWE Content Team 4.10 updated Description
2023-04-27 CWE Content Team 4.11 updated Relationships, Time_of_Introduction, Type
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2024-02-29 CWE Content Team 4.14 updated Demonstrative_Examples
2025-09-09 CWE Content Team 4.18 updated Affected_Resources, Functional_Areas
2025-12-11 CWE Content Team 4.19 updated Applicable_Platforms, Detection_Factors, References
cvelogic Threat Intelligence