Revision as of 17:32, 22 February 2011 edit Unscintillating (talk \| contribs) Extended confirmed users 12,833 edits add asciiz exploits, which was part of the earlier material, even though "null character" currently is minimal in exploit coverage, add ref ← Previous edit		Revision as of 17:47, 22 February 2011 edit undo Shajure (talk \| contribs) Extended confirmed users 2,185 edits Some are... and why does this belong in the lead? Next edit →
Line 5: {{Notability\|date=March 2008}} A '''string exploit''' is a [[security exploit]] involving handling of [[String (computer science)\|string]] data in computer software.<ref name=hacking>{{cite book\|title=Hacking: the art of exploitation\|series=No Starch Press Series\|publisher=Safari Books Online\|first=Jon\|last=Erickson\|Edition=2, illustrated\|year=2008\|ISBN= 9781593271442}}</ref> ~~This type~~Some of ~~exploit~~these isare also known as '''Unchecked user input''' or '''Improper input validation'''.<ref>{{cite web \|work=[[Common Weakness Enumeration]] \|publisher=[[MITRE]] \|title=CWE-20: Improper Input Validation \|date=December 13, 2010 \|accessdate=February 22, 2011}}</ref> Examples include:

Improper input validation: Difference between revisions