Hi All, Does anyone know where to find an augmented CVE database with: (1) programming language and (2) failure classification?
For example, CVE-2013-3301 is the Linux kernel, written in C, and the failure is lack of parameter validation. As another example, CVE-2013-3302 would also be the Linux kernel, written in C, with a failure of race condition. (I'm very interested in aggregated data on all programs/modules written in C/C++/Objective C). Jeff _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
