Elevation of Privilege (EoP)
2–4 of Elevation of Privilege. There are no cards for the 2, 3, or 4 of Elevation of Privilege, as we were unable to find EoP threats we thought would be common enough to warrant cards. Suggestions are welcome.
5 of Elevation of Privilege. An attacker can force data through different validation paths which give different results. If you have different code performing similar validation, then it's hard for your other functions to know what will be checked. This is a great opportunity to refactor.
6 of Elevation of Privilege. An attacker could take advantage of .NET permissions you ask for but don't use. The .NET Framework is an example; since the game was created, frameworks with permissions have become quite trendy, appearing in many mobile and even desktop operating systems. Asking for permissions you don't need reduces the security value of these frameworks.
7 of Elevation of Privilege. An attacker can provide a pointer across a trust...