Digital Subscription & Customer Support

Live Events

Webinars

More UBM Tech
Live Events

Plan and Deploy a Most Cost-Effective 4G Infrastructure

Join the Conference for 4G/LTE Professionals at CTIA

Come to Interop New York, Sept 29 - Oct 3, 2014

White Papers

Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk

5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain

The Public Sector Cloud Perspective

Visibility for Converged Infrastructure Solutions

White Book: Cloud Adoption - The Definitive Guide to a Business Technology Revolution

More White Papers

Flash Poll

All Polls

Current Issue

Dark Reading Must Reads July 15, 2014

Download This Issue!

Subscribe Now!

Back Issues | Must Reads

Cartoon

Latest Comment: This actually applies to a lot of things in security, so it's a wise joke well-taken.

Cartoon Archive

Reports

Infographics

DevOps’ Impact on Application Security

Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.

Download Now!

More Reports

Video

All Videos

Slideshows

7 Black Hat Sessions Sure To Cause A Stir

5 comments | Read | Post a Comment

Ransomware: 5 Threats To Watch

5

6 Things That Stink About SSL

12

More Slideshows

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2014-1544

Published: 2014-07-23
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger cer...

CVE-2014-1547

Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1548

Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1549

Published: 2014-07-23
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and applica...

CVE-2014-1550

Published: 2014-07-23
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

Best of the Web

One Congressman’s Crusade To Save the World From Killer Robots

Hackers Find Way To Outwit Tough Security At Banking Sites

"Crypto Ransomware" CTB-Locker (Critroni.A) on the rise

Black Hat Anti-Tor Talk Smashed By Lawyers' Wrecking Ball

Google Must Face U.S. Privacy Lawsuit Over Commingled User Data