Detalle CWE-436

CWE-436

Interpretation Conflict
Incomplete
2006-07-19
00h00 +00:00
2025-12-11
00h00 +00:00
CWE Mitre.org
Notificaciones para un CWE
Manténgase informado sobre cualquier cambio en un CWE específico.
Gestionar notificaciones

Nombre: Interpretation Conflict

Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.

Descripción CWE

This is generally found in proxies, firewalls, anti-virus software, and other intermediary devices that monitor, allow, deny, or modify traffic based on how the client or server is expected to behave.

Informaciones generales

Modos de introducción

Architecture and Design
Implementation

Plataformas aplicables

Lenguaje

Class: Not Language-Specific (Undetermined)

Tecnologías

Class: Not Technology-Specific (Undetermined)

Consecuencias comunes

Alcance Impacto Probabilidad
Integrity
Other		Unexpected State, Varies by Context

Ejemplos observados

Referencias Descripción

CVE-2005-1215

Bypass filters or poison web cache using requests with multiple Content-Length headers, a non-standard behavior.

CVE-2002-0485

Anti-virus product allows bypass via Content-Type and Content-Disposition headers that are mixed case, which are still processed by some clients.

CVE-2002-1978

FTP clients sending a command with "PASV" in the argument can cause firewalls to misinterpret the server's error as a valid response, allowing filter bypass.

CVE-2002-1979

FTP clients sending a command with "PASV" in the argument can cause firewalls to misinterpret the server's error as a valid response, allowing filter bypass.

CVE-2002-0637

Virus product bypass with spaces between MIME header fields and the ":" separator, a non-standard message that is accepted by some clients.

CVE-2002-1777

AV product detection bypass using inconsistency manipulation (file extension in MIME Content-Type vs. Content-Disposition field).

CVE-2005-3310

CMS system allows uploads of files with GIF/JPG extensions, but if they contain HTML, Internet Explorer renders them as HTML instead of images.

CVE-2005-4260

Interpretation conflict allows XSS via invalid "<" when a ">" is expected, which is treated as ">" by many web browsers.

CVE-2005-4080

Interpretation conflict (non-standard behavior) enables XSS because browser ignores invalid characters in the middle of tags.

Notas de mapeo de vulnerabilidades

Justificación : This CWE entry is a Class and might have Base-level children that would be more appropriate
Comentario : Examine children of this entry to see if there is a better fit

Patrones de ataque relacionados

CAPEC-ID Nombre del patrón de ataque
CAPEC-105 HTTP Request Splitting
CAPEC-273 HTTP Response Smuggling
CAPEC-34 HTTP Response Splitting

Referencias

REF-427

On Interpretation Conflict Vulnerabilities
Steve Christey.
https://seclists.org/bugtraq/2005/Nov/30

REF-428

Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
Thomas H. Ptacek, Timothy N. Newsham.
https://insecure.org/stf/secnet_ids/secnet_ids.pdf

REF-429

0x00 vs ASP file upload scripts
Brett Moore.
http://www.security-assessment.com/Whitepapers/0x00_vs_ASP_File_Uploads.pdf

REF-431

Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding
David F. Skoll.
https://marc.info/?l=bugtraq&m=109525864717484&w=2

REF-514

Perl CGI problems
Rain Forest Puppy.
https://phrack.org/issues/55/7

Envío

Nombre Organización Fecha Fecha de lanzamiento Version
PLOVER 2006-07-19 +00:00 2006-07-19 +00:00 Draft 3

Modificaciones

Nombre Organización Fecha Comentario
Eric Dalci Cigital 2008-07-01 +00:00 updated Time_of_Introduction
CWE Content Team MITRE 2008-09-08 +00:00 updated Relationships, Other_Notes, Taxonomy_Mappings
CWE Content Team MITRE 2008-10-14 +00:00 updated Description
CWE Content Team MITRE 2009-05-27 +00:00 updated Related_Attack_Patterns
CWE Content Team MITRE 2009-10-29 +00:00 updated Relationships
CWE Content Team MITRE 2010-02-16 +00:00 updated Relationships, Taxonomy_Mappings
CWE Content Team MITRE 2010-04-05 +00:00 updated Related_Attack_Patterns
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences
CWE Content Team MITRE 2011-06-27 +00:00 updated Common_Consequences
CWE Content Team MITRE 2012-05-11 +00:00 updated Relationships
CWE Content Team MITRE 2014-06-23 +00:00 updated Applicable_Platforms, Description, Observed_Examples, Other_Notes, References
CWE Content Team MITRE 2014-07-30 +00:00 updated Relationships
CWE Content Team MITRE 2015-12-07 +00:00 updated Relationships
CWE Content Team MITRE 2017-01-19 +00:00 updated Relationships
CWE Content Team MITRE 2017-11-08 +00:00 updated Demonstrative_Examples, Observed_Examples, References, Relationships
CWE Content Team MITRE 2018-03-27 +00:00 updated References
CWE Content Team MITRE 2019-06-20 +00:00 updated Relationships, Type
CWE Content Team MITRE 2020-02-24 +00:00 updated Relationships
CWE Content Team MITRE 2020-08-20 +00:00 updated Related_Attack_Patterns
CWE Content Team MITRE 2022-04-28 +00:00 updated Related_Attack_Patterns
CWE Content Team MITRE 2022-06-28 +00:00 updated Relationships
CWE Content Team MITRE 2023-04-27 +00:00 updated References, Relationships
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes
CWE Content Team MITRE 2025-09-09 +00:00 updated References
CWE Content Team MITRE 2025-12-11 +00:00 updated Applicable_Platforms, Relationships, Weakness_Ordinalities
La información presentada en CVE Find proviene de varias fuentes de referencia cuidadosamente seleccionadas. Los datos CVE son proporcionados por MITRE Corporation y la Base de Datos Nacional de Vulnerabilidades (NVD). El catálogo de Vulnerabilidades Explotadas Conocidas (KEV) proviene de la Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA), mientras que las puntuaciones EPSS provienen de FIRST.org. Además, los datos sobre debilidades de software (CWE) y patrones de ataque comunes (CAPEC) son mantenidos por MITRE Corporation, y la información sobre configuraciones de hardware y software (CPE) es proporcionada por la NVD.