Prepare for your exams
Get points
Guidelines and tips

Prepare for your exams

Study with the several resources on Docsity

Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips

Sell on Docsity

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources

Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents

20 Points

For each uploaded document

Answer questions

5 Points

For each given answer (max 1 per day)

All the ways to get free points

Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study

Go to the blog

Taxonomy of Coding Errors: Understanding Common Software Vulnerabilities, Slides of Software Engineering

Fakir Mohan University Software Engineering

An overview of common coding errors and vulnerabilities in application development, focusing on application vulnerabilities, web application attacks, application patching, and the goal of taxonomy. It covers various types of coding errors, including input validation and representation, api abuse, security features, time and state, error handling, code quality, encapsulation, and environment.

Typology: Slides

2012/2013

Uploaded on 04/26/2013

sharad_984 🇮🇳

4.5

(13)

146 documents

1 / 18

This page cannot be seen from the preview

Don't miss anything!

Secure Software Development

Taxonomy of Coding Errors

Docsity.com

Partial preview of the text

Download Taxonomy of Coding Errors: Understanding Common Software Vulnerabilities and more Slides Software Engineering in PDF only on Docsity!

Secure Software Development

Taxonomy of Coding Errors

Application Vulnerabilities

application vulnerabilities >> # OS vulnerabilities
Most "popular" applications – change over time
- prevalence
- inability to effectively patch
Current targets: browsers and client-side applications

Application Patching

Much Slower than Operating System Patching
Zero-Day Vulnerability: a flaw in software code is discovered and code exploiting the flaw appears before a fix or patch is available - Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability (CVE-2009-1862) - Microsoft Office Web Components ActiveX Control Code Execution Vulnerability (CVE-2009-1136) - Microsoft Active Template Library Header Data Remote Code Execution Vulnerability ( 0015 ) CVE-2008- - Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability ( 1537 ) CVE-2009- - Adobe Reader Remote Code Execution Vulnerability (CVE-2009-1493) - Microsoft PowerPoint Remote Code Execution Vulnerability (CVE-2009-0556)

Goal of Taxonomy

List of common coding mistakes
Support for software developers to avoid making mistakes
Useful in automated tools
- Real time
- Compile time
Teaching aid
NOT an attack taxonomy