Home page logo
/

webappsec logo WebApp Sec mailing list archives

RE: Code Cracking in Java
From: "Maxim Kostioukov" <maxim () francoudi com>
Date: Thu, 13 May 2004 13:33:01 +0300

-----Original Message-----
From: Chitresh Sen [mailto:chitresh_sen () yahoo com]
my finding help them to develop a strong 
business case to convince top management for discarding the 
product.

The management was given misleading interpretation in support for discarding the product - the vulns have nothing
to do with Java, but with business logic distribution between client & server (which is irrelevant to any program 
language).

As others pointed out, this could be fixed easily enough... Additionally, input check on server side is not supposed to 
affect
performance; from my experience, this is not an issue.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]