Dark Reading

More news whitepapers

Remote Data Replication: Combat Disasters And Optimize Business Operations

Metzler: The 2013 Application and Service Delivery Handbook

Evaluating the Performance of Shared WAN Links for Data Center Backup and Disaster Recovery

Riverbed vs Silver Peak: WAN Optimization Vendors Put to the Test

Improving SQL Availability and Performance: 6 Key Questions to Consider Before You Scale Up

Policy Control & SDN: A Perfect Match? - by Heavy Reading

Storage Infrastructure as a Service The Best of Cloud and On-premises Storage

Putting Metaswitch's SBC Software to the Test

Altair Speeds Complex Simulation and Workload Management with the Intel' Xeon Phi Coprocessor

Check Point 2013 Internet Security Report

Unified Communications Buyer's Guide

Demystifying Unified Communications

Secrets Revealed: Brilliant Simplicity and Lower TCO

Comparison of Cisco and ShoreTel Unified Communication Solutions

Comparison of Avaya and ShoreTel Unified Communication Solutions

Don't Get Stuck on Your Virtualization Journey: Where to Focus Next

How Virtualization is Key to Managing Risk

Top 10 Considerations for Getting Started with VMware Virtualization

Crash Insurance: Protect Your Business with Virtualization

Beyond Cost Savings: Four Compelling Reasons To Virtualize Your IT Environment

When It Makes Sense to Move to Desktop Virtualization: Seven Key Indicators

Top 10 Tech Tips: vSphere with Operations Management

Taneja Group: Overview of Virtualization and Cloud Market Vendor Landscape for SMBs

Real World Considerations for Implementing Desktop Virtualization eBook

Websense 2013 Threat Report

Follow Dark Reading

Free Research and Reports

What's this?From the Editors of DarkReading

Box Icon

Whitepapers

What's this?

Box Icon

Upcoming Events

Live Events
WebCasts

Dark Reading Digital Magazine

Dark Reading June 2013 Digital Issue

Back Issues

In This Issue

Endpoint Security: End user security requires layers of tools and training as employees use more devices and apps.
Security Isn't A Piece Of Cake: It's time we rethink the conventional wisdom about security layering.
BYOD Is Here To Stay: Trying to keep employees' devices off the network is futile.

Download Now

Tech Insight

06.11.2013
What You Need To Know To Be A Cyber Forensics Pro

05.24.2013
Free Versus Commercial Vulnerability Scanning Tools

04.26.2013
Time To Set Up That Honeypot

03.12.2013
Securing Cisco IP Telephony

02.17.2013
Attribution Is Much More Than A Source IP

02.14.2013
New CA Group Has Big Names, Small Impact

02.04.2013
How To Build An IT Security Budget

01.22.2013
5 Approaches To Decaffeinating Java Exploits

Bugs

Enterprise Vulnerabilities From DHS/US-CERT's National Vulnerability Database

CVE-2013-4612 (redcap)
Multiple cross-site scripting (XSS) vulnerabilities in REDCap before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving different modules.
CVE-2013-4611 (redcap)
Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving (1) the Online Designer page or (2) the Manage Survey Participants page.
CVE-2013-4610 (redcap)
Unspecified vulnerability in the Data Search utility in data-entry forms in REDCap before 5.0.3 and 5.1.x before 5.1.2 has unknown impact and remote attack vectors.
CVE-2013-4609 (redcap)
REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain undocumented syntax within branching logic and calculations, which allows remote authenticated users to bypass intended access restrictions via (1) the Online Designer or (2) the Data Dictionary upload, as demonstrated by an eval call.
CVE-2013-4608 (redcap)
Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page.