Read Time:33 Second
Description
The software does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform.
When leveraging external functionality, such as an API, it is important that the caller does so in accordance with the requirements of the external functionality or else unintended behaviors may result, possibly leaving the system vulnerable to any number of exploits.
Modes of Introduction:
– Implementation
Related Weaknesses
Consequences
Other: Quality Degradation, Varies by Context
Potential Mitigations
CVE References
- CVE-2006-7140
- Crypto implementation removes padding when it shouldn’t, allowing forged signatures
- CVE-2006-4339
- Crypto implementation removes padding when it shouldn’t, allowing forged signatures