Details
Alert Id 30003
Alert Type Active
Status beta
Risk Medium
CWE 190
WASC 3
Tags OWASP_2017_A01
OWASP_2021_A03

Summary

An integer overflow condition exists when an integer, which has not been properly checked from the input stream is used within a compiled program.

Solution

Rewrite the background program using proper checking of the size of integer being input to prevent overflows and divide by 0 errors. This will require a recompile of the background executable.

References

Code

org/zaproxy/zap/extension/ascanrulesBeta/IntegerOverflowScanRule.java