A feature, API, or function does not perform according to its specification.
CVE-2003-0187Program uses large timeouts on unconfirmed connections resulting from inconsistency in linked lists implementations.
CVE-2003-0465"strncpy" in Linux kernel acts different than libc on x86, leading to expected behavior difference - sort of a multiple interpretation error?
CVE-2005-3265Buffer overflow in product stems the use of a third party library function that is expected to have internal protection against overflows, but doesn't.