More cloud security whitepapers
Free Research and Reports
- Making Cloud Storage Work For Your Organization - Interop New York
- Faster, Cheaper, More Flexible: The Next-Generation WAN - Interop New York
- Key Elements of a Vulnerability Management Program - Interop New York
- Is Your Data Really Safe? A Security Checklist Everyone Must Implement - Interop New York
- Next-Generation Firewalls: Results from the Lab - Interop New York
Dark Reading Digital Magazine
Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which allows attackers to gain privileges via a crafted application.
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory locations within bootloader memory.