References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-107 CWE
Top 25 Series - Rank 18 - Incorrect Calculation of Buffer Size
Jason Lam · 2010
1 citation(s)
REF-116 CWE
Format String Vulnerabilities in Perl Programs
Steve Christey
1 citation(s)
REF-117 CWE
Programming Language Format String Vulnerabilities
Hal Burch, Robert C. Seacord
1 citation(s)
REF-118 CWE
Format String Attacks
Tim Newsham · 2000
1 citation(s)
REF-124 CWE
When scrubbing secrets in memory doesn't work
Michael Howard · 2002
1 citation(s)
REF-125 CWE
Some Bad News and Some Good News
Michael Howard · 2002
1 citation(s)
REF-126 CWE
GNU GCC: Optimizer Removes Code Necessary for Security
Joseph Wagner · 2002
1 citation(s)
REF-140 CWE
Exploiting Software: How to Break Code
Greg Hoglund, Gary McGraw · 2004
4 citation(s)
REF-141 CWE
Blacklist defenses as a breeding ground for vulnerability variants
Steve Christey · 2006
1 citation(s)
REF-145 CWE
An overview of common programming security vulnerabilities and possible solutions
Yves Younan · 2003
1 citation(s)
REF-146 CWE
Basic Integer Overflows
blexim · 2002
1 citation(s)
REF-150 CWE
Top 25 Series - Rank 17 - Integer Overflow Or Wraparound
Johannes Ullrich · 2010
1 citation(s)
REF-155 CWE
Third Generation Exploits
Halvar Flake
1 citation(s)
REF-156 CWE
Off-by-one errors: a brief explanation
Steve Christey · 2004
1 citation(s)
REF-157 CWE
The Frame Pointer Overwrite
klog · 1999
1 citation(s)
REF-161 CWE
C Language Issues for Application Security
John McDonald, Mark Dowd, Justin Schuh · 2008
1 citation(s)
REF-162 CWE
Integral Security
Robert Seacord · 2006
1 citation(s)
REF-166 CWE
Input Validation with ESAPI - Very Important
Jim Manico · 2008
1 citation(s)
REF-168 CWE
Hacking Exposed Web Applications, Second Edition
Joel Scambray, Mike Shema, Caleb Sima · 2006
1 citation(s)
REF-170 CWE
The importance of input validation
Kevin Beaver · 2006
1 citation(s)
REF-172 CWE
Mobile App Top 10 List
Chris Wysopal · 2010
6 citation(s)
REF-174 CWE
Information Leakage
Web Application Security Consortium
1 citation(s)
REF-175 CWE
Secure Programming with Static Analysis
Brian Chess, Jacob West · 2007
1 citation(s)
REF-176 CWE
Writing Secure Code
Michael Howard, David LeBlanc · 2001
2 citation(s)
REF-179 CWE
Top 25 Series - Rank 16 - Information Exposure Through an Error Message
Johannes Ullrich · 2010
1 citation(s)
REF-185 CWE
Testing for Path Traversal (OWASP-AZ-001)
OWASP
2 citation(s)
REF-186 CWE
Top 25 Series - Rank 7 - Path Traversal
Johannes Ullrich · 2010
1 citation(s)
REF-192 CWE
OWASP Attack listing
OWASP
1 citation(s)
REF-194 CWE
Herb Schildt's C++ Programming Cookbook
Herbert Schildt · 2008
1 citation(s)
REF-196 CWE
The Protection of Information in Computer Systems
Jerome H. Saltzer, Michael D. Schroeder · 1975
9 citation(s)
REF-199 CWE
United States Government Configuration Baseline (USGCB)
NIST
2 citation(s)
REF-207 CWE
Building Secure Software: How to Avoid Security Problems the Right Way
John Viega, Gary McGraw · 2002
8 citation(s)
REF-229 CWE
Role Based Access Control and Role Based Security
NIST
3 citation(s)
REF-231 CWE
Top 25 Series - Rank 5 - Improper Access Control (Authorization)
Frank Kim · 2010
3 citation(s)
REF-233 CWE
Authentication using JAAS
Rahul Bhattacharjee
3 citation(s)
REF-236 CWE
Weak Password Brings 'Happiness' to Twitter Hacker
Kim Zetter · 2009
2 citation(s)
REF-237 CWE
Top 10 2007-Broken Authentication and Session Management
OWASP · 2007
1 citation(s)
REF-238 CWE
Guide to Authentication
OWASP
1 citation(s)
REF-239 CWE
Authentication
Microsoft
1 citation(s)
REF-243 CWE
Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security
Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, Bernd Freisleben · 2012
2 citation(s)
REF-244 CWE
Computer Security: Art and Science
M. Bishop · 2003
2 citation(s)
REF-245 CWE
The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software
Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, Vitaly Shmatikov · 2012
2 citation(s)
REF-249 CWE
Secure programming with the OpenSSL API, Part 2: Secure handshake
Kenneth Ballard · 2005
1 citation(s)
REF-250 CWE
An Introduction to OpenSSL Programming (Part I)
Eric Rescorla · 2001
1 citation(s)
REF-257 CWE
Top 25 Series - Rank 19 - Missing Authentication for Critical Function
Frank Kim · 2010
1 citation(s)
REF-265 CWE
Top 25 Series - Rank 10 - Missing Encryption of Sensitive Data
Frank Kim · 2010
1 citation(s)
REF-267 CWE
FIPS PUB 140-2: SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
Information Technology Laboratory, National Institute of Standards and Technology · 2001
15 citation(s)
REF-271 CWE
Top 10 2007-Insecure Communications
OWASP · 2007
1 citation(s)
REF-280 CWE
Applied Cryptography
Bruce Schneier · 1996
1 citation(s)
REF-281 CWE
Handbook of Applied Cryptography
Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone · 1996
1 citation(s)
« 11 / 30 »