...
The proper application of this standard would enable a system to comply with the following requirements from the Application Security and Development Security Technical Implementation Guide, Version 4, Release 1 [DISA 2016]:
- (ASDVAPSC-PLDV-001995: CAT II) The application must not be vulnerable to race conditions.
- (APSC-DV-002510: CAT I) The application must protect from command injection.
- (APSC-DV-002520: CAT II) The application must protect from canonical representation vulnerabilities.
- (APSC-DV-002530: CAT II) The application must validate all input.
- (APSC-DV-002560: CAT I) The application must not be subject to input handling vulnerabilities.
- (APSC-DV-002590: CAT I) The application must not be vulnerable to overflow attacks.
- (APSC-DV-003215: CAT III) The application development team must follow a set of coding standards.
- (APSC-DV-003235: CAT II) The application must not be subject to error handling vulnerabilities.
...