Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added CWE reference

...

Wiki Markup
\[[API 06|AA. Java References#API 06]\] [Class Object| http://java.sun.com/javase/6/docs/api/java/lang/Object.html]
\[[Goetz 06b|AA. Java References#Goetz 06b]\]
\[[MITRE 09|AA. Java References#MITRE 09]\] [CWE ID 405|http://cwe.mitre.org/data/definitions/405.html] "Asymmetric Resource Consumption (Amplification)", [CWE ID 404|http://cwe.mitre.org/data/definitions/404.html] "Improper Resource Shutdown or Release", [CWE ID 459 |http://cwe.mitre.org/data/definitions/459.html] "Incomplete Cleanup"

...

FIO33SER32-J. Do not allow serialization and deserialization to bypass the Security Manager      07. Input Output (FIO)      FIO35-J. Exclude user input from format strings