...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Guideline 6-12. "Safely invoke java.security.AccessController.doPrivileged" | |
CWE-266 "Incorrect Privilege Assignment" | |
| CWE-272 "Least Privilege Violation" |
| CWE-732 "Incorrect Permission Assignment for Critical Resource" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="40a3645c9d410500-730ebce4-4287409b-81c3a45e-dd2c1792abb7c9be749a795f"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9c49c669330593bb-cf42d1c9-456e4d36-9fc8b397-c7fbee1542f4ffb52566e231"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | Sections 6.4, "AccessController" | ]]></ac:plain-text-body></ac:structured-macro> | |
| 9.5 "Privileged Code" | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a737ce52e1cdef0b-d35f2e9b-4131475d-aa6bbbc1-386dc01ad5eab9eca62c8704"><ac:plain-text-body><![CDATA[ | [[Jovanovic 2006 | AA. Bibliography#Jovanovic 06]] | "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities" | ]]></ac:plain-text-body></ac:structured-macro> |
...