Dark Reading

News

More Security Insights

White Papers

Reports

Webcasts

More >>

Page 2:

Related Reading

Dark Reading Discussions

Disqus Tips

To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.

Follow Dark Reading

Free Research and Reports

What's this?From the Editors of DarkReading

Box Icon

Whitepapers

What's this?

Box Icon

Upcoming Events

Live Events
WebCasts

Dark Reading Digital Magazine

Dark Reading June 2013 Digital Issue

Back Issues

In This Issue

Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.

Download Now

Tech Insight

06.11.2013
What You Need To Know To Be A Cyber Forensics Pro

05.24.2013
Free Versus Commercial Vulnerability Scanning Tools

04.26.2013
Time To Set Up That Honeypot

03.12.2013
Securing Cisco IP Telephony

02.17.2013
Attribution Is Much More Than A Source IP

02.14.2013
New CA Group Has Big Names, Small Impact

02.04.2013
How To Build An IT Security Budget

01.22.2013
5 Approaches To Decaffeinating Java Exploits

Bugs

Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database

CVE-2013-2969
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
CVE-2013-2968
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-4622
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
CVE-2013-0484
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.
CVE-2013-3744 (jre, jdk)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.