View: Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)

Obsolete

Type: Graph

Objective

CWE entries in this view (graph) are fully or partially eliminated by following the guidance presented in the book "The CERT Oracle Secure Coding Standard for Java" published in 2011. This view is considered obsolete as a newer version of the coding standard is available.

Audience

Type	Description
Software Developers	By following The CERT Oracle Secure Coding Standard for Java, developers will be able to fully or partially prevent the weaknesses that are identified in this view. In addition, developers can use a CWE coverage graph to determine which weaknesses are not directly addressed by the standard, which will help identify and resolve remaining gaps in training, tool acquisition, or other approaches for reducing weaknesses.
Product Customers	If a software developer claims to be following The CERT Oracle Secure Coding Standard for Java, then customers can search for the weaknesses in this view in order to formulate independent evidence of that claim.
Educators	Educators can use this view in multiple ways. For example, if there is a focus on teaching weaknesses, the educator could link them to the relevant Secure Coding Standard.

Relationships

Weaknesses Addressed by The CERT Oracle Secure Coding Standard for Java (2011)- (CWE-844)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 2 - Input Validation and Data Sanitization (IDS)- (CWE-845)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 3 - Declarations and Initialization (DCL)- (CWE-846)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 4 - Expressions (EXP)- (CWE-847)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 5 - Numeric Types and Operations (NUM)- (CWE-848)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 6 - Object Orientation (OBJ)- (CWE-849)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 7 - Methods (MET)- (CWE-850)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 8 - Exceptional Behavior (ERR)- (CWE-851)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 9 - Visibility and Atomicity (VNA)- (CWE-852)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 10 - Locking (LCK)- (CWE-853)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 11 - Thread APIs (THI)- (CWE-854)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 12 - Thread Pools (TPS)- (CWE-855)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 13 - Thread-Safety Miscellaneous (TSM)- (CWE-856)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 14 - Input Output (FIO)- (CWE-857)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 15 - Serialization (SER)- (CWE-858)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 16 - Platform Security (SEC)- (CWE-859)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 17 - Runtime Environment (ENV)- (CWE-860)

The CERT Oracle Secure Coding Standard for Java (2011) Chapter 18 - Miscellaneous (MSC)- (CWE-861)

Mapping Notes

Usage: Prohibited

Reasons: View

Rationale:

This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.

Comment:

Use this View or other Views to search and navigate for the appropriate weakness.