WebApp Sec mailing list archives

Vulnerability statistics

From: "Benjamin Livshits" <livshits () cs stanford edu>
Date: Thu, 6 Jan 2005 13:55:53 -0800

Looking at the OWASP's top ten list, are there any recent studies as to
what fraction of vulnerabilities accounts for each of the top ten
categories?

What about the percentage of vulnerabilities caused by coding errors vs
configuration flaws?

Thanks,
-Ben

Current thread:

XSS or HTTP Response Splitting? Joxean Koret (Jan 02)
- <Possible follow-ups>
- Re: XSS or HTTP Response Splitting? Amit Klein (AKsecurity) (Jan 06)
  - Vulnerability statistics Benjamin Livshits (Jan 06)
    - Re: Vulnerability statistics Jeremiah Grossman (Jan 07)