Discover and read the best of Twitter Threads about #AppSecurity

Most recents (2)

#SecurityExplained S-61: CWE-787: Out-of-bounds Write

The Out-of-bounds Write is a software security vulnerability that occurs when the data is written beyond the boundaries (i.e. past the end, before the beginning) of the intended buffer.

1/n
2/n
This weakness is also listed in the CWE TOP 25 (2021). This has been given the CWE ID as CWE-787

- This vulnerability could result in buffer overflows, memory corruption, the crash of the software or even a code execution.
3/n
As per the cwe.mitre.org, The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
Read 9 tweets
Quick Review of the #NSSFGoApp

1. Login requires phone number and email yet estatement portal requires NSSF No.

2. There is a popup display ~XXXXXX~ maybe the developers left it in there

3. When one enters email the app checks for SMS … received
#NSSFGoApp review

4. Why does the app need access to media on my phone? Why is the external permission necessary for an app that provides information? #AppSecurity

5. Hamburger menu in top left hand corner does not work
6. No way to log out of the app - so deleted don’t want my NSSF information lying around on my phone un-secured

Testing Platform: #OnePlusTwo #Android 8.1.0 #LineageOs 15.1-20180918
Read 6 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!