...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="15755c5e-0947-4fd5-87d9-efb4cc0009a4"><ac:plain-text-body><![CDATA[ | [[MITRE 2009 | AA. Bibliography#MITRE 09]] | [CWE ID 300 | http://cwe.mitre.org/data/definitions/300.html] "Channel Accessible by Non-Endpoint (aka 'Man-in-the-Middle')" ]]></ac:plain-text-body></ac:structured-macro>" | ||
| CWE ID 319, "Cleartext Transmission of Sensitive Information" | |||||
| CWE ID 494, "Download of Code Without Integrity Check" | |||||
| CWE ID 347, "Improper Verification of Cryptographic Signature" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2cc97f23a48de79c-63bf24b4-45294a20-aa3fa3cd-8eccf168d53fb6c4aac0c176"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2df1ddf7ec964062-6ec1517f-42c040dd-8a399ecb-7e0bc1174bc1989b195e3efb"><ac:plain-text-body><![CDATA[ | [[Bea 2008 | AA. Bibliography#Bea 08]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7f1e3b40af2ce8e5-4b4d6368-423246e7-96e8800a-6c990311be2a38799cc48d7b"><ac:plain-text-body><![CDATA[ | [[Eclipse 2008 | AA. Bibliography#Eclipse 08]] | [JAR Signing | http://wiki.eclipse.org/JAR_Signing] and [Signed bundles and protecting against malicious code | http://help.eclipse.org/stable/index.jsp?topic=/org.eclipse.platform.doc.isv/guide] | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="1de94ec6261a851a-f6ffe0df-4883409a-a05fafc2-37e4dfcebe1751f21a9963b5"><ac:plain-text-body><![CDATA[ | [[Fairbanks 07 | AA. Bibliography#Fairbanks 07]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a481cd2a477e107d-1e1d562b-41974a91-8982a471-46509f696d421672d15a3879"><ac:plain-text-body><![CDATA[ | [[Flanagan 2005 | AA. Bibliography#Flanagan 05]] | Chapter 24. The java.util.jar Package | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="43a4ba9365b596c3-91497039-426f4bf6-a9fdaa0a-a9358ab469668ea8b5408a85"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | 12.8.3 jarsigner | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="675df941cc4f7d76-7ef873d0-4e374faf-b367938e-aa5b8b550cc701b23369b0ff"><ac:plain-text-body><![CDATA[ | [[Halloway 2001 | AA. Bibliography#Halloway 01]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="d0e2903f5598151f-f7df3d19-412942aa-b8139721-0a8ad25965336a70d76e86a6"><ac:plain-text-body><![CDATA[ | [[JarSpec 2008 | AA. Bibliography#JarSpec 08]] | Signature Validation |
| ]]></ac:plain-text-body></ac:structured-macro> | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="08014c05726577db-f4cd5d1a-4eba4300-a15f83d3-b8231ecc3f69452197ae7027"><ac:plain-text-body><![CDATA[ | [[Oaks 2001 | AA. Bibliography#Oaks 01]] | Chapter 12: Digital Signatures, Signed Classes | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="112722de1784c9d2-f7a5ceb5-4c164a9a-a6dcaed5-e7d45534b35b13257f8cb5ed"><ac:plain-text-body><![CDATA[ | [[Muchow 2001 | AA. Bibliography#Muchow 01]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f098aed7823431bd-8b0bb764-4d5246db-ac3f8e40-ab5f629d22ec73db0273aff3"><ac:plain-text-body><![CDATA[ | [[Tutorials 2008 | AA. Bibliography#Tutorials 08]] | [The JarRunner Class | http://java.sun.com/docs/books/tutorial/deployment/jar/jarrunner.html], [Lesson: API and Tools Use for Secure Code and File Exchanges | http://java.sun.com/docs/books/tutorial/security/sigcert/index.html] and [Verifying Signed JAR Files | http://java.sun.com/docs/books/tutorial/deployment/jar/verify.html] | ]]></ac:plain-text-body></ac:structured-macro> |
...