Read Time:22 Second

Description

The software misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-436

 

Consequences

Integrity: Unexpected State

 

Potential Mitigations

CVE References

  • CVE-2005-2225
    • Product sees dangerous file extension in free text of a group discussion, disconnects all users.
  • CVE-2001-0003
    • Product does not correctly import and process security settings from another product.