Improper input validation: Difference between revisions

Content deleted Content added

Revision as of 21:01, 12 September 2011 edit Joe Schmedley (talk \| contribs) Extended confirmed users, Pending changes reviewers, Rollbackers 2,492 edits m fm ← Previous edit		Latest revision as of 02:39, 24 November 2022 edit undo 64.67.144.111 (talk) Undid revision 1114218016 by 82.41.68.100 (talk) Tag: Undo
(7 intermediate revisions by 7 users not shown)
Line 1: '''Improper input validation'''<ref name=":0">{{cite web \|work=[[Common Weakness Enumeration]] \|publisher=[[MITRE]] \|title=CWE-20: Improper Input Validation \|url=http://cwe.mitre.org/data/definitions/20.html \|date=December 13, 2010 \|accessdate=February 22, 2011}}</ref> or '''unchecked user input''' is a type of [[vulnerability (computing)\|vulnerability]] in [[computer software]] that may be used for [[security exploit]]s.<ref name=hacking>{{cite book\|title=Hacking: the art of exploitation\|series=No Starch Press Series\|publisher=Safari Books Online\|first=Jon\|last=Erickson\|~~Edition~~edition=2, illustrated\|year=2008\|ISBN= ~~9781593271442~~978-1-59327-144-2}}</ref> This vulnerability is caused when "[t]he product does not validate or incorrectly validates input that can affect the control flow or data flow of a program."<ref name=":0" /> Examples include: Line 12: {{reflist}} {{security-software -stub}} ~~{{DEFAULTSORT:String Exploits}}~~ [[Category:Computer security exploits]]