Application security eval - methodology

["Léon" Castrault <leon_castrault () yahoo com>]

Has anyone published a framework for evaluating the
security impact of an application (that is, a "black
box", a binary provided by a vendor)?

I think I have what I need in regard of desktop
(windows) applications but the tools I use fall short
in front of server applications.

Thanks.

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/