Chapter 7 Flashcards
(14 cards)
Memory injection
Unauthorized code inserted into a program’s memory space
Buffer overflow
Data exceeding allocated memory, leading to potential exploits
Race conditions
Conflicts arise when multiple processes access shared resources
TOC and TOU
Timing mismatches exploited during checks and usage
Malicious update
Attackers introducing harmful code through software updates
SQL injection (SQLI)
Attackers manipulating input to exploit database vulnerabilities
Cross-Site scripting (XSS)
Malicious scripts injected into web pages
VM escape
Unauthorized breakout from a VM to the host system
VM sprawl
Unmanaged VM’s installed on your network
Cryptographic vulnerabilities
Weaknesses in encryption methods and attackers exploit
Misconfiguration vulnerabilities
Errors in a system setup, leading to security holes
Side loading
Installing apps from unofficial sources, risking malicious software
Jailbreaking
Bypassing iOS restrictions, compromising device security
Zero-day vulnerabilities
Unknown software flaws exploited by attackers before fixes are available
