vFeed


Browsing the "Mitre" Tag

Common Weakness Scoring System (CWSS) v0.1 released

December 20th, 2010 | by NJ Ouchn

So for each weakness in the architecture, design, code or implementation that might be introduced into an application, which in some cases can contribute to a vulnerability within that software, we need to be able toreason and communicate about the relative importance of different weaknesses. For example, a buffer overflow vulnerability might arise from aweakness in which the programmer doesnot properly validate the length of an input buffer. This weakness only contributes to a vulnerability if the input buffer can be influenced by amalicious party, and the malicious buffer is copied toa smaller buffer



Back to Top ↑