References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-65 CWE
19 Deadly Sins of Software Security
M. Howard, D. LeBlanc, J. Viega · 2005
2 citation(s)
REF-66 CWE
ASP.NET Misconfiguration: Missing Custom Error Handling
OWASP, Fortify Software
1 citation(s)
REF-74 CWE
Top 25 Series - Rank 3 - Classic Buffer Overflow
Jason Lam · 2010
1 citation(s)
REF-76 CWE
Least Privilege
Sean Barnum, Michael Gegick · 2005
17 citation(s)
REF-90 CWE
Buffer UNDERFLOWS: What do you know about it?
· 2004
2 citation(s)
REF-96 CWE
Top 25 Series - Rank 14 - Improper Validation of Array Index
Jason Lam · 2010
1 citation(s)
REF-103 CWE
How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI
Microsoft Corporation
1 citation(s)
REF-104 CWE
How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
Microsoft Corporation
1 citation(s)
REF-105 CWE
.NET Framework Developer's Guide - Securing Connection Strings
Microsoft Corporation
1 citation(s)
REF-106 CWE
SafeInt
David LeBlanc, Niels Dekker
3 citation(s)
REF-107 CWE
Top 25 Series - Rank 18 - Incorrect Calculation of Buffer Size
Jason Lam · 2010
1 citation(s)
REF-116 CWE
Format String Vulnerabilities in Perl Programs
Steve Christey
1 citation(s)
REF-117 CWE
Programming Language Format String Vulnerabilities
Hal Burch, Robert C. Seacord
1 citation(s)
REF-118 CWE
Format String Attacks
Tim Newsham · 2000
1 citation(s)
REF-124 CWE
When scrubbing secrets in memory doesn't work
Michael Howard · 2002
1 citation(s)
REF-125 CWE
Some Bad News and Some Good News
Michael Howard · 2002
1 citation(s)
REF-126 CWE
GNU GCC: Optimizer Removes Code Necessary for Security
Joseph Wagner · 2002
1 citation(s)
REF-140 CWE
Exploiting Software: How to Break Code
Greg Hoglund, Gary McGraw · 2004
4 citation(s)
REF-141 CWE
Blacklist defenses as a breeding ground for vulnerability variants
Steve Christey · 2006
1 citation(s)
REF-145 CWE
An overview of common programming security vulnerabilities and possible solutions
Yves Younan · 2003
1 citation(s)
REF-146 CWE
Basic Integer Overflows
blexim · 2002
1 citation(s)
REF-150 CWE
Top 25 Series - Rank 17 - Integer Overflow Or Wraparound
Johannes Ullrich · 2010
1 citation(s)
REF-155 CWE
Third Generation Exploits
Halvar Flake
1 citation(s)
REF-156 CWE
Off-by-one errors: a brief explanation
Steve Christey · 2004
1 citation(s)
REF-157 CWE
The Frame Pointer Overwrite
klog · 1999
1 citation(s)
REF-161 CWE
C Language Issues for Application Security
John McDonald, Mark Dowd, Justin Schuh · 2008
1 citation(s)
REF-162 CWE
Integral Security
Robert Seacord · 2006
1 citation(s)
REF-166 CWE
Input Validation with ESAPI - Very Important
Jim Manico · 2008
1 citation(s)
REF-168 CWE
Hacking Exposed Web Applications, Second Edition
Joel Scambray, Mike Shema, Caleb Sima · 2006
1 citation(s)
REF-170 CWE
The importance of input validation
Kevin Beaver · 2006
1 citation(s)
REF-172 CWE
Mobile App Top 10 List
Chris Wysopal · 2010
6 citation(s)
REF-174 CWE
Information Leakage
Web Application Security Consortium
1 citation(s)
REF-175 CWE
Secure Programming with Static Analysis
Brian Chess, Jacob West · 2007
1 citation(s)
REF-176 CWE
Writing Secure Code
Michael Howard, David LeBlanc · 2001
2 citation(s)
REF-179 CWE
Top 25 Series - Rank 16 - Information Exposure Through an Error Message
Johannes Ullrich · 2010
1 citation(s)
REF-185 CWE
Testing for Path Traversal (OWASP-AZ-001)
OWASP
2 citation(s)
REF-186 CWE
Top 25 Series - Rank 7 - Path Traversal
Johannes Ullrich · 2010
1 citation(s)
REF-192 CWE
OWASP Attack listing
OWASP
1 citation(s)
REF-194 CWE
Herb Schildt's C++ Programming Cookbook
Herbert Schildt · 2008
1 citation(s)
REF-196 CWE
The Protection of Information in Computer Systems
Jerome H. Saltzer, Michael D. Schroeder · 1975
9 citation(s)
REF-199 CWE
United States Government Configuration Baseline (USGCB)
NIST
2 citation(s)
REF-207 CWE
Building Secure Software: How to Avoid Security Problems the Right Way
John Viega, Gary McGraw · 2002
8 citation(s)
REF-229 CWE
Role Based Access Control and Role Based Security
NIST
3 citation(s)
REF-231 CWE
Top 25 Series - Rank 5 - Improper Access Control (Authorization)
Frank Kim · 2010
3 citation(s)
REF-233 CWE
Authentication using JAAS
Rahul Bhattacharjee
3 citation(s)
REF-236 CWE
Weak Password Brings 'Happiness' to Twitter Hacker
Kim Zetter · 2009
2 citation(s)
REF-237 CWE
Top 10 2007-Broken Authentication and Session Management
OWASP · 2007
1 citation(s)
REF-238 CWE
Guide to Authentication
OWASP
1 citation(s)
REF-239 CWE
Authentication
Microsoft
1 citation(s)
REF-243 CWE
Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security
Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, Bernd Freisleben · 2012
2 citation(s)
« 2 / 21 »