References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-372 CWE
Exceptions and Exception Handling (C# Programming Guide)
Microsoft
1 citation(s)
REF-374 CWE
Does Java pass by reference or pass by value?
Tony Sintes · 2000
1 citation(s)
REF-375 CWE
Java: The Complete Reference, J2SE 5th Edition
Herbert Schildt
1 citation(s)
REF-386 CWE
Detection and Prediction of Resource-Exhaustion Vulnerabilities
Joao Antunes, Nuno Ferreira Neves, Paulo Verissimo · 2008
2 citation(s)
REF-387 CWE
Resource exhaustion
D.J. Bernstein
2 citation(s)
REF-388 CWE
Resource exhaustion
Pascal Meunier · 2004
2 citation(s)
REF-390 CWE
How to Break Software Security
J. Whittaker, H. Thompson · 2003
1 citation(s)
REF-391 CWE
Transitioning to ARC Release Notes
iOS Developer Library · 2013
2 citation(s)
REF-392 CWE
File descriptors and setuid applications
Paul Roberts · 2007
1 citation(s)
REF-393 CWE
Introduction to Secure Coding Guide
Apple
1 citation(s)
REF-395 CWE
Algorithmic Complexity Attacks
Scott A. Crosby, Dan S. Wallach · 2003
1 citation(s)
REF-402 CWE
Exploiting design flaws in the Win32 API for privilege escalation. Or... Shatter Attacks - How to break Windows
Paget · 2002
1 citation(s)
REF-409 CWE
Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
Georgi Guninski · 2000
1 citation(s)
REF-410 CWE
ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1)
Mitja Kolsek · 2010
1 citation(s)
REF-411 CWE
Automatic Detection of Vulnerable Dynamic Component Loadings
Taeho Kwon, Zhendong Su
1 citation(s)
REF-412 CWE
Dynamic-Link Library Search Order
· 2010
1 citation(s)
REF-413 CWE
Dynamic-Link Library Security
· 2010
1 citation(s)
REF-414 CWE
An update on the DLL-preloading remote attack vector
· 2010
1 citation(s)
REF-415 CWE
Insecure Library Loading Could Allow Remote Code Execution
· 2010
1 citation(s)
REF-416 CWE
Application DLL Load Hijacking
H D Moore · 2010
1 citation(s)
REF-417 CWE
DLL Hijacking: Facts and Fiction
Oliver Lavery · 2010
1 citation(s)
REF-422 CWE
Dynamic File Uploads, Security and You
Richard Stanway (r1CH)
1 citation(s)
REF-423 CWE
8 Basic Rules to Implement Secure File Uploads
Johannes Ullrich · 2009
1 citation(s)
REF-424 CWE
Top 25 Series - Rank 8 - Unrestricted Upload of Dangerous File Type
Johannes Ullrich · 2010
1 citation(s)
REF-427 CWE
On Interpretation Conflict Vulnerabilities
Steve Christey · 2005
1 citation(s)
REF-428 CWE
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
Thomas H. Ptacek, Timothy N. Newsham · 1998
2 citation(s)
REF-429 CWE
0x00 vs ASP file upload scripts
Brett Moore · 2004
1 citation(s)
REF-431 CWE
Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding
David F. Skoll · 2004
1 citation(s)
REF-432 CWE
The Confused Deputy (or why capabilities might have been invented)
Norm Hardy · 1988
1 citation(s)
REF-433 CWE
HTTP Request Smuggling
Chaim Linhart, Amit Klein, Ronen Heled, Steve Orrin
1 citation(s)
REF-434 CWE
Secure Programming for Linux and Unix HOWTO
David Wheeler · 2003
1 citation(s)
REF-436 CWE
Exploiting Uninitialized Data
mercy · 2006
3 citation(s)
REF-437 CWE
MS08-014 : The Case of the Uninitialized Stack Variable Vulnerability
Microsoft Security Vulnerability Research & Defense · 2008
2 citation(s)
REF-442 CWE
EXP01-A. Do not take the sizeof a pointer to determine the size of a type
Robert Seacord
1 citation(s)
REF-453 CWE
OWASP , Attack Category : Mobile code: object hijack
OWASP
1 citation(s)
REF-454 CWE
Introduction to Code Signing
Microsoft
1 citation(s)
REF-455 CWE
Authenticode
Microsoft
1 citation(s)
REF-456 CWE
Code Signing Guide
Apple · 2008
1 citation(s)
REF-457 CWE
Secure Software Updates: Disappointments and New Challenges
Anthony Bellissimo, John Burgess, Kevin Fu
1 citation(s)
REF-459 CWE
Top 25 Series - Rank 20 - Download of Code Without Integrity Check
Johannes Ullrich · 2010
1 citation(s)
REF-461 CWE
Exploiting Deserialization Vulnerabilities in Java
Matthias Kaiser · 2015
1 citation(s)
REF-462 CWE
PHP unserialization vulnerabilities: What are we missing?
Sam Thomas · 2015
1 citation(s)
REF-463 CWE
Marshalling Pickles: How deserializing objects can ruin your day
Gabriel Lawrence, Chris Frohoff · 2015
1 citation(s)
REF-464 CWE
Unserializing user-supplied data, a bad idea
Heine Deelstra · 2010
2 citation(s)
REF-465 CWE
Black Hat EU 2010 - Attacking Java Serialized Communication
Manish S. Saindane · 2010
1 citation(s)
REF-466 CWE
Why Python Pickle is Insecure
Nadia Alramli · 2009
2 citation(s)
REF-467 CWE
Exploiting misuse of Python's "pickle"
Nelson Elhage · 2011
1 citation(s)
REF-468 CWE
Deserialize My Shorts: Or How I Learned to Start Worrying and Hate Java Object Deserialization
Chris Frohoff · 2016
1 citation(s)
REF-474 CWE
Thread-Specifc Storage for C/C++
Douglas C. Schmidt, Timothy H. Harrison, Nat Pryce
1 citation(s)
REF-478 CWE
Intrinsic Locks and Synchronization (in Java)
1 citation(s)
« 4 / 21 »