Searching through
http://www.csl.sri.com/neumann/illustrative.html
gives these COBOL-related RISKS items. The initial
character descriptors are defined there. In the citations,
* R relates to RISKS (archives at risks.org)
* S relates to SIGSOFT Software Engineering Notes (archives at
www.sigsoft.org/SEN/ although more recent items also in RISKS)
Vf West Drayton ATC system bug found in 2-yr-old COBOL code (S 16 3, R 11 30)
\$fe IRS COBOL reprogramming delays; interest paid on over 1,150,000 refunds
(S 10 3:12)
S[H?] Election frauds, lawsuits, spaghetti code, same memory locations
used for multiple races simultaneously, undocumented GOTOs, COBOL
ALTER verb allowing self-modifying code, calls to undocumented/unknown
subroutines, bypassable audit trails (S 11 3);
Report from the Computerized Voting Symposium, August 1986 (S 11 5)
Sie
Data transfer Excel-COBOL loses voter data in 2003 Greenville
Mississippi election (R 22 95)
\$hi Man gets \$218 trillion phone bill (R 24 24); COBOL program?
(R 24 27,29,30,33)
f Discussion of date and century roll-over problems:
Fujitsu SRS-1050 ISDN display phones fail on two-digit month (10);
1401 one-character year field; COBOL improvements; IBM 360 (S 20 2:13)
[See Fred Ballard and Walt Murray (R 16 70 ff).]
[Lots of stuff is relevant on COBOL's two-character year field
and the entire Y2K saga.]
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________
