WebApp Sec mailing list archives
Re: Re: applet security
From: test.future () gmail com
Date: 12 Jan 2006 07:03:00 -0000
I finally found what our auditor based on: http://www.isaca-sacramento.org/seminarinfo/WebServerAuditProgram.doc. In section 11B, it writes: Applets Implication: Exposure to buffer overflow and environment attacks; Verify that the use of applets is restriced only to development networks and not permitted on operational networks. Please share your thought on this, thanks a lot. ------------------------------------------------------------------------- This List Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- applet security test . future (Jan 09)
- RE: applet security Andrew Chong (Jan 09)
- Re: applet security Dean H. Saxe (Jan 09)
- RE: applet security Richard M. Smith (Jan 10)
- <Possible follow-ups>
- RE: applet security Jeff Robertson (Jan 09)
- Re: applet security test . future (Jan 11)
- Re: applet security Michael Silk (Jan 11)
- Re: Re: applet security test . future (Jan 12)
- Re: applet security Steve Barnet (Jan 12)
- RE: Re: applet security Andrew Chong (Jan 12)
- Re: Re: applet security test . future (Jan 12)
- RE: applet security Andrew Chong (Jan 09)