SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 59

changes.mady.by.user Dhruv Mohindra

Saved on

compared with

New Version 60

changes.mady.by.user Ankur Goyal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider Java v3.0

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

SEC02 SEC04- J

high

probable

medium

P12

L1

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Gong 03|AA. Java References#Gong 03]\] Section 4.3.2, Class Loader Delegation Hierarchy
\[[SCG 07|AA. Java References#SCG 07]\] Guideline 6-2 Safely invoke standard APIs that bypass SecurityManager checks depending on the immediate caller's class loader
\[[Tomcat 09|AA. Java References#Tomcat 09]\] [Bug ID 29936|https://issues.apache.org/bugzilla/show_bug.cgi?id=29936], API Class {{org.apache.tomcat.util.digester.Digester}}, [Security fix in v 6.0.20|http://tomcat.apache.org/security-6.html]
\[[CVE 08|AA. Java References#CVE 08]\] [CVE-2009-0783|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783]

...