Expected Behavior Violation
Weakness ID: 440 (Weakness Base)Status: Draft
+ Description

Description Summary

A feature, API, or function being used by a product behaves differently than the product expects.
+ Time of Introduction
  • Architecture and Design
  • Implementation
  • Operation
+ Applicable Platforms



+ Observed Examples
CVE-2003-0187Inconsistency in support of linked lists causes program to use large timeouts on "undeserving" connections.
CVE-2003-0465"strncpy" in Linux kernel acts different than libc on x86, leading to expected behavior difference - sort of a multiple interpretation error?
CVE-2005-3265Buffer overflow in product stems to the use of a third party library function that is expected to have internal protection against overflows, but doesn't.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfCategoryCategory438Behavioral Problems
Development Concepts (primary)699
ChildOfWeakness BaseWeakness Base684Failure to Provide Specified Functionality
Research Concepts (primary)1000
+ Theoretical Notes

The consistency dimension of validity is the most appropriate relevant property of an expected behavior violation. That is, the behavior of the application is not consistent with the expectations of the developer, leading to a violation of the validity property of the software.

+ Relevant Properties
  • Validity
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
PLOVERExpected behavior violation
+ Content History
Submission DateSubmitterOrganizationSource
PLOVERExternally Mined
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Relationships, Other Notes, Taxonomy Mappings
2009-10-29CWE Content TeamMITREInternal
updated Other Notes, Relevant Properties, Theoretical Notes