CWE-176 : Improper Handling of Unicode Encoding

The product does not properly handle when an input contains Unicode encoding.

Created: 2006-07-19 Updated: 2024-02-29 Source: https://cwe.mitre.org/data/definitions/176.html
Vulnerabilities related to CWE-176

Related CAPEC definitions

An attacker may provide a Unicode string to a system component that is not Unicode aware and use that to circumvent the filter or cause the classifying mechanism to fail to properly understanding the request. That may allow the attacker to slip malicious data past the content filter and/or possibly cause the application to route the request incorrectly.
Please note that CWE definitions are provided as a quick reference only. Visit http://cwe.mitre.org/ for a complete list of CWE entries and for more details.
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close