Security Slideshow: Web App Vulnerabilities Emerge as Enterprise Security Threat
By Dennis McCafferty | Posted 10-13-201080 percent
80 percent is the share of network attacks that target Web-based systems.
4,059
4,059 is the total number of Web application vulnerabilities found for first-half 2010.
790
790 is the number of cross-site scripting vulnerabilities impacting Web applications in first-half 2010.
155
155 is the number of cross-site request forgery vulnerabilities impacting Web applications in first-half 2010.
542
542 is the number of SQL-injection vulnerabilities impacting Web applications in first-half 2010.
385
385 is the number of buffer-overflow vulnerabilities impacting Web applications in first-half 2010.
378
378 is the number of "remote-file include" vulnerabilities impacting Web applications in first-half 2010.
418
418 is the number of denial-of-service vulnerabilities impacting Web applications in first-half 2010.
Known, Un-Patched Vulnerabilities
MS ExplorerJune 2010: 6May 2010: 1
Known, Un-Patched Vulnerabilities
Mozilla FirefoxJune 2010: 9May 2010: 2
Known, Un-Patched Vulnerabilities
Safari/WebKitJune 2010: 20 May 2010: 19
Known, Un-Patched Vulnerabilities
Flash/ShockwareJune 2010: 12May 2010: 9
199,077
199,077 is the number of HTTP client-side attacks in June 2010, mostly stemming from malicious JavaScript and file-format attacks, up from just under 150,000 in May.
12 million
More than 12 million is the number of HTTP server-side attacks in June, mostly XSS, SQL Injection and PHP RFI, up from just over 9.8 million in May.
28,477
28,477 is the number of SMB attacks in June, up from an estimated 28,200 in May.
82,203
82,203 is the number of JavaScript-based attacks in June, up from about 67,500 in May.
