2010 CWE/SANS Top 25 Most Dangerous Programming Errors

Tuesday Feb 16th 2010 by Datamation.com Staff
Share:

Security organizations assemble their annual list of common mistakes which can allow attackers to completely take over the software, steal data, or prevent the software from working at all.

CWE/SANS: The SANS Institute, MITRE, and other top software security experts have once again compiled a list of "the most widespread and critical programming errors that can lead to serious software vulnerabilities."

Here's a quick look at the top five:

  1. Failure to Preserve Web Page Structure ('Cross-site Scripting')
  2. Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection')
  3. Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  4. Cross-Site Request Forgery (CSRF)
  5. Improper Access Control (Authorization)
Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved