Exception Management
From Guidance Share
Contents |
[edit]
Description
Exceptions that are allowed to propagate to the client can reveal internal implementatiodetails that make no sense to the end user but are useful to attackers. Applications thatdo not use exception handling or implement it poorly are also subject to denial of servicattacks.
[edit]
Vulnerabilities
- Revealing sensitive data
- Lack of exception handling
[edit]
Attacks
- Attacker Reveals Implementation Details
- Denial of Service
[edit]
Countermeasures
Countermeasures to prevent Exception Management issues include: