Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
24 Cards in this Set
- Front
- Back
|
What is Cross-site scripting?
|
is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.
|
|
|
What is Improper Sanitization of Special Elements used in an SQL Command?
|
is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.
|
|
|
What is Classic Buffer Overflow?
|
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.The simplest type of error, and the most common cause of buffer overflows, is the "classic" case in which the program copies the buffer without checking its length at all.
|
|
|
What is Cross-Site Request Forgery (CSRF)?
|
CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.
|
|
|
What is Improper Access Control (Authorization)?
|
The software does not perform or incorrectly performs access control checks across all potential execution paths.When access control checks are not applied consistently - or not at all - users are able to access data or perform actions that they should not be allowed to perform. This can lead to a wide range of problems, including information leaks, denial of service, and arbitrary code execution.
|
|
|
What is Reliance on Untrusted Inputs in a Security Decision?
|
The application uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. (http://bit.ly/cF9xPY)
|
|
|
What is Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)?
|
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly sanitize special elements that can resolve to a location that is outside of the restricted directory. (http://bit.ly/bXwSDG)
|
|
|
What is Unrestricted Upload of File with Dangerous Type?
|
The "unrestricted file upload" term is used in vulnerability databases and elsewhere, but it is insufficiently precise. The phrase could be interpreted as the lack of restrictions on the size or number of uploaded files, which is a resource consumption issue. (http://bit.ly/9qN5Vp)
|
|
|
What is Improper Sanitization of Special Elements used in an OS Command (OS Command Injection)?
|
The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not sanitize or incorrectly sanitizes special elements that could modify the intended OS command when it is sent to a downstream component. (http://bit.ly/dp6U7v)
|
|
|
What is Missing Encryption of Sensitive Data?
|
The software does not encrypt sensitive or critical information before storage or transmission.The lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys. (http://bit.ly/9covS7)
|
|
|
What is Use of Hard-coded Credentials?
|
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. (http://bit.ly/cbyqkP)
|
|
|
What is Improper Control of Filename for Include/Require Statement in PHP Program (PHP File Inclusion)?
|
In certain versions and configurations of PHP, this can allow an attacker to specify a URL to a remote location from which the software will obtain the code to execute. In other cases in association with path traversal, the attacker can specify a local file that may contain executable statements that can be parsed by PHP. (http://bit.ly/9OxHtK)
|
|
|
What is Improper Validation of Array Index?
|
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. (http://bit.ly/cYQurp)
|
|
|
What is Improper Check for Unusual or Exceptional Conditions?
|
The software does not check or improperly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software. (http://bit.ly/aDSjAo)
|
|
|
What is Information Exposure Through an Error Message?
|
The sensitive information may be valuable information on its own (such as a password), or it may be useful for launching other, more deadly attacks. If an attack fails, an attacker may use error information provided by the server to launch another more focused attack. (http://bit.ly/8Z5yNM)
|
|
|
What is Integer Overflow or Wraparound?
|
The software performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. (http://bit.ly/cC77tG)
|
|
|
What is Incorrect Calculation of Buffer Size?
|
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow. (http://bit.ly/9Xnqx6)
|
|
|
What is Missing Authentication for Critical Function?
|
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. (http://bit.ly/arRg2h)
|
|
|
What is Download of Code Without Integrity Check?
|
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. (http://bit.ly/9kcmXI)
|
|
|
What is Incorrect Permission Assignment for Critical Resource?
|
The software specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. (http://bit.ly/ap1BIn)
|
|
|
What is Allocation of Resources Without Limits or Throttling?
|
The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on how many resources can be allocated, in violation of the intended security policy for that actor. (http://bit.ly/9VTjPG)
|
|
|
What is URL Redirection to Untrusted Site (Open Redirect)?
|
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks. (http://bit.ly/anEyMK)
|
|
|
What is Use of a Broken or Risky Cryptographic Algorithm?
|
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the disclosure of sensitive information. The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has been protected. Well-known techniques may exist to break the algorithm.(http://bit.ly/9bXRyT)
|
|
|
What is Race Condition?
|
The code requires that certain state should not be modified between two operations, but a timing window exists in which the state can be modified by an unexpected actor or process. This can have security implications when the expected synchronization is in security-critical code, such as recording whether a user is authenticated, or modifying important state information that should not be influenced by an outsider. (http://bit.ly/bSKscR)
|
