2015-03-30 06:30:01
阅读( 64 )
From wikipedia
Memory safety violations, such as:
Buffer overflows
Dangling pointers
Input validation errors, such as:
Format string bugs
Improperly handling shell metacharacters so they are interpreted
SQL injection
Code injection
E-mail injection
Directory traversal
Cross-site scripting in web applications
HTTP header injection
HTTP response splitting
Race conditions, such as:
Time-of-check-to-time-of-use bugs
Symlink races
Privilege-confusion bugs, such as:
Cross-site request forgery in web applications
Clickjacking
FTP bounce attack
Privilege escalation
User interface failures, such as:
Warning fatigue [2] or user conditioning [3]
Blaming the Victim Prompting a user to make a security decision without giving the user enough information to answer it [4]
Race Conditions [5]
分享给朋友:
亲~ 如果您有更好的答案 可在评论区发表您独到的见解。
您想查看更多的信息:
面试题