Examples of Vulnerability

Examples of com.denimgroup.threadfix.data.entities.Vulnerability

106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
      log.warn("Null input, exiting.");
      return null;
    }

        Map<String, Object> map = new HashMap<>();
    Vulnerability vuln = allVulns.get(0);

    Application application = vuln.getApplication();
   
    if (application != null) {
      applicationService.decryptCredentials(application);
    }
   
    AbstractDefectTracker dt = DefectTrackerFactory.getTracker(application);
    if (dt == null) {
      log.warn("Unable to load Defect Tracker.");
      return null;
    }
   
    String editedSummary = summary, editedPreamble = preamble;

    // TODO handle error cases better.
    if (editedSummary == null || editedSummary.equals("")) {
      if (vuln.getGenericVulnerability() != null && vuln.getSurfaceLocation() != null) {
        editedSummary = createMessage(vuln);
      } else {
        editedSummary = "No editedSummary could be parsed.";
      }
    }

    if (editedPreamble == null || editedPreamble.equals("")) {
      if (vuln.getGenericVulnerability() != null && vuln.getSurfaceLocation() != null) {

                if(additionalScannerInfo){
                    String additionalScannerInfoStr = getAdditionalScannerInfo(allVulns);

                    if(additionalScannerInfoStr == null || additionalScannerInfoStr.equals("")){
View Full Code Here

Examples of com.denimgroup.threadfix.data.entities.Vulnerability

259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
    if (vulns == null || vulns.size() == 0) {
      return noVulnsError;
    }

    Vulnerability vuln = vulns.get(0);
    if (vuln == null || vuln.getApplication() == null) {
      return noDefectTrackerError;
    }

    Application application = vuln.getApplication();

        applicationService.decryptCredentials(application);

        AbstractDefectTracker dt = DefectTrackerFactory.getTracker(application);
    if (dt == null) {
View Full Code Here

Examples of com.denimgroup.threadfix.data.entities.Vulnerability

381
382
383
384
385
386
387
388
389
390
391
392
393
        vulnerabilities.get(0).getApplication() == null) {
      log.warn("Null input, exiting.");
      return false;
    }
   
    Vulnerability vuln = vulnerabilities.get(0);

    Application application = vuln.getApplication();

        if (application == null) {
            return false;
        }
View Full Code Here

Examples of de.pdf_scrutinizer.data.Vulnerability

156
157
158
159
160
161
162
163
164
165
166
        if (bytes[tiff_offset] == 0x7
                && bytes[tiff_offset + 1] == 0x0
                && bytes[tiff_offset + 2] == 0x0
                && bytes[tiff_offset + 3] == 0x1) {
            Vulnerability v = new Vulnerability("CVE-2010-0188");
            v.description = "tiff integer overflow";
            v.references.add("http://blog.fortinet.com/cve-2010-0188-exploit-in-the-wild/");
            scrutinizer.getAnalysisResult().vulnerabilityUsed(v);
        }
    }
View Full Code Here

Examples of de.pdf_scrutinizer.data.Vulnerability

85
86
87
88
89
90
91
92
93
94
95
                                //
                                // thats just the PoC value.
                                // it could have different values!
                                //
                                if (segmentpageassociation == 0x333333) {
                                    Vulnerability v = new Vulnerability("CVE-2009-0658");
                                    v.description = "JBIG2 overflow";
                                    v.references.add("http://www.secureworks.com/research/blog/research/20947/");
                                    scrutinizer.getAnalysisResult().vulnerabilityUsed(v);
                                }
                            }
View Full Code Here

Examples of org.gnubridge.core.bidding.Vulnerability

86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
    mainController.getBiddingController().placeBid(7, "Clubs");
    mainController.playGame();
    playGameToTheEnd(mainController);
    Thread.sleep(300);
    int score = new ScoreCalculator(mainController.getBiddingController().getAuction().getHighBid(), mainController
        .getGameController().getGame().getTricksTaken(Player.NORTH_SOUTH), new Vulnerability(false, false))
        .getDeclarerScore();
    System.out.println("Game finished. Declarers took "
        + mainController.getGameController().getGame().getTricksTaken(Player.NORTH_SOUTH) + " tricks. Score: "
        + score);

    assertTrue(1000 + 20 * 7 == score || 1500 + 20 * 7 == score);

    System.out.println("Running Human Score: " + mainController.getRunningHumanScore());
    System.out.println("Running Computer Score: " + mainController.getRunningComputerScore());
    assertEquals(0, mainController.getRunningComputerScore());

    preInitializeGame13Tricks();
    mainController.getGameController().newGame();
    mainController.getBiddingController().placeBid(7, "Spades");

    Thread.sleep(300);

    mainController.playGame();
    playGameToTheEnd(mainController);
    score = new ScoreCalculator(mainController.getBiddingController().getAuction().getHighBid(), mainController
        .getGameController().getGame().getTricksTaken(Player.NORTH_SOUTH), new Vulnerability(false, false))
        .getDefenderScore();

    System.out.println("Running Human Score: " + mainController.getRunningHumanScore());
    System.out.println("Running Computer Score: " + mainController.getRunningComputerScore());
    System.out.println("Game finished. Declarers took "
View Full Code Here

Examples of org.owasp.dependencycheck.dependency.Vulnerability

462
463
464
465
466
467
468
469
470
471
472
473
                final String cveId = rs.getString(1);
                final String cpeId = rs.getString(2);
                final String previous = rs.getString(3);
                if (!cveEntries.contains(cveId) && isAffected(cpe.getVendor(), cpe.getProduct(), detectedVersion, cpeId, previous)) {
                    cveEntries.add(cveId);
                    final Vulnerability v = getVulnerability(cveId);
                    v.setMatchedCPE(cpeId, previous);
                    vulnerabilities.add(v);
                }
            }
            DBUtils.closeResultSet(rs);
            DBUtils.closeStatement(ps);
View Full Code Here

Examples of org.owasp.dependencycheck.dependency.Vulnerability

496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
        PreparedStatement psR = null;
        PreparedStatement psS = null;
        ResultSet rsV = null;
        ResultSet rsR = null;
        ResultSet rsS = null;
        Vulnerability vuln = null;
        try {
            psV = getConnection().prepareStatement(SELECT_VULNERABILITY);
            psV.setString(1, cve);
            rsV = psV.executeQuery();
            if (rsV.next()) {
                vuln = new Vulnerability();
                vuln.setName(cve);
                vuln.setDescription(rsV.getString(2));
                String cwe = rsV.getString(3);
                if (cwe != null) {
                    final String name = CweDB.getCweName(cwe);
                    if (name != null) {
                        cwe += " " + name;
                    }
                }
                final int cveId = rsV.getInt(1);
                vuln.setCwe(cwe);
                vuln.setCvssScore(rsV.getFloat(4));
                vuln.setCvssAccessVector(rsV.getString(5));
                vuln.setCvssAccessComplexity(rsV.getString(6));
                vuln.setCvssAuthentication(rsV.getString(7));
                vuln.setCvssConfidentialityImpact(rsV.getString(8));
                vuln.setCvssIntegrityImpact(rsV.getString(9));
                vuln.setCvssAvailabilityImpact(rsV.getString(10));

                psR = getConnection().prepareStatement(SELECT_REFERENCE);
                psR.setInt(1, cveId);
                rsR = psR.executeQuery();
                while (rsR.next()) {
                    vuln.addReference(rsR.getString(1), rsR.getString(2), rsR.getString(3));
                }
                psS = getConnection().prepareStatement(SELECT_SOFTWARE);
                psS.setInt(1, cveId);
                rsS = psS.executeQuery();
                while (rsS.next()) {
                    final String cpe = rsS.getString(1);
                    final String prevVersion = rsS.getString(2);
                    if (prevVersion == null) {
                        vuln.addVulnerableSoftware(cpe);
                    } else {
                        vuln.addVulnerableSoftware(cpe, prevVersion);
                    }
                }
            }
        } catch (SQLException ex) {
            throw new DatabaseException("Error retrieving " + cve, ex);
View Full Code Here

Examples of org.owasp.dependencycheck.dependency.Vulnerability

335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
        }
        if (hasCve() || hasCwe() || hasCvssBelow()) {
            final Iterator<Vulnerability> itr = dependency.getVulnerabilities().iterator();
            while (itr.hasNext()) {
                boolean remove = false;
                final Vulnerability v = itr.next();
                for (String entry : this.cve) {
                    if (entry.equalsIgnoreCase(v.getName())) {
                        remove = true;
                        break;
                    }
                }
                if (!remove) {
                    for (String entry : this.cwe) {
                        if (v.getCwe() != null) {
                            final String toMatch = String.format("CWE-%s ", entry);
                            final String toTest = v.getCwe().substring(0, toMatch.length()).toUpperCase();
                            if (toTest.equals(toMatch)) {
                                remove = true;
                                break;
                            }
                        }
                    }
                }
                if (!remove) {
                    for (float cvss : this.cvssBelow) {
                        if (v.getCvssScore() < cvss) {
                            remove = true;
                            break;
                        }
                    }
                }
View Full Code Here

Examples of org.owasp.dependencycheck.dependency.Vulnerability

98
99
100
101
102
103
104
105
106
107
108
    @Override
    public void startElement(String uri, String localName, String qName, Attributes attributes) throws SAXException {
        current.setNode(qName);
        if (current.isEntryNode()) {
            hasApplicationCpe = false;
            vulnerability = new Vulnerability();
            vulnerability.setName(attributes.getValue("id"));
        } else if (current.isVulnProductNode()) {
            nodeText = new StringBuilder(100);
        } else if (current.isVulnReferencesNode()) {
            final String lang = attributes.getValue("xml:lang");
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.