Linux Today: Linux News On Internet Time.

More on LinuxToday

16 Feb 2010: Red Hat's Top 11 Most Serious Flaw Types for 2009

Feb 17, 2010, 23:33 (0 Talkback[s])
(Other stories by Mark Cox)

"The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors was published today listing the most widespread issues that lead to software vulnerabilities.

"During the creation and review of the list we spent some time to see how closely last years list matched the types of flaws we deal with at Red Hat. We first looked at all the issues that Red Hat fixed across our entire product portfolio in the 2009 calendar year and filtered out those that had the highest severity. All our 2009 vulnerabilities have CVSS scores, so we filtered on those that have a CVSS base score of 7.0 or above[1].

"There were 22 vulnerabilities that matched, and we mapped each one to the most appropriate CWE. This gives us 11 flaw types which led to the most severe flaws affecting Red Hat in 2009:"

Complete Story

Related Stories: