Security bug

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

A security bug or security defect is a software bug that can be exploited to gain unauthorized access or privileges on a computer system. Security bugs introduce security vulnerabilities by compromising one or more of:

Security bugs need not be identified nor exploited to qualify as such.

Causes[edit]

Security bugs, like all other software bugs, stem from root causes that can generally be traced to either absent or inadequate:[2]

Taxonomy[edit]

Security bugs generally fall into a fairly small number of broad categories that include:[3]

Mitigation[edit]

See software security assurance.

See also[edit]

References[edit]

  1. ^ a b "CWE/SANS TOP 25 Most Dangerous Software Errors". SANS. Retrieved 13 July 2012.
  2. ^ "Software Quality and Software Security". 2008-11-02. Retrieved 2017-04-28.
  3. ^ "Security vulnerability categories in major software systems". 2006-01-01. Retrieved 2017-04-28.

Further reading[edit]