Tag Archives: CVE-2003-1014

CWE-235 – Improper Handling of Extra Parameters

Read Time:21 Second

Description

The software does not handle or incorrectly handles when the number of parameters, fields, or arguments with the same name exceeds the expected amount.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-233

 

Consequences

Integrity: Unexpected State

 

Potential Mitigations

CVE References

  • CVE-2003-1014
    • MIE. multiple gateway/security products allow restriction bypass using multiple MIME fields with the same name, which are interpreted differently by clients.