Software vulnerabilities can result when a programmer fails to consider all possible data states.
Failing to take into account all possibilities within a logic statement can lead to a corrupted running state, possibly resulting in unintentional information disclosure or abnormal termination.
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
MSC01-A |
2 (medium) |
1 (unlikely) |
2 (medium) |
P4 |
L3 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[Hatton 95|AA. C References#Hatton 95]\] Section 2.7.2, "Errors of omission and addition" \[[Viega 05|AA. C References#Viega 05]\] Section 5.2.17, "Failure to account for default case in switch" |