...
Comparing classes solely using their names can allow a malicious class to bypass security checks and gain access to protected resources.
Recommendation Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
OBJ12-J | high | unlikely | low | P9 | L2 |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="3b198a01492cf877-4d2b9c11-4b154c78-ac398f5f-9758b573ec6b773d55a984bb"><ac:plain-text-body><![CDATA[ | [[Christudas 2005 | AA. Bibliography#Christudas 05]] | Internals of Java Class Loading | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a556f33074db8015-5b1f33df-40ea40ef-96fd86f3-b1f07379d7f19972273eb58b"><ac:plain-text-body><![CDATA[ | [[JVMSpec 1999 | AA. Bibliography#JVMSpec 99]] | [§2.8.1 Class Names | http://java.sun.com/docs/books/jvms/second_edition/html/Concepts.doc.html] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b737c98dc4d1d94d-ebef01b4-4e8f40d4-a6178395-6bbae26f0d2d966f33cfaf0e"><ac:plain-text-body><![CDATA[ | [[McGraw 1998 | AA. Bibliography#Mcgraw 98]] | Twelve rules for developing more secure Java code | ]]></ac:plain-text-body></ac:structured-macro> | |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ff44bfa927faeee3-91545a57-42044027-9a37994b-5db3b79ee9d19d10e9d00e27"><ac:plain-text-body><![CDATA[ | [[Wheeler 2003 | AA. Bibliography#Wheeler 03]] | [Java | http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/java.html] Secure programming for Linux and Unix HOWTO | ]]></ac:plain-text-body></ac:structured-macro> |
...