[WEB SECURITY] What's the differences between weakness and vulnerability?
prasad.shenoy at gmail.com
Thu Nov 10 13:37:25 EST 2011
A weakness can give way to many vulnerabilities.
For more complicated answers, see other people's responses :p
[ ~ Prasad | @prasadshenoy ~]
On Sun, Nov 6, 2011 at 3:35 AM, matthew chao <mathewchao at gmail.com> wrote:
> WASC's definition of "weakness": "The underlying vulnerability within
> the application that is exploited." It seem weakness is equal to
> vulnerability, and WASC's Glossary
> Glossary) doesn't include the terms.
> However, according to "http://cwe.mitre.org/about/faq.html#A.1",
> "Software weaknesses are errors that can lead to software
> vulnerabilities. A software vulnerability is a mistake in software
> that can be directly used by a hacker to gain access to a system or
> network.", so they are different concepts.
> The situation is confused. so what's the differences between weakness
> and vulnerability? thanks!
> The Web Security Mailing List
> WebSecurity RSS Feed
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> websecurity at lists.webappsec.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity