...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Guideline 6-12. "Safely invoke java.security.AccessController.doPrivileged" | |
CWE-266 "Incorrect Privilege Assignment" | |
| CWE-272 "Least Privilege Violation" |
| CWE-732 "Incorrect Permission Assignment for Critical Resource" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="85602a74533012c3-708f66c9-48c8487b-90ef9c9a-1270b7854f075af4a15467d1"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e4017c25751d6de1-310ce641-4c844a0e-b1b09ea4-50c4fc3b0731b45ae015a680"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | Sections 6.4, "AccessController" | ]]></ac:plain-text-body></ac:structured-macro> | |
| 9.5 "Privileged Code" | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="24d00b6b5439d3cf-3674bb04-4e0b4e32-a89c8927-e9248e5e2f0fa36a472b22a6"><ac:plain-text-body><![CDATA[ | [[Jovanovic 2006 | AA. Bibliography#Jovanovic 06]] | "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities" | ]]></ac:plain-text-body></ac:structured-macro> |
...