Dark Reading
Protect The Business - Enable Access
Do more than just cursory scans. Develop
a holistic approach to app security.
Find out how!
Learn to take the ambiguity out of managing IT so you can guide your business forward.
Download now!
Use these tips from Gartner to identify the EPP solution that best suits your business.
Download now!
Most Recent | 1 | 2
Around The Web
TECH SHOUT
Facebook And Twitter To Face Emerging Threats In 2010, Says McAfee
Facebook And Twitter To Face Emerging Threats In 2010, Says McAfee
GLOBAL SECURITY MAGAZINE
Security Expert Finds Problem With Microsoft's MSN.com
Server error in regional subdomains could lead to attack, expert says
INFOWORLD
Top Security Predictions For 2010
Mobile security issues will worsen; cloud security will expand, pundits say
HELP NET SECURITY
E-Threats Shifting With Current Events
Malware and spam morph to take advantage of provocative news, BitDefender says
COMPUTERWORLD UK
Cybercriminals Pay For Access To Infected UK and US PCs
Bounty offered to those who infect PCs with malware, study says
TECH WORLD
Hackers Not Exploiting Windows Attack Code
SMBv2 bug not a popular target, security experts say
IT SECURITY PORTAL
Badly Configured Routing Compromises Security
Expert offers tips on how to avoid pitfalls that might leave networks vulnerable
MIT NEWS
Securing The Web
New MIT programming tool would automatically plug holes that hackers exploit
MULTICHANNEL NEWS
ComCast Sniffs Out Bots
New service alerts broadband users when their systems may be infected by a bot or virus
INFORMATION SECURITY RESOURCES
Software Defects Still Key Factor In Data Loss
Application software is at the heart of many breaches, experts say
TECH NEWS WORLD
Certified Ethical Hacker: Not Your Everyday Job
A look at the pros who are paid to find vulnerabilities before the bad guys do
MALAYSIA SUN
UK To Turn Hackers Into Cybersecurity "Top Guns"
Competitions are designed to help identify talented young security experts
COMPUTERWORLD UK
Cybercriminals Pay For Access To Infected UK and US PCs
Bounty offered to those who infect PCs with malware, study says
TECH WORLD
Hackers Not Exploiting Windows Attack Code
SMBv2 bug not a popular target, security experts say
IT SECURITY PORTAL
Badly Configured Routing Compromises Security
Expert offers tips on how to avoid pitfalls that might leave networks vulnerable
MIT NEWS
Securing The Web
New MIT programming tool would automatically plug holes that hackers exploit
MULTICHANNEL NEWS
ComCast Sniffs Out Bots
New service alerts broadband users when their systems may be infected by a bot or virus
INFORMATION SECURITY RESOURCES
Software Defects Still Key Factor In Data Loss
Application software is at the heart of many breaches, experts say
TECH NEWS WORLD
Certified Ethical Hacker: Not Your Everyday Job
A look at the pros who are paid to find vulnerabilities before the bad guys do
MALAYSIA SUN
UK To Turn Hackers Into Cybersecurity "Top Guns"
Competitions are designed to help identify talented young security experts
Best Of Web Archive:
Most Recent | 1| 2
What A DDoS Can Cost
Network Security Technology Evolving Rapidly, Forrester Says
UNC Charlotte Breach Affected More Than 350,000
MORE KEYHOLE
Published:2010-11-03
Severity:High
Description:Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long (1) CabURL and (2) Location arguments to the Install3rdPartyComponent method.
Published:2010-11-03
Severity:High
Description:Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.
Published:2010-11-03
Severity:Medium
Description:Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1) rs and (2) rsargs[] parameters.
Published:2010-11-03
Severity:High
Description:Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
Published:2010-11-03
Severity:Medium
Description:SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat parameter in a register action, a different vector than CVE-2005-2989, CVE-2006-2503, and CVE-2009-1033.
|
