CWE-175 - Improper Handling of Mixed Encoding

Home/CWEs/CWE info/

CWE-175

Abstraction:
Variant

Structure:
Simple

Status:
Draft

Weakness Name: Improper Handling of Mixed Encoding

Description: The product does not properly handle when the same input uses several different (mixed) encodings.

Common Consequences: Scope: Integrity
Impact: Unexpected State

Related Weaknesses: CWE-172Encoding Error

Release Date:
2006-07-19

Latest Modification Date:
2023-06-29

Latest Security News

Windows 11 KB5046740 update released with 14 changes and fixes

Chinese hackers target Linux with new WolfsBane malware

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls

CISA says BianLian ransomware now focuses only on data theft

Microsoft disrupts ONNX phishing-as-a-service infrastructure

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

Common Alerts

HighSpring4Shell

HighSession Fixation

HighNoSQL Injection - MongoDB (Time Based)

LowPermissions Policy Header Not Set

MediumInteger Overflow Error

HighPath Traversal

MediumPotential IP Addresses Found in the Viewstate

HighExternal Redirect

MediumInsecure HTTP Method

HighAdvanced SQL Injection

Latest CVE List

CVE-2024-44308 Apple Multiple Products Code Execution Vulnerability

CVE-2024-44309 Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability

CVE-2024-21287 Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability

CVE-2024-38812 VMware vCenter Server Heap-Based Buffer Overflow Vulnerability

CVE-2024-38813 VMware vCenter Server Privilege Escalation Vulnerability

CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability

CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability

CVE-2024-9474 Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability

CVE-2024-9463 Palo Alto Networks Expedition OS Command Injection Vulnerability

CVE-2024-9465 Palo Alto Networks Expedition SQL Injection Vulnerability

Common CWEs

CWE-921 Storage of Sensitive Data in a Mechanism without Access Control

CWE-1073 Non-SQL Invokable Control Element with Excessive Number of Data Resource Accesses

CWE-474 Use of Function with Inconsistent Implementations

CWE-1339 Insufficient Precision or Accuracy of a Real Number

CWE-410 Insufficient Resource Pool

CWE-1391 Use of Weak Credentials

CWE-760 Use of a One-Way Hash with a Predictable Salt

CWE-102 Struts: Duplicate Validation Forms

CWE-1301 Insufficient or Incomplete Data Removal within Hardware Component

CWE-181 Incorrect Behavior Order: Validate Before Filter

Free security scan for your website

Don't show website scan report rating on the leaderboard

CWE-175 - Improper Handling of Mixed Encoding

The product does not properly handle when the same input uses several different (mixed) encodings.