CWE

Common Weakness Enumeration

A Community-Developed List of Software Weakness Types

CWE/SANS Top 25 Most Dangerous Software Errors
Home > News > Industry News Coverage - 2006 Archive  
ID

Industry News Coverage - 2006 Archive
Industry News Coverage - 2006 Archive

Below is a comprehensive monthly review of the news and other media's coverage of CWE. A brief summary of each news item is listed with its title, author (if identified), date, and media source.

December 2006
December 2006

SC Magazine, December 27, 2006

CWE information was included in a December 27, 2006 article entitled "Hot or Not: Web Application Vulnerabilities" in SC Magazine. The article is about a report on the trends in the types of Common Vulnerabilities and Exposures (CVEs) as noted in the October 2006 Vulnerability Type Distributions in CVE white paper posted on the CWE Documents page that was written by CVE Editor Steve Christey. The author of the article states: "There's no doubt that web applications have become the attackers' target of choice. In September, Mitre Corp.'s Common Vulnerabilities and Exposures list - a tally of publicly disclosed vulnerabilities - ranked cross-site scripting in the number one slot. In fact, cross-site scripting attacks surpassed buffer overflow vulnerabilities. And four of the top five reported vulnerabilities proved to be within web applications."

The article also mentions that in the November 2006 SANS Institute Top-20 Internet Security Attack Targets 2006 Annual Update, which uses 210 CVE Identifiers to uniquely identify the vulnerabilities it describes, "...web applications topped the list for Cross-Platform Application vulnerabilities."


More information is available — Please select a different filter.
Page Last Updated: January 12, 2017