Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-38235PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc.
CVE-2022-38236PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc.
CVE-2022-38237PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc.
CVE-2022-38238PUBLISHED: 2022-08-16XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc.
CVE-2022-36141PUBLISHED: 2022-08-16SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::MethodBody::write(SWF::Writer*, SWF::Context*).
User Rank: Ninja
6/13/2017 | 3:37:47 PM
The average person is definitely aware (even if on a subconscious level) the impact on infrastructure something as singular as a traffic accident can have, or a train collision. The amount of interdependent systems and parts that are affected freeze up more than just traffic around an accident. We are all resources to some extent for other systems, and cargo trucks held up by traffic are causing other systems again delays, and so on.
Now, imagine your airport shutting down entirely due to an electronic intrusion of the air traffic control systems. Or your state power grids completely shut off. Imagine nuclear plants pushed to meltdown, or missile silos engaged outside normal controls. For all the information security industry puts into protecting banks (yes, those too can be brought to a complete shutdown), we need to be sure equal if not superior effort and resources are being assigned to infrastructure.
Understanding the level of intertwined systems that keep society moving, we would see a devastating cascade effect of descent into chaos should any number of U.S. infrastructure towers should crumble. Incidents like those in the Ukraine are a huge red flag to us in the U.S. to not slumber on this. We must find more funding, more resources and move quickly to ensure the protection of our infrastructure, both high- and low-tech.