Description
A’s behavior or functionality changes with a new version of A, or a new environment, which is not known (or manageable) by B.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
CWE-435
Consequences
Other: Quality Degradation, Varies by Context
Potential Mitigations
CVE References
- CVE-2002-1976
- Linux kernel 2.2 and above allow promiscuous mode using a different method than previous versions, and ifconfig is not aware of the new method (alternate path property).
- CVE-2005-1711
- Product uses defunct method from another product that does not return an error code and allows detection avoidance.
- CVE-2003-0411
- chain: Code was ported from a case-sensitive Unix platform to a case-insensitive Windows platform where filetype handlers treat .jsp and .JSP as different extensions. JSP source code may be read because .JSP defaults to the filetype “text”.
