Industry News Coverage - 2006 Archive
Industry News Coverage - 2006 Archive
Below is a comprehensive monthly review of the news and other media's coverage of CWE. A brief summary of each news item is listed with its title, author (if identified), date, and media source.
December 2006
December 2006
SC Magazine, December 27, 2006
CWE information was included in a December 27, 2006 article entitled "Hot
or Not: Web Application Vulnerabilities" in SC
Magazine. The article is about a report on the trends in the types of Common Vulnerabilities and Exposures (CVEs) as noted in the October 2006 Vulnerability
Type Distributions in CVE white paper posted on the CWE
Documents page that was written by CVE Editor Steve Christey. The author of the article states: "There's no doubt that web applications have become the attackers' target of choice. In September, Mitre Corp.'s Common Vulnerabilities and Exposures list - a tally of publicly disclosed vulnerabilities - ranked cross-site scripting in the number one slot. In fact, cross-site scripting attacks surpassed buffer overflow vulnerabilities. And four of the top five reported vulnerabilities proved to be within web applications."
The article also mentions that in the November 2006 SANS Institute Top-20
Internet Security Attack Targets 2006 Annual Update, which uses 210 CVE Identifiers to uniquely identify the vulnerabilities it describes, "...web applications topped the list for Cross-Platform Application vulnerabilities."
More information is available — Please edit the custom filter or select a different filter.
|
