Read Time:43 Second

Description

A’s behavior or functionality changes with a new version of A, or a new environment, which is not known (or manageable) by B.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-435

 

Consequences

Other: Quality Degradation, Varies by Context

 

Potential Mitigations

CVE References

  • CVE-2002-1976
    • Linux kernel 2.2 and above allow promiscuous mode using a different method than previous versions, and ifconfig is not aware of the new method (alternate path property).
  • CVE-2005-1711
    • Product uses defunct method from another product that does not return an error code and allows detection avoidance.
  • CVE-2003-0411
    • chain: Code was ported from a case-sensitive Unix platform to a case-insensitive Windows platform where filetype handlers treat .jsp and .JSP as different extensions. JSP source code may be read because .JSP defaults to the filetype “text”.