The product does not record, or improperly records, security-relevant information that leads to an incorrect decision or hampers later analysis.
CVE-2004-2227Web browser's filename selection dialog only shows the beginning portion of long filenames, which can trick users into launching executables with dangerous extensions.
CVE-2003-0412application server does not log complete URI of a long request (truncation).
CVE-1999-1029Login attempts are not recorded if the user disconnects before the maximum number of tries.
CVE-2002-0725Attacker performs malicious actions on a hard link to a file, obscuring the real target file.
CVE-1999-1055Product does not warn user when document contains certain dangerous functions or macros.