...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
SEC19 SEC09-J | high | probable | medium | P12 | L1 |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="73e5341d4568962c-3b1e563b-42c34c28-806b8e7e-8f0596424e9870e59a4ea04b"><ac:plain-text-body><![CDATA[ | [[MITRE 2009 | AA. Bibliography#MITRE 09]] | [CWE ID 300 | http://cwe.mitre.org/data/definitions/300.html] "Channel Accessible by Non-Endpoint (aka 'Man-in-the-Middle')" | ]]></ac:plain-text-body></ac:structured-macro> |
| CWE ID 319 "Cleartext Transmission of Sensitive Information" | ||||
| CWE ID 494 "Download of Code Without Integrity Check" | ||||
| CWE ID 347 "Improper Verification of Cryptographic Signature" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="cc80889aeb953cac-525cdb96-46fd4167-970a8fde-7515a911c025ced8916b2374"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a1b90db6f1f3a29a-4029c295-4dc74542-8d2bb700-c37e29b5eb2bc52152da281f"><ac:plain-text-body><![CDATA[ | [[Bea 2008 | AA. Bibliography#Bea 08]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="70c6193faace4bdc-e77803da-466f4364-ae65a8bd-a1d60ffd60b5b92126f4e9bd"><ac:plain-text-body><![CDATA[ | [[Eclipse 2008 | AA. Bibliography#Eclipse 08]] | [JAR Signing | http://wiki.eclipse.org/JAR_Signing] and [Signed bundles and protecting against malicious code | http://help.eclipse.org/stable/index.jsp?topic=/org.eclipse.platform.doc.isv/guide] | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="36d4fa3310340d94-fa69cf48-4f2b45ba-a18ab900-56de37781845d8dece9a4445"><ac:plain-text-body><![CDATA[ | [[Fairbanks 07 | AA. Bibliography#Fairbanks 07]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="dc917364650f163c-d01314fa-48a94f50-a32096e9-b1fa3aeff7d89451d13b1e11"><ac:plain-text-body><![CDATA[ | [[Flanagan 2005 | AA. Bibliography#Flanagan 05]] | Chapter 24. The java.util.jar Package | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3bc24b74da8f52aa-8d091979-40d94a32-98139391-26bd4e29c451cd9bdac6f040"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | 12.8.3 jarsigner | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5fbf3d0efa89ba88-bcbf8653-480a4403-a47c916e-cbd5f0ebbac79caa1dac102e"><ac:plain-text-body><![CDATA[ | [[Halloway 2001 | AA. Bibliography#Halloway 01]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="cbdd833e7e43c569-be2e31d3-4cd04919-8078a5bd-0bc30de7cd8e886045dcdca8"><ac:plain-text-body><![CDATA[ | [[JarSpec 2008 | AA. Bibliography#JarSpec 08]] | Signature Validation |
| ]]></ac:plain-text-body></ac:structured-macro> | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d779c3ee055dc8b0-0cdd565e-4b634a86-9e81b8a4-940442799db987b9b3d2e2a4"><ac:plain-text-body><![CDATA[ | [[Oaks 2001 | AA. Bibliography#Oaks 01]] | Chapter 12: Digital Signatures, Signed Classes | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b2a7055c5acbdad3-44e0c536-4d904b28-a20e8a97-5ff543c0de44e198e8e39e6b"><ac:plain-text-body><![CDATA[ | [[Muchow 2001 | AA. Bibliography#Muchow 01]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ef6cb4ce97d5d08d-217a08f6-4a0d4690-8572a4a8-346926a2c98789102add754a"><ac:plain-text-body><![CDATA[ | [[Tutorials 2008 | AA. Bibliography#Tutorials 08]] | [The JarRunner Class | http://java.sun.com/docs/books/tutorial/deployment/jar/jarrunner.html], [Lesson: API and Tools Use for Secure Code and File Exchanges | http://java.sun.com/docs/books/tutorial/security/sigcert/index.html] and [Verifying Signed JAR Files | http://java.sun.com/docs/books/tutorial/deployment/jar/verify.html] | ]]></ac:plain-text-body></ac:structured-macro> |
...