Sample Essay
An attacker may use a specially created website to exploit this vulnerability via Internet Explorer by convincing a user to visit the website. The attacker may also use already compromised websites that accept or host user-privileged content or advertisements by hosting specially designed content on these websites (Secure Scout 2010). This specially designed content capitalizes on the Internet Explorer’s weakness to control the execution of code which is commonly termed as Code Injection (Viega, LeBlanc and Howard 2009).
This means that the Internet Explorer does not sufficiently separate code (in control plane) syntax for the user-controlled input (which in data plane) when the input by user is used within the code which is generated by Internet Explorer. In other words, Internet Explorer allows for the injection of control-plane data into the data plane. Due to this weakness, it then becomes possible to alter the execution of a process by sending it data through legitimate channels, without using any other mechanisms. While other types of flaws such as buffer overflow require dealing with further issues, the code injection vulnerability only requires the data to be parsed by the application (Security Database Website 2010)
The Security Database website provides an excellent example of how the code injection vulnerability works. It illustrates the vulnerability with a code of PHP language which is used to write user messages to a file and allows the users to view them. The code is as following
$MessageFile = “cwe-94/messages.out”;
if ($_GET[“action”] == “NewMessage”) {
$name = $_GET[“name”];
This is just a sample term paper for marketing purposes. If you want to order term papers, essays, research papers, dissertations, case study, book reports, reviews etc. Please access the order form.
