I'm interested in learning secure coding best practices (specifically for Java apps) and I'm reading OWASP's Secure Coding Practices checklist. Under their Memory Management section they state the following:
Avoid the use of known vulnerable functions (e.g.,
printf,strcat,strcpy, etc.).
I'm not a C/C++ developer, but this must mean that the above functions have security vulnerabilities in them. I ran a couple of searches for vulnerable Java methods and all I came up with was this CVE.
What Java SE/EE methods (if any) apply to this advisory from OWASP?
For C APIs, yes, you can cause problems with those functions by doing unintentional memory corruption if your parameters are not carefully checked.
In Java, since all operations are automatically checked, this class of memory corruption exploit should not happen (barring bugs in the implementation).