Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 68

changes.mady.by.user Dhruv Mohindra

Saved on Dec 08, 2009

compared with

New Version Current

changes.mady.by.user Carol J. Lallier

Saved on Sep 29, 2014

Key

This line was added.
This line was removed.
Formatting was changed.

Guidelines

IDS00-J. Always validate user input

IDS01-J. Sanitize before processing or storing user input

IDS02-J. Validate strings after performing normalization

IDS03-J. Do not delete non-character code points

IDS04-J. Properly encode or escape output

IDS05-J. Library methods should validate their parameters

IDS06-J. Prevent OS Command Injection

IDS07-J. Prevent SQL Injection

IDS08-J. Prevent XML Injection

IDS09-J. Prevent XPath Injection

IDS10-J. Prevent XML external entity attacks

IDS11-J. Prevent LDAP injection

IDS12-J. Prevent against code injection

IDS13-J. Account for supplementary and combining characters in globalized code

IDS14-J. Perform loss less conversion of String to given encoding and back

IDS15-J. Prefer using URIs to URLs

IDS16-J. Do not use locale dependent methods on locale insensitive data

IDS17-J. Understand how escape characters are interpreted when String literals are compiled

Risk Assessment Summary

Guideline	Severity	Likelihood	Remediation Cost	Priority	Level
IDS00- J	high	probable	medium	P12	L1
IDS01- J	high	probable	medium	P12	L1
IDS02- J	high	probable	medium	P12	L1
IDS03- J	high	probable	medium	P12	L1
IDS04- J	high	probable	medium	P12	L1
IDS05- J	medium	probable	high	P4	L3
IDS06- J	high	probable	medium	P12	L1
IDS07- J	medium	probable	high	P4	L3
IDS08- J	medium	probable	medium	P8	L2
IDS09- J	medium	probable	medium	P8	L2
IDS10- J	medium	probable	medium	P8	L2
IDS11- J	high	likely	medium	P18	L1
IDS12- J	high	likely	medium	P18	L1
IDS13- J	low	unlikely	medium	P2	L3
IDS14- J	low	probable	medium	P4	L3
IDS15- J	low	probable	medium	P4	L3
IDS16- J	medium	probable	medium	P8	L2
IDS17- J	low	unlikely	high	P1	L3

Content by Label

showLabels	false
maxResults	99
sort	title
showSpace	false
label	+ids,-void
space	@self

Image Added Image Added Image Added FIO10-J. Do not let Runtime.exec() fail or block indefinitely The CERT Sun Microsystems Secure Coding Standard for Java IDS00-J. Always validate user input