| Wiki Markup |
|---|
Never use deprecated or obsolete methods or classes in new code. Refer to the The Java SE 6 documentation provides a complete list of deprecated APIs available in the Java SE 6 documentation \[[API 2006|AA. Bibliography#API 06]\]. The guideline [THI01-J. Do not invoke ThreadGroup methods] describes issues that can result from using deprecated and obsolete methods. |
| Wiki Markup |
|---|
The Java SE 6 documentation further indicates certain classes that are obsolete \[[API 2006|AA. Bibliography#API 06]\]. For example, the {{ |
java.util.Dictionary}} class provides the same functionality as the {{Map}} interface. |
interface and is generally outmoded. The java.util.Calendar class suffers from multi-threading related issues; its subclasses, such as java.util.GregorianCalendar, share these problems. Similarly, all of the subclasses of the abstract class java.text.Format are thread-unsafe. These classes must be avoided in multi-threaded code.
Risk Assessment
Using deprecated or obsolete classes or methods in program code can lead to unexpected, ill-defined erroneous behavior.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MET15-J | high | likely | medium | P18 | L1 |
Automated Detection
Detecting uses of deprecated methods is straightforward.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
| Wiki Markup |
|---|
\[[API 2006|AA. Bibliography#API 06]\] [Deprecated API|http://java.sun.com/javase/6/docs/api/deprecated-list.html] \[[SDN 2008|AA. Bibliography#SDN 08]\] Bug database, [Bug ID 4264153|http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4264153] \[[MITRE 2009|AA. Bibliography#MITRE 09]\] [CWE ID 589|http://cwe.mitre.org/data/definitions/589.html] |
...