[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 909 Download | Alert*

The product does not sufficiently encapsulate critical data or functionality.

The program compares classes by name, which can cause it to use the wrong class when multiple classes can have the same name.

Java packages are not inherently closed; therefore, relying on them for code security is not a good practice.

The product does not sufficiently enforce boundaries between the states of different sessions, causing data to be provided to, or used by, the wrong session.

The application can be deployed with active debugging code that can create unintended entry points.

A software system that accepts path input in the form of trailing slash ('filedir/') without appropriate validation can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.

Weaknesses in this category are frequently found in mobile code.

A class has a cloneable() method that is not declared final, which allows an object to be created without calling the constructor. This can cause the object to be in an unexpected state.

Inner classes are translated into classes that are accessible at package scope and may expose code that the programmer intended to keep private to attackers.

The product has a critical public variable that is not final, which allows the variable to be modified to contain unexpected values.


Pages:      Start    34    35    36    37    38    39    40    41    42    43    44    45    46    47    ..   90

© SecPod Technologies