What is a Vulnerability?
We turn to Wikipedia for the definition of "Vulnerability":
In computer security, the term vulnerability is applied to a weakness in a system which allows an attacker to violate the integrity of that system. Vulnerabilities may result from weak passwords, software bugs, a computer virus, a script code injection, a SQL injection, a Blue Pill, or malware. A vulnerability may exist only in theory, or may have a known instance of an exploit.
A construct in a computer language is said to be a vulnerability, when many program faults can have their root cause traced to its use.
You may be inwardly asking yourself, "Why do weaknesses in the system happen? Can't these programmers just do a better job?" Your question is fair. However, before you pass a judgment on the hapless programmers slaving away over a keyboard, let's examine some well-know areas where vulnerabilities can happen in code.
Again returning to Wikipedia, we see a few causes:
Password Management Flaws: The...