References

Bibliographic references cited across the CWE and CAPEC catalogs

All CWE CAPEC
REF-480 CWE
Valgrind
5 citation(s)
REF-482 CWE
Hold Your Sessions: An Attack on Java Session-id Generation
Zvi Gutterman · 2005
1 citation(s)
REF-483 CWE
Exploitable Redirects on the Web: Identification, Prevalence, and Defense
Craig A. Shue, Andrew J. Kalafut, Minaxi Gupta
1 citation(s)
REF-484 CWE
Open redirect vulnerabilities: definition and prevention
Russ McRee · 2008
1 citation(s)
REF-485 CWE
Top 25 Series - Rank 23 - Open Redirect
Jason Lam · 2010
1 citation(s)
REF-490 CWE
The "Double-Checked Locking is Broken" Declaration
David Bacon et al
1 citation(s)
REF-491 CWE
JSR 133 (Java Memory Model) FAQ
Jeremy Manson and Brian Goetz
1 citation(s)
REF-493 CWE
Second-Order Symlink Vulnerabilities
Steve Christey · 2005
1 citation(s)
REF-494 CWE
Crafting Symlinks for Fun and Profit
Shaun Colley · 2004
1 citation(s)
REF-496 CWE
XML External Entity (XXE) Processing
OWASP
1 citation(s)
REF-497 CWE
XML External Entity Attacks (XXE)
Sascha Herzog · 2010
1 citation(s)
REF-498 CWE
XXE (Xml eXternal Entity) Attack
Gregory Steuck
1 citation(s)
REF-499 CWE
XML External Entities (XXE) Attack
WASC
1 citation(s)
REF-500 CWE
XML Denial of Service Attacks and Defenses
Bryan Sullivan · 2009
2 citation(s)
REF-501 CWE
Preventing XXE in PHP
Chris Cornutt
1 citation(s)
REF-502 CWE
A Study in Scarlet - section 5, "File Upload"
Shaun Clowes
1 citation(s)
REF-503 CWE
Developing Secure ActiveX Controls
Microsoft · 2005
3 citation(s)
REF-505 CWE
The Oracle Hacker's Handbook
David Litchfield
1 citation(s)
REF-506 CWE
Cursor Injection
David Litchfield
1 citation(s)
REF-510 CWE
How to stop an ActiveX control from running in Internet Explorer
Microsoft
2 citation(s)
REF-514 CWE
Perl CGI problems
Rain Forest Puppy · 1999
2 citation(s)
REF-515 CWE
0x00 vs ASP file upload scripts
Brett Moore
1 citation(s)
REF-516 CWE
ShAnKaR: multiple PHP application poison NULL byte vulnerability
ShAnKaR
2 citation(s)
REF-517 CWE
Dynamic Evaluation Vulnerabilities in PHP applications
Steve Christey · 2006
1 citation(s)
REF-518 CWE
A Study In Scarlet: Exploiting Common Vulnerabilities in PHP Applications
Shaun Clowes
1 citation(s)
REF-522 CWE
Failing Securely
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-524 CWE
Economy of Mechanism
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-526 CWE
Complete Mediation
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-528 CWE
Top 10 2007-Insecure Direct Object Reference
OWASP · 2007
1 citation(s)
REF-529 CWE
HMAC
· 2011
2 citation(s)
REF-531 CWE
XPath Injection
Web Application Security Consortium
1 citation(s)
REF-535 CWE
Separation of Privilege
Sean Barnum, Michael Gegick · 2005
2 citation(s)
REF-539 CWE
Psychological Acceptability
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-540 CWE
Usability of Security: A Case Study
J. D. Tygar, Alma Whitten · 1998
1 citation(s)
REF-542 CWE
RFC: 793, TRANSMISSION CONTROL PROTOCOL
Jon Postel, Editor · 1981
2 citation(s)
REF-544 CWE
Never Assuming that Your Secrets Are Safe
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-546 CWE
Design Principles
Sean Barnum, Michael Gegick · 2005
1 citation(s)
REF-547 CWE
Java Concurrency API
SUN
1 citation(s)
REF-548 CWE
Use reentrant functions for safer signal handling
Dipak Jha, Software Engineer, IBM
1 citation(s)
REF-554 CWE
Security Development Lifecycle (SDL) Banned Function Calls
Michael Howard · 2011
3 citation(s)
REF-562 CWE
Windows NTFS Alternate Data Streams
Don Parker · 2005
1 citation(s)
REF-565 CWE
Fear the EAR: Discovering and Mitigating Execution After Redirect Vulnerabilities
Adam Doupé, Bryce Boe, Christopher Kruegel, Giovanni Vigna
1 citation(s)
REF-567 CWE
A Taxonomy of Security Faults in the UNIX Operating System
Taimur Aslam · 1995
1 citation(s)
REF-568 CWE
Use of A Taxonomy of Security Faults
Taimur Aslam, Ivan Krsul, Eugene H. Spafford · 1995
2 citation(s)
REF-570 CWE
Top 10 2004
· 2004
REF-571 CWE
About the PCI Data Security Standard (PCI DSS)
PCI Security Standards Council
REF-572 CWE
Top 10 2007-Cross Site Scripting
OWASP · 2007
REF-574 CWE
Top 10 2007-Cross Site Request Forgery
OWASP · 2007
REF-575 CWE
Top 10 2007-Information Leakage and Improper Error Handling
OWASP · 2007
REF-577 CWE
Top 10 2007-Insecure Cryptographic Storage
OWASP · 2007
« 5 / 21 »