Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

49. Miscellaneous (MSC)

Created by Dhruv Mohindra, last modified on Mar 13, 2009

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Recommendations

MSC00-J. Eliminate class initialization cycles

MSC01-J. Avoid memory leaks

MSC02-J. Be aware of the JVM Tool Interface

MSC03-J. Be aware of the Java Platform Debugger Architecture

MSC04-J. Be aware of JVM Monitoring and Managing

MSC05-J. Make sensitive classes noncloneable

MSC06-J. Avoid acyclic dependencies between packages

MSC07-J. Prefer using URIs to URLs

MSC08-J. Prefer using Iterators over Enumerations

MSC09-J. Avoid flaws in interfaces

Rules

MSC30-J. Generate truly random numbers

MSC31-J. Never hardcode sensitive information

MSC32-J. Treat the environment as untrusted and sanitize all inputs

Risk Assessment Summary

Recommendations

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
MSC00-J	low	unlikely	medium	P2	L3
MSC01-J	low	unlikely	high	P1	L3
MSC02-J	low	unlikely	medium	P2	L3
MSC03-J	medium	probable	medium	P8	L2
MSC04-J	high	probable	low	P18	L1
MSC05-J	medium	probable	medium	P18	L1
MSC06-J	TODO	TODO	TODO	TODO	TODO
MSC07-J	medium	unlikely	medium	P4	L3
MSC08-J	low	unlikely	medium	P2	L3

Rules

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
MSC30-J	medium	unlikely	medium	P4	L3

EXC31-J. Handle checked exceptions that can be thrown within a finally block The CERT Sun Microsystems Secure Coding Standard for Java MSC00-J. Eliminate class initialization cycles

No labels