CWE-439: Behavioral Change in New Version or Environment
Behavioral Change in New Version or Environment
Weakness ID: 439 (Weakness Base) Status: Draft
Description
Description Summary
A's behavior or functionality changes with a new version of A,
or a new environment, which is not known (or manageable) by
B.
Alternate Terms
Time of Introduction
Architecture and Design
Implementation
Observed Examples
Reference Description CVE-2002-1976 Linux kernel 2.2 and above allow promiscuous mode
using a different method than previous versions, and ifconfig is not aware
of the new method (alternate path property). CVE-2005-1711 Product uses defunct method from another product
that does not return an error code and allows detection
avoidance. CVE-2003-0411 chain: Code was ported from a case-sensitive Unix
platform to a case-insensitive Windows platform where filetype handlers
treat .jsp and .JSP as different extensions. JSP source code may be read
because .JSP defaults to the filetype "text".
Relationships
Nature Type ID Name View(s) this relationship pertains to ChildOf Weakness Class 435 Interaction Error Research Concepts (primary) 1000
ChildOf Category 438 Behavioral Problems Development Concepts (primary) 699
Taxonomy Mappings
Mapped Taxonomy Name Node ID Fit Mapped Node Name PLOVER CHANGE Behavioral Change
Content History
Submissions Submission Date Submitter Organization Source PLOVER Externally Mined Modifications Modification Date Modifier Organization Source 2008-07-01 Eric Dalci Cigital External updated Time of Introduction 2008-09-08 CWE Content Team MITRE Internal updated Relationships, Observed Example,
Taxonomy Mappings 2008-11-24 CWE Content Team MITRE Internal updated Observed Examples
Description
