2010 CWE/SANS Top 25 Most Dangerous Programming Errors

Tuesday Feb 16th 2010 by Datamation.com Staff

Security organizations assemble their annual list of common mistakes which can allow attackers to completely take over the software, steal data, or prevent the software from working at all.

CWE/SANS: The SANS Institute, MITRE, and other top software security experts have once again compiled a list of "the most widespread and critical programming errors that can lead to serious software vulnerabilities."

Here's a quick look at the top five:

  1. Failure to Preserve Web Page Structure ('Cross-site Scripting')
  2. Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection')
  3. Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  4. Cross-Site Request Forgery (CSRF)
  5. Improper Access Control (Authorization)
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved