...
Examples of related vulnerabilities include:
ENV04-C. Do not call system() if you do not need a command processor | |||||
ENV04-CPP. Do not call system() if you do not need a command processor | |||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="815e72134650bae6-121333e7-42d44c2e-92eaaf7c-c17a8c25e9ca0549466ec979"><ac:plain-text-body><![CDATA[ | [CVE-2010-0886] | [Sun Java Web Start Plugin Command Line Argument Injection | http://www.securitytube.net/video/1465] | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="eded2fb639161960-681af63f-4c6d430f-9bbb8d61-990ac1514e3d9786ff7d80b8"><ac:plain-text-body><![CDATA[ | [CVE-2010-1826] | [Command injection in updateSharingD's handling of Mach RPC messages | http://securitytracker.com/id/1024617] | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d538a2039c92177f-0782feda-40f74022-b410ac85-30884ceed85558923ca487d8"><ac:plain-text-body><![CDATA[ | [T-472] | [Mac OS X Java Command Injection Flaw in updateSharingD Lets Local Users Gain Elevated Privileges | http://www.doecirc.energy.gov/bulletins/t-472.shtml] | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="c3a183555751f47f-a107cb17-41014efb-badcaef6-fc8a3ecb27de5891ee3b2e00"><ac:plain-text-body><![CDATA[ | [[MITRE 2009 | AA. Bibliography#MITRE 09]] | [CWE ID 78 | http://cwe.mitre.org/data/definitions/78.html] "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')" | ]]></ac:plain-text-body></ac:structured-macro> |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="8c00863cceda738c-7f657816-408f4c14-802aabd9-227fa6f82a1b8b641d3308e5"><ac:plain-text-body><![CDATA[ | [[Chess 2007 | AA. Bibliography#Chess 07]] | Chapter 5: Handling Input, "Command Injection"]]></ac:plain-text-body></ac:structured-macro> | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="0a521f8c4045ef3a-ea9ef0c2-40834ec6-8d91b856-23b0cf0721f89f1d86c9a35a"><ac:plain-text-body><![CDATA[ | [[OWASP 2005 | AA. Bibliography#OWASP 05]] | [Reviewing Code for OS Injection | http://www.owasp.org/index.php/Reviewing_Code_for_OS_Injection] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="200604c7b92dcca9-48ce1aed-45a6406f-a96e823b-05e8efbf1f0634de406fc998"><ac:plain-text-body><![CDATA[ | [[Permissions 2008 | AA. Bibliography#Permissions 08]] | [Permissions in the Java™ SE 6 Development Kit (JDK) | http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html], Sun Microsystems, Inc. (2008) | ]]></ac:plain-text-body></ac:structured-macro> |
...