Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 1

changes.mady.by.user Dhruv Mohindra

Saved on Mar 17, 2009

compared with

New Version 2

changes.mady.by.user David Svoboda

Saved on Mar 18, 2009

Key

This line was added.
This line was removed.
Formatting was changed.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other languages

This rule appears in the C Secure Coding Standard as ENV03-C. Sanitize the environment when invoking external programs.

This rule appears in the C++ Secure Coding Standard as ENV03-CPP. Sanitize the environment when invoking external programs.

References

Wiki Markup

\[[OWASP 05|AA. Java References#OWASP 05]\] [Reviewing Code for OS Injection|http://www.owasp.org/index.php/Reviewing_Code_for_OS_Injection]
\[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 78|http://cwe.mitre.org/data/definitions/78.html] "Failure to Preserve OS Command Structure (aka 'OS Command Injection')"

...