
Code Auditing and Reverse Engineering • Chapter 6 245
Server.CreateObject function, you don’t have to worry about
your script containing ADO vulnerabilities. If your script does
create ADODB objects, then you need to look at the Open
methods of the created objects.
■
Java Java uses the JDBC (Java DataBase Connectivity) interface
stored in the java.sql module. If your application uses the
java.sql module, then you need to look at the uses of the
createStatement() and execute() methods.
■
Perl Perl can use the generic database-independent DBI
module, or the database-specific DB::* modules.The functions
exported by each module widely vary, so you should deter ...