References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-698 CWE
Windows driver vulnerabilities: the METHOD_NEITHER odyssey
Anibal Sacco · 2008
1 citation(s)
REF-699 CWE
Buffer Descriptions for I/O Control Codes
Microsoft
1 citation(s)
REF-700 CWE
Using Neither Buffered Nor Direct I/O
Microsoft
1 citation(s)
REF-701 CWE
Securing Device Objects
Microsoft
2 citation(s)
REF-702 CWE
Exploiting Windows Device Drivers
Piotr Bania
1 citation(s)
REF-704 CWE
EXP00-C. Use parentheses for precedence of operation
CERT
1 citation(s)
REF-706 CWE
Unforgivable Vulnerabilities
Steve Christey · 2007
1 citation(s)
REF-709 CWE
XSS Attacks
Jeremiah Grossman, Robert "RSnake" Hansen, Petko "pdp" D. Petkov, Anton Rager, Seth Fogie · 2007
2 citation(s)
REF-712 CWE
Cross-site scripting
· 2008
1 citation(s)
REF-714 CWE
XSS (Cross Site Scripting) Cheat Sheet
RSnake
2 citation(s)
REF-715 CWE
Mitigating Cross-site Scripting With HTTP-only Cookies
Microsoft
1 citation(s)
REF-716 CWE
Anti-XSS 3.0 Beta and CAT.NET Community Technology Preview now Live!
Mark Curphey, Microsoft
1 citation(s)
REF-718 CWE
XSS Defense HOWTO
Ivan Ristic
1 citation(s)
REF-719 CWE
Web Application Firewall
OWASP
1 citation(s)
REF-720 CWE
Web Application Firewall Evaluation Criteria
Web Application Security Consortium
1 citation(s)
REF-721 CWE
Firefox Implements httpOnly And is Vulnerable to XMLHTTPRequest
RSnake · 2007
1 citation(s)
REF-722 CWE
XMLHttpRequest allows reading HTTPOnly cookies
1 citation(s)
REF-723 CWE
Apache Wicket
1 citation(s)
REF-724 CWE
XSS (Cross Site Scripting) Prevention Cheat Sheet
OWASP
1 citation(s)
REF-725 CWE
DOM based XSS Prevention Cheat Sheet
OWASP
2 citation(s)
REF-726 CWE
Top 25 series - Rank 1 - Cross Site Scripting
Jason Lam · 2010
1 citation(s)
REF-729 CWE
Top 25 Series - Rank 11 - Hardcoded Credentials
Johannes Ullrich · 2010
1 citation(s)
REF-731 CWE
Insufficient Anti-automation
Web Application Security Consortium
2 citation(s)
REF-732 CWE
2010 CWE/SANS Top 25 Most Dangerous Software Errors
· 2010
REF-741 CWE
Top 25 Series - Rank 12 - Buffer Access with Incorrect Length Value
Jason Lam · 2010
1 citation(s)
REF-754 CWE
Top 25 Series - Rank 6 - Reliance on Untrusted Inputs in a Security Decision
Frank Kim · 2010
1 citation(s)
REF-756 CWE
Understanding ASP.NET View State
Scott Mitchell · 2004
1 citation(s)
REF-759 CWE
Top 10 2010
· 2010
REF-761 CWE
Top 10 2010-A1-Injection
OWASP
REF-762 CWE
Top 10 2010-A2-Cross-Site Scripting (XSS)
OWASP
REF-763 CWE
Top 10 2010-A3-Broken Authentication and Session Management
OWASP
REF-764 CWE
Top 10 2010-A4-Insecure Direct Object References
OWASP
REF-765 CWE
Top 10 2010-A5-Cross-Site Request Forgery (CSRF)
OWASP
REF-766 CWE
Top 10 2010-A6-Security Misconfiguration
OWASP
REF-767 CWE
Top 10 2010-A7-Insecure Cryptographic Storage
OWASP
REF-768 CWE
Top 10 2010-A8-Failure to Restrict URL Access
OWASP
REF-769 CWE
Top 10 2010-A9-Insufficient Transport Layer Protection
OWASP
REF-770 CWE
Top 10 2010-A10-Unvalidated Redirects and Forwards
OWASP
REF-773 CWE
Apache CXF Security Advisory (CVE-2010-2076)
Daniel Kulp · 2010
1 citation(s)
REF-778 CWE
Third-Party Web Widget Security FAQ
Jeremiah Grossman
1 citation(s)
REF-783 CWE
Secure Coding in C and C++
Robert C. Seacord · 2006
1 citation(s)
REF-786 CWE
Injection-safe templating languages
Jim Manico · 2010
1 citation(s)
REF-787 CWE
Can we please stop saying that XSS is boring and easy to fix!
Dinis Cruz · 2010
1 citation(s)
REF-788 CWE
Canoe: XSS prevention via context-aware output encoding
Ivan Ristic · 2010
1 citation(s)
REF-789 CWE
What is the Future of Automated XSS Defense Tools?
Jim Manico · 2011
1 citation(s)
REF-795 CWE
Business Logic Flaws and Yahoo Games
Jeremiah Grossman · 2006
1 citation(s)
REF-796 CWE
Seven Business Logic Flaws That Put Your Website At Risk
Jeremiah Grossman · 2007
1 citation(s)
REF-797 CWE
Business Logic Flaws
WhiteHat Security
1 citation(s)
REF-798 CWE
Abuse of Functionality
WASC
REF-799 CWE
Defying Logic: Theory, Design, and Implementation of Complex Systems for Testing Application Logic
Rafal Los, Prajakta Jagdale · 2011
1 citation(s)
« 16 / 30 »