Functions that cannot be used safely should never be used.
Certain functions behave in dangerous ways regardless of how they are used. Functions in this category were often implemented without taking security concerns into account.
.
[1] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A5 Buffer Overflow
[2] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP2060.4 CAT II, APP3590.2 CAT I
[3] Standards Mapping - Web Application Security Consortium 24 + 2 - (WASC 24 + 2) Buffer Overflow
[4] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 242
[5] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 676
[6] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 - (PCI 1.2) Requirement 6.3.1.1
[7] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 - (PCI 2.0) Requirement 6.5.2
[8] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 - (PCI 1.1) Requirement 6.5.5