Welcome Guest. | Log In| Register | Membership Benefits


DARK READING NEWSLETTER SUBSCRIPTION PAGE
To join our mailing lists, please submit the following information:
[To unsubscribe to our newsletter(s), click here]
 
* - required
*E-Mail:
 
 First Name:
 
 Last Name:
 
 Company Name:
 
 Postal Code:
 
  Country:
 
Check If You Will Receive Newsletters on a Mobile Device
   
Dark Reader Weekly Newsletter:
Your weekly keyhole into the chaos and mystery of network and data security. Look for this compilation every Thursday, chock-full of product and industry news, threat reports, vulnerability discoveries, compliance issues, and user experiences. In addition, there's also our enlightened and delusional commentary, as well best-of security stories from around the web.
Delivered: Thursdays
   
Dark Reading Daily Newsletter:
Your daily dose of the latest news, analysis and opinion from the editors and contributors of Dark Reading, the Internet's most paranoid publicaton for security intel.
Delivered: Daily
   
Dark Reading Database Security Weekly:
The Dark Reading Database Security Weekly offers news, analysis, and opinion on all aspects of database security. It brings readers insights on the latest threats and breaches in the database environment, as well as breaking news on the tools, practices and technologies for database defense.
Delivered: Tuesdays
   
CHECK BOTH
   
* Job Title:
 
  Business Address:
 
  City:
 
  State Prov:
 
  Phone Number (no dashes or spaces):
 
* Company Annual Revenues:
 
* Job Function:
 
  Company URL:
 
* Primary Business:
 
* Employees in Organization:
 

E-Mail Preference:

 






Bugs
ENTERPRISE VULNERABILITIES
Vulnerability:blazeds, coldfusion, flex data services, lifecycle
Published:2010-02-15
Severity:Medium
Description:Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.
Vulnerability:odyssey access client
Published:2010-02-15
Severity:High
Description:Stack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSERVICE_CMD_UNINSTALL command to the NeoterisSetupService named pipe.
Vulnerability:adobe air, flash player
Published:2010-02-15
Severity:Medium
Description:Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.
Vulnerability:adobe air, flash player
Published:2010-02-15
Severity:Medium
Description:Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
Vulnerability:dokuwiki
Published:2010-02-15
Severity:Medium
Description:Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.


Briefing Centers
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)