Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Friday, February 29, 2008

Top 10 vulnerabilities in Web Applications in Q4 2007

Top ten web application vulnerabilities according to Qualys, Q4 2007.

Open SSL Off-By-One Overflow
Java Web Start Bugs
Adobe Acrobat URI Handling Bug
IBM Lotus Notes Buffer Overflow
RealPlayer Input Validation Flaw
IBM WebShere Application Server Input Validation Hole
IBM WebShpere Input Validation Hole
PHP Buffer Overflows, Filtering Bypass and Configuration Bypass Bugs
Apache Input Validation Hole
Adobe Flash Player Bugs

Posted on 02/29