Read Time:32 Second

Description

A feature, API, or function does not perform according to its specification.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-684

 

Consequences

Other: Quality Degradation, Varies by Context

 

Potential Mitigations

CVE References

  • CVE-2003-0187
    • Program uses large timeouts on “undeserving” to compensate for inconsistency of support for linked lists.
  • CVE-2003-0465
    • “strncpy” in Linux kernel acts different than libc on x86, leading to expected behavior difference – sort of a multiple interpretation error?
  • CVE-2005-3265
    • Buffer overflow in product stems the use of a third party library function that is expected to have internal protection against overflows, but doesn’t.