AttackFlow Findings Dictionary

Finding A Way To Try AttackFlow Enterprise Edition?

If so, click to download 15 days full version for free!

Writable Public Static Fields

Attackers may be able to modify a public static field changing the state of the software

Severity

Medium

Fix Cost

Low

Trust Level

High

public static fields are accessible by the client code. Moreover, the value of these fields can also be changed by malicious client code according to their advantage.

            
class FixItem implements CoreItem {
public static long serialUID = 19273630272L;
...
}
                 
            

public static fields are accessible by the client code. Moreover, the value of these fields can also be changed by malicious client code according to their advantage.

        
public static long serialUID = 19273630272L;
...
}
                 
            

public static fields are accessible by the client code. Moreover, the value of these fields can also be changed by malicious client code according to their advantage.

            
public static long serialUID = 19273630272L;
...
}
                 
            

Finding A Way To Purchase AttackFlow Enterprise Edition?

If so, click to buy now for yearly subscriptions!