Software security vulnerability
|
In computer software, a security vulnerability is a software bug that can be used deliberately to violate security.
Such vulnerabilities are of significant interest when the program containing the vulnerability operates with special privileges, performs authentication or takes action on behalf of a user (such as a network server or RDBMS).
Well known vulnerabilities include (but are not limited to)
- stack smashing and other buffer overflows
- symlink races
- input validation errors, such as:
- format string bugs
- improperly handling shell metacharacters so they are interpreted
- SQL injection
- cross-site scripting (in web applications)
- directory traversal
See also: Exploit (computer science), computer securityes:Agujero de seguridad ja:セキュリティーホール