Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.
View on MITREThis is generally found in proxies, firewalls, anti-virus software, and other intermediary devices that monitor, allow, deny, or modify traffic based on how the client or server is expected to behave.
No mitigation information available for this CWE.
No detection method information available for this CWE.
Bypass filters or poison web cache using requests with multiple Content-Length headers, a non-standard behavior.
View DetailsAnti-virus product allows bypass via Content-Type and Content-Disposition headers that are mixed case, which are still processed by some clients.
View DetailsFTP clients sending a command with "PASV" in the argument can cause firewalls to misinterpret the server's error as a valid response, allowing filter bypass.
View DetailsFTP clients sending a command with "PASV" in the argument can cause firewalls to misinterpret the server's error as a valid response, allowing filter bypass.
View DetailsVirus product bypass with spaces between MIME header fields and the ":" separator, a non-standard message that is accepted by some clients.
View DetailsAV product detection bypass using inconsistency manipulation (file extension in MIME Content-Type vs. Content-Disposition field).
View DetailsCMS system allows uploads of files with GIF/JPG extensions, but if they contain HTML, Internet Explorer renders them as HTML instead of images.
View DetailsInterpretation conflict allows XSS via invalid "<" when a ">" is expected, which is treated as ">" by many web browsers.
View DetailsInterpretation conflict (non-standard behavior) enables XSS because browser ignores invalid characters in the middle of tags.
View DetailsCWE-436: Interpretation Conflict is a Common Weakness Enumeration (CWE) entry maintained by MITRE. Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state. This is generally found in proxies, firewalls, anti-virus software, and other intermediary devices that monitor, allow, deny, or modify traffic based on how the client or server is expected to behave.
If exploited, CWE-436 (Interpretation Conflict) it can compromise Integrity and Other, leading to outcomes such as Unexpected State and Varies by Context.
CWE-436 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
MITRE documents real CVEs mapped to CWE-436, including CVE-2005-1215, CVE-2002-0485, CVE-2002-1978, CVE-2002-1979 and CVE-2002-0637. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.
A CWE (Common Weakness Enumeration) like CWE-436 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.