Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in October 2006
HSPD-12's Toothless Deadline
News  |  10/27/2006  | 
US federal government's mandate for physical and logical security plagued by confusion, lack of funding
Mending Holes in the Blogosphere
News  |  10/27/2006  | 
Free Vox blogging service controls JavaScript, lets bloggers set privacy controls
Microsoft Promises Open Email Security
News  |  10/23/2006  | 
Microsoft pulled its Sender ID email authentication protocol under its OSP program to promote development of the once-controversial spec
Phishers' Catch: Better Than Expected
News  |  10/19/2006  | 
A new study from the University of Indiana indicates that phishers are more successful at catching users than most industry estimates suggest
ISPs Plan Security Push
News  |  10/18/2006  | 
New opportunities, public criticism drive service providers to develop more comprehensive security services
CSRF Vulnerability: A 'Sleeping Giant'
News  |  10/17/2006  | 
A mostly unknown Web vulnerability called Cross-Site Request Forgery could be the next attack vector on your Website
Power Pay
News  |  10/13/2006  | 
As the 2006 holiday season looms, retailers consider bypassing credit cards in favor of more secure online payment options
Anti-Malware Tools Trip Up IE7 Install
News  |  10/13/2006  | 
Temporarily disable your anti-malware apps before installing new Internet Explorer, says Microsoft
A-Listing Your Apps
News  |  10/12/2006  | 
Enterprises enlist app whitelisting to combat malware and unauthorized tools, but the approach has a dark side
Low-Cost PCs Pose Risk
News  |  10/9/2006  | 
Benefactors look to secure millions of identical computers to be unleashed in One Laptop Per Child initiative
Diebold Disses Democracy
News  |  10/9/2006  | 
Technologists may be surprised by how far things can get off track when the law embraces bad security ideas for no apparent reason
A Secure Channel for Customers
News  |  10/6/2006  | 
A startup is developing the means to bypass phishers and hackers with a secure link to clients


When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).
CVE-2021-25175
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 1 of 3.
CVE-2021-25176
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 2 of 3.
CVE-2021-25177
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 3 of 3.