Discover and read the best of Twitter Threads about #AppSecurity
Most recents (2)
#SecurityExplained S-61: CWE-787: Out-of-bounds Write
The Out-of-bounds Write is a software security vulnerability that occurs when the data is written beyond the boundaries (i.e. past the end, before the beginning) of the intended buffer.
1/n
The Out-of-bounds Write is a software security vulnerability that occurs when the data is written beyond the boundaries (i.e. past the end, before the beginning) of the intended buffer.
1/n
2/n
This weakness is also listed in the CWE TOP 25 (2021). This has been given the CWE ID as CWE-787
- This vulnerability could result in buffer overflows, memory corruption, the crash of the software or even a code execution.
This weakness is also listed in the CWE TOP 25 (2021). This has been given the CWE ID as CWE-787
- This vulnerability could result in buffer overflows, memory corruption, the crash of the software or even a code execution.
3/n
As per the cwe.mitre.org, The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
As per the cwe.mitre.org, The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
Quick Review of the #NSSFGoApp
1. Login requires phone number and email yet estatement portal requires NSSF No.
2. There is a popup display ~XXXXXX~ maybe the developers left it in there
3. When one enters email the app checks for SMS … received
1. Login requires phone number and email yet estatement portal requires NSSF No.
2. There is a popup display ~XXXXXX~ maybe the developers left it in there
3. When one enters email the app checks for SMS … received
#NSSFGoApp review
4. Why does the app need access to media on my phone? Why is the external permission necessary for an app that provides information? #AppSecurity
5. Hamburger menu in top left hand corner does not work
4. Why does the app need access to media on my phone? Why is the external permission necessary for an app that provides information? #AppSecurity
5. Hamburger menu in top left hand corner does not work
6. No way to log out of the app - so deleted don’t want my NSSF information lying around on my phone un-secured
Testing Platform: #OnePlusTwo #Android 8.1.0 #LineageOs 15.1-20180918
Testing Platform: #OnePlusTwo #Android 8.1.0 #LineageOs 15.1-20180918
