Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-38235PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc.
CVE-2022-38236PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc.
CVE-2022-38237PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc.
CVE-2022-38238PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc.
CVE-2022-36141PUBLISHED: 2022-08-16SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::MethodBody::write(SWF::Writer*, SWF::Context*).
User Rank: Ninja
9/25/2014 | 8:07:29 AM
I say this because unless an organization has IT security professionals as part of their workforce, the organization management will often consider any outsourcing of any kind for any function if it is believed to be a benefit in costs (and in some cases considered a COOP benefit).
Some older organizations may have, during their existence, learned (encountered) the risks involved with outsourcing certain functions and thus may have already implemented those functions as part of their own organization, but those are few and far between.