Jump to content

Improper input validation

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Unscintillating (talk | contribs) at 21:12, 22 February 2011 (add ref for "exploit string"). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

A string exploit is a security exploit involving handling of string data in computer software.[1][2]

Examples include:

References

  1. ^ Erickson, Jon (2008). Hacking: the art of exploitation. No Starch Press Series. Safari Books Online. ISBN 9781593271442. {{cite book}}: Unknown parameter |Edition= ignored (|edition= suggested) (help)
  2. ^ "SecurityFocus penetration: The Building of an exploit string" (PDF). derkeiler.com. February 27, 2003. Retrieved February 22, 2011.
  3. ^ "CWE-20: Improper Input Validation". Common Weakness Enumeration. MITRE. December 13, 2010. {{cite web}}: |access-date= requires |url= (help); Missing or empty |url= (help)
  4. ^ "Network security advisories article: Mod_Security ASCIIZ byte POST bypass Vulnerability". Emagined Security. July 15, 2008. Retrieved February 22, 2011.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Improper_input_validation&oldid=415384953"