The IT Law Wiki


A security flaw

is an error of commission or omission in a system that may allow protection mechanisms to be bypassed.[1]
represents the potential for one user to access (i.e., read, modify, manipulate, or destroy) another user's information or programs against that user's wishes or to gain control of the operating system.[2]


  1. Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).
  2. Security Analysis and Enhancement of Computer Operating Systems, at 55.