Threat Vectors for Criminals: Common Coding Errors and Open-Source Vulnerabilities
By Jeff Shipley Coding errors in software products provide easy paths of entry for online criminals, who can exploit vulnerabilities to compromise systems or launch additional attacks and malware. As reported in the Cisco 2015 Midyear Security Report , certain types of coding errors consistently appear on lists of most common vulnerabilities. This raises an important question for vendors and security professionals: If the same coding errors are identified year in and year out, why aren’t these errors being mitigated? Buffer errors, input validation, and resource errors are […]
Source:: Cisco Security Notice