Error
generalmente de diseño de un programa o producto que es descubierto después de
ser lanzado al mercado.
A software security defect
that can be detected locally through static analysis.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/best-practices/risk/248-BSI.html
Bugs are software problems
that exist only in code. A bug that exists in code may or may not ever be
executed or exploitable. Therefore, a bug may or may not represent a
vulnerability in the underlying software. Bugs are used to describe minor
implementation errors that are typically easy to fix. Note that simply because
bugs are minor implementation errors does not mean that the impact of an
attacker exploiting the bug is small. For instance, a buffer overflow is a
well-known type of bug that is generally easy to fix. However, exploiting a
buffer overflow can give an attacker full control over a system.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/attack/590-BSI.html
A fault in a program which
causes the program to perform in an unintended or unanticipated manner. See:
anomaly, defect, error, exception, fault.
http://www.fda.gov/ora/Inspect_ref/igs/gloss.html