BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
cisco

Cisco Global Site Selector Cross-Site Request Forgery

Disclosed September 4, 2013    Zeroday : 471 days
Vendors: Cisco
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Request Forgery
Exploit Availability: No Exploit Available
Categories:
Zeroday Tracker
flowwebdesign

Flo CMS SQL Injection

Disclosed September 3, 2013    Zeroday : 472 days
Vendors: Flo Web Design Ltd.
Vulnerability Severity: Medium
Exploit Impact: SQL Injection
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
tplink

TP-Link TD-W8951ND Cross Site Request Forgery / Cross Site Scripting

Disclosed August 30, 2013    Zeroday : 476 days
Vendors: TP-Link
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Request Forgery, Cross-Site Scripting
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
Bite apple2

ABCDKERNELPANIC: Unicode vs. Apple Inc.

Posted August 29, 2013    BeyondTrust Research Team

Yesterday, Russian researchers publicly disclosed the presence of a denial of service vulnerability affecting OS X 10.8 and iOS 6. OS X 10.9 Mavericks and iOS 7 are unaffected. So what’s the big deal with this particular denial of service vulnerability? It’s remotely exploitable and is trivial to trigger. Stringing together a series of Unicode characters, Arabic \u062E\u0337\u0334\u0310\u062E,…

Categories:
Security Research
Tags:
, , , , , , ,
infraware

Polaris Viewer DOCX VML Shape Tag Remote Code Execution Vulnerability

Disclosed August 29, 2013    Fully Patched
Vendors: Infraware
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability:
Categories:
Zeroday Tracker
apple

iOS and OS X Unicode Core Text Remote Denial of Service

Disclosed August 28, 2013    No Patch Available
Vendors: Apple
Vulnerability Severity: High
Exploit Impact: Denial of Service
Exploit Availability:
Categories:
Zeroday Tracker
zeroday-default

EPS Viewer Buffer Overflow

Disclosed August 28, 2013    Zeroday : 478 days
Vendors: EPS Viewer
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
aloaha

Aloaha PDF Suite Buffer Overflow Vulnerability

Disclosed August 28, 2013    Zeroday : 478 days
Vendors: Aloaha Software
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
avtech

AVTECH DVR Multiple Vulnerabilities

Disclosed August 28, 2013    Zeroday : 478 days
Vendors: AVTECH
Vulnerability Severity: High
Exploit Impact: Remote Code Execution, Security Bypass
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
vmworld2013_logo_richblack

Live from VMWorld

Posted August 27, 2013    Morey Haber

This time it is all about virtualization and rightfully so. VMWorld 2013 is one of the largest shows I have seen in a long time, focused solely on a single subject and vendors are spread out across the expo floor covering everything from layer 7 switching fabrics for virtualized networks, to high speed SSD caches…

Categories:
Vulnerability Management
Tags:
, , , , , ,