Software Vulnerability Assessment Version Extraction and Verification

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Martin Boldt Articles by Bengt Carlsson Articles by Roy Martinsson

International Conference on Software Engineering Advances (ICSEA 2007)

Cap Esterel, France

August 25-August 31

ISBN: 0-7695-2937-2

	ASCII Text	x
	Martin Boldt, Bengt Carlsson, Roy Martinsson, "Software Vulnerability Assessment Version Extraction and Verification," Software Engineering Advances, International Conference on, pp. 59, International Conference on Software Engineering Advances (ICSEA 2007), 2007.

	BibTex	x
	@article{ 10.1109/ICSEA.2007.64, author = {Martin Boldt and Bengt Carlsson and Roy Martinsson}, title = {Software Vulnerability Assessment Version Extraction and Verification}, journal ={Software Engineering Advances, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2937-2}, pages = {59}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICSEA.2007.64}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Software Engineering Advances, International Conference on TI - Software Vulnerability Assessment Version Extraction and Verification SN - 0-7695-2937-2 SP EP A1 - Martin Boldt, A1 - Bengt Carlsson, A1 - Roy Martinsson, PY - 2007 KW - null VL - 0 JA - Software Engineering Advances, International Conference on ER -

Martin Boldt, Blekinge Institute of Technology, Sweden

Bengt Carlsson, Blekinge Institute of Technology, Sweden

Roy Martinsson, Blekinge Institute of Technology, Sweden

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICSEA.2007.64

Software vendors do not on a regular basis label their products with the exact software version. This is contrary to branded household products where model numbers and serial numbers allows the consumer to identify the product and get assistance if something goes wrong. We investigated version and product information within 8468 different software programs, where freeware and shareware showed a considerable lack of relevant information. A tool is proposed for identifying relevant version information and for verifying potential threats matched against a software vulnerability database. We suggest that software vendors in the future conform to general conventions of storing version information in a standardized way.

Citation:

Martin Boldt, Bengt Carlsson, Roy Martinsson, "Software Vulnerability Assessment Version Extraction and Verification," icsea, pp.59, International Conference on Software Engineering Advances (ICSEA 2007), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.