CWE · MITRE source
CWE-787Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
Last updated: 04 July 2026 00:28 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: mostly · 7 mapping(s) from 1 framework(s): ATT&CK 7 (mostly)
NIST 800-53 r5 controls that address this weakness (1)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SI-16 | Memory Protection | SI | Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections. |
MITRE ATT&CK techniques this weakness enables
Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.
Direction: ← other covers this;
→ this covers other (F/M/P = full / mostly /
partial).
T1068 Exploitation for Privilege Escalation←P →MT1190 Exploit Public-Facing Application←P →MT1203 Exploitation for Client Execution←M →MT1210 Exploitation of Remote Services←P →MT1211 Exploitation for Stealth←P →MT1212 Exploitation for Credential Access←P →MT1687 Exploitation for Defense Impairment←P →M
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2008-2992 KEV | 10.0 | 7.8 | 0.9848 | 2008-11-04 |
CVE-2009-0563 KEV | 10.0 | 7.8 | 0.6308 | 2009-06-10 |
CVE-2009-1862 KEV | 10.0 | 7.8 | 0.2501 | 2009-07-23 |
CVE-2009-3129 KEV | 10.0 | 7.8 | 0.8573 | 2009-11-11 |
CVE-2009-3953 KEV | 10.0 | 8.8 | 0.8357 | 2010-01-13 |
CVE-2010-1297 KEV | 10.0 | 7.8 | 0.8230 | 2010-06-08 |
CVE-2010-2883 KEV | 10.0 | 7.3 | 0.8248 | 2010-09-09 |
CVE-2010-3333 KEV | 10.0 | 7.8 | 0.8950 | 2010-11-10 |
CVE-2010-4398 KEV | 10.0 | 7.8 | 0.0866 | 2010-12-06 |
CVE-2010-4344 KEV | 10.0 | 9.8 | 0.7179 | 2010-12-14 |
CVE-2011-2462 KEV | 10.0 | 9.8 | 0.8624 | 2011-12-07 |
CVE-2012-0754 KEV | 10.0 | 8.1 | 0.9203 | 2012-02-16 |
CVE-2012-1889 KEV | 10.0 | 8.8 | 0.8364 | 2012-06-13 |
CVE-2012-2539 KEV | 10.0 | 7.8 | 0.5316 | 2012-12-12 |
CVE-2013-0640 KEV | 10.0 | 7.8 | 0.8698 | 2013-02-14 |
CVE-2013-3163 KEV | 10.0 | 8.8 | 0.7068 | 2013-07-10 |
CVE-2013-3346 KEV | 10.0 | 9.8 | 0.7858 | 2013-08-30 |
CVE-2013-3918 KEV | 10.0 | 8.8 | 0.7387 | 2013-11-12 |
CVE-2014-1761 KEV | 10.0 | 7.8 | 0.7773 | 2014-03-25 |
CVE-2014-4404 KEV | 10.0 | 7.8 | 0.4905 | 2014-09-18 |
CVE-2015-1641 KEV | 10.0 | 7.8 | 0.9733 | 2015-04-14 |
CVE-2015-3043 KEV | 10.0 | 9.8 | 0.7983 | 2015-04-14 |
CVE-2015-3113 KEV | 10.0 | 9.8 | 0.9994 | 2015-06-23 |
CVE-2015-2419 KEV | 10.0 | 8.8 | 0.4454 | 2015-07-14 |
CVE-2015-2424 KEV | 10.0 | 8.8 | 0.3850 | 2015-07-14 |