SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 142

changes.mady.by.user Fred Long

Saved on

compared with

New Version 143

changes.mady.by.user Fred Long

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

CERT C Coding Standard

ENV03-C. Sanitize the environment when invoking external programs

 

ENV04ENV33-C. Do not call system() if you do not need a command processor

CERT C++ Secure Coding Standard

ENV03-CPP. Sanitize the environment when invoking external programs
ENV04-CPP. Do not call system() if you do not need a command processor

CERT Perl Secure Coding StandardIDS34-PL. Do not pass untrusted, unsanitized data to a command interpreter

ISO/IEC TR 24772:2013

Injection [RST]

MITRE CWE

CWE-78, Improper neutralization of special elements used in an OS command ("OS command injection")

...