-   Linux - Security (
-   -   2010 CWE/SANS Top 25 Most Dangerous Programming Errors (

win32sux 04-07-2010 06:03 PM

2010 CWE/SANS Top 25 Most Dangerous Programming Errors

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most widespread and critical programming errors that can lead to serious software vulnerabilities. They are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.

The Top 25 list is a tool for education and awareness to help programmers to prevent the kinds of vulnerabilities that plague the software industry, by identifying and avoiding all-too-common mistakes that occur before software is even shipped. Software customers can use the same list to help them to ask for more secure software. Researchers in software security can use the Top 25 to focus on a narrow but important subset of all known security weaknesses. Finally, software managers and CIOs can use the Top 25 list as a measuring stick of progress in their efforts to secure their software.
Complete Document

Thanks to unSpawn for pointing me toward this valuable resource.

Mr-Bisquit 04-07-2010 06:22 PM

Sad to say, I've been on too many forums and have been able to do some of these actions.

win32sux 04-13-2012 10:27 PM

I created a new sticky for the 2011 list here.

All times are GMT -5. The time now is 06:20 PM.