| | Program vulnerabilities | Key points |
| | Input validation problem | insect, create, select, alter, update, order, cookie, subject, system, command, open, close, getProperty, getRuntime | | Buffer overflow problem | Strcpy, strlen, stract, strchr, scanf, sprintf, sterror, strcoll, sbumpc, strcnpy, cin, gets, fgets, getchat, getc,getpass, malloc, istream, printf | | Misuse of API | Cin, gets, fgets, getchat, getc, getpass, memcpy, malloc, getParameter, equals, getProperty, read, gethostbyaddr | | Content management issues | Malloc, calloc, realloc, alloca, free, new, delete, memcpy, memmove, memcmp, memchr, memset, mmap, munmap, memccpy, getpagesize | | Error handling issues | -Alloca, catch, throw, EnterCriticalSection | | Cross site scripting problem | URL, submit, cookie | | Information leakage problem | Malloc, calloc, realloc, alloca, memcpy, memmove |
|
|
