Behavioral Change in New Version or Environment
Weakness ID: 439 (Weakness Base)Status: Draft
+ Description

Description Summary

A's behavior or functionality changes with a new version of A, or a new environment, which is not known (or manageable) by B.
+ Alternate Terms
Functional change
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms



+ Observed Examples
CVE-2002-1976Linux kernel 2.2 and above allow promiscuous mode using a different method than previous versions, and ifconfig is not aware of the new method (alternate path property).
CVE-2005-1711Product uses defunct method from another product that does not return an error code and allows detection avoidance.
CVE-2003-0411chain: Code was ported from a case-sensitive Unix platform to a case-insensitive Windows platform where filetype handlers treat .jsp and .JSP as different extensions. JSP source code may be read because .JSP defaults to the filetype "text".
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class435Interaction Error
Research Concepts (primary)1000
ChildOfCategoryCategory438Behavioral Problems
Development Concepts (primary)699
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERCHANGE Behavioral Change
+ Content History
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Observed Example, Taxonomy Mappings
2008-11-24CWE Content TeamMITREInternal
updated Observed Examples
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Behavioral Change