Powered by Deep Web Technologies
Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

5: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny 5: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service November 25, 2011 - 9:00am Addthis PROBLEM: A vulnerability was reported in the Windows Kernel. A local user can cause denial of service conditions. PLATFORM: Windows Win32k.sys ABSTRACT: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny reference LINKS: SecurityTracker Alert ID: 1026347 Secunia ID: SA46919 IMPACT ASSESSMENT: Low Discussion: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an indexing error in the win32k.sys driver when loading a keyboard layout file. This can be exploited to access

2

U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users...  

Broader source: Energy.gov (indexed) [DOE]

Restrict access to trusted users only. Addthis Related Articles U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-046:...

3

V-202: Cisco Video Surveillance Manager Bugs Let Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

2: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially...

4

U-047: Siemens Automation License Manager Bugs Let Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

7: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or...

5

V-149: Microsoft Internet Explorer Object Access Bug Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

CDwnBindInfo Object Reuse Flaw Lets Remote Users Execute Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code...

6

V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot...  

Broader source: Energy.gov (indexed) [DOE]

Bug Lets Local Users Deny Service V-098: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service U-036: Apple iOS Bugs Let Remote Users Execute Arbitrary Code...

7

U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain...  

Broader source: Energy.gov (indexed) [DOE]

9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass...

8

U-163: PHP Command Parameter Bug Lets Remote Users Obtain Potentially...  

Broader source: Energy.gov (indexed) [DOE]

63: PHP Command Parameter Bug Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code U-163: PHP Command Parameter Bug Lets Remote Users Obtain...

9

T-633: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets...  

Broader source: Energy.gov (indexed) [DOE]

33: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users Deny Service T-633: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users Deny Service May 31,...

10

T-579: BlackBerry Device Software Bug in WebKit Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

79: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code T-579: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code March 15, 2011 - 5:05pm...

11

T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated...  

Office of Environmental Management (EM)

T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated Privileges and Remote and Local Users Deny Service T-563: Red Hat Directory Server Bugs Let Local Users Gain...

12

U-201: HP System Management Homepage Bugs Let Remote Users Deny...  

Broader source: Energy.gov (indexed) [DOE]

01: HP System Management Homepage Bugs Let Remote Users Deny Service U-201: HP System Management Homepage Bugs Let Remote Users Deny Service June 28, 2012 - 7:00am Addthis PROBLEM:...

13

V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets...  

Office of Environmental Management (EM)

71: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service...

14

V-015: Apple iOS Bugs Let Remote Users Execute Arbitrary Code...  

Broader source: Energy.gov (indexed) [DOE]

5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information V-015: Apple iOS Bugs Let Remote...

15

V-203: HP LoadRunner Multiple Bugs Let Remote Users Deny Service...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

system. SOLUTION: The vendor has issued a fix(11.52) Addthis Related Articles V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code V-171: Apple Safari Bugs Let...

16

U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code...  

Broader source: Energy.gov (indexed) [DOE]

21: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-121: Apple iOS Bugs Let Remote...

17

U-061: RSA Adaptive Authentication Bugs Let Remote Users Bypass...  

Broader source: Energy.gov (indexed) [DOE]

Bugs Let Remote Users Bypass Certain Security Controls. PLATFORM: 6.0.2.1 SP1 Patch 2 and SP1 Patch 3 6.0.2.1 SP2 and SP2 Patch 1 6.0.2.1 SP3 ABSTRACT: A remote user may...

18

U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially...  

Energy Savers [EERE]

and enhancement update U-068:Linux Kernel SGIO ioctl Bug Lets Local Users Gain Elevated Privileges T-712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update...

19

T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain...  

Broader source: Energy.gov (indexed) [DOE]

Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct...

20

U-049: IBM Tivoli Netcool Reporter CGI Bug Lets Remote Users...  

Energy Savers [EERE]

Netcool Reporter Support and Downloads . Addthis Related Articles U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-048:...

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site...  

Broader source: Energy.gov (indexed) [DOE]

Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks...

22

T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request  

Broader source: Energy.gov (indexed) [DOE]

68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site 68: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code T-568: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code March 2, 2011 - 3:05pm Addthis PROBLEM: Mozilla Firefox Bugs Let Remote Users Conduct Cross-Site Request Forgery Attacks and Execute Arbitrary Code. PLATFORM: Firefox, Thunderbird, SeaMonkey ABSTRACT: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and Mozilla presume that with enough effort at least some of these could be exploited to run arbitrary code. reference LINKS:

23

V-098: Linux Kernel Extended Verification Module Bug Lets Local Users Deny  

Broader source: Energy.gov (indexed) [DOE]

8: Linux Kernel Extended Verification Module Bug Lets Local 8: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service V-098: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service February 25, 2013 - 12:12am Addthis PROBLEM: Linux Kernel Extended Verification Module Bug Lets Local Users Deny Service PLATFORM: The Linux Kernel prior to 3.7.5 ABSTRACT: A vulnerability was reported in the Linux Kernel. REFERENCE LINKS: The Linux Kernel Archives Linux Kernel Red Hat Bugzilla - Bug 913266 SecurityTracker Alert ID: 1028196 CVE-2013-0313 IMPACT ASSESSMENT: Medium DISCUSSION: A local user can exploit a null pointer dereference in the evm_update_evmxattr() function in 'security/integrity/evm/evm_crypto.c' to cause the target system to crash. IMPACT: A local user can cause denial of service conditions.

24

U-068:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

8:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated 8:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated Privileges U-068:Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated Privileges December 23, 2011 - 8:45am Addthis PROBLEM: Linux Kernel SG_IO ioctl Bug Lets Local Users Gain Elevated Privileges PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Server AUS (v. 6.2) Red Hat Enterprise Linux Server EUS (v. 6.2.z) Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: A local privileged user on the guest operating system can obtain elevated privileges on the target system. reference LINKS: Red Hat kernel security and bug fix update SecurityTracker Alert ID: 1026453 SecurityTracker Alert ID: 1026454

25

V-040: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints |  

Broader source: Energy.gov (indexed) [DOE]

0: Apache Tomcat Bug Lets Remote Users Bypass Security 0: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints V-040: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints December 5, 2012 - 1:00am Addthis PROBLEM: Apache Tomcat Bug Lets Remote Users Bypass Security Constraints PLATFORM: Version(s): 6.0.0 - 6.0.35, 7.0.0 - 7.0.29 ABSTRACT: A vulnerability was reported in Apache Tomcat. REFERENCE LINKS: Apache Tomcat Red Hat Bugzilla - Bug 883634 SecurityTracker Alert ID: 1027833 CVE-2012-3546 IMPACT ASSESSMENT: High DISCUSSION: When using FORM authentication it was possible to bypass the security constraint checks in the FORM authenticator by appending /j_security_check to the end of the URL if some other component (such as the Single-Sign-On valve) had called request.setUserPrincipal() before the call to

26

U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

10: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service 10: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service U-210: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service July 11, 2012 - 7:00am Addthis PROBLEM: Linux Kernel epoll_ctl() Bug Lets Local Users Deny Service PLATFORM: Version(s): 2.6.x ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions. reference LINKS: The Vendor's Advisory SecurityTracker Alert ID: 1027237 SecurityTracker Alert ID: 1027240 Red Hat advisory CVE-2012-3375 IMPACT ASSESSMENT: Medium Discussion: The Linux kernel's Event Poll (epoll) subsystem does not properly handle resource clean up when an ELOOP error code is returned. A local user can exploit this to cause the target system to crash. Impact: A local user can cause the target system to crash.

27

U-008: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

08: Symantec Data Loss Prevention Bugs in KeyView Filter Lets 08: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote Users Deny Service U-008: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote Users Deny Service October 11, 2011 - 8:00am Addthis PROBLEM: Symantec Data Loss Prevention Bugs in KeyView Filter Lets Remote Users Deny Service PLATFORM: Symantec Data Loss Prevention Enforce/Detection Servers for Windows 10.x, 11.x ABSTRACT: A remote user can create a file that, when processed by the target filter, will cause partial denial of service conditions. reference LINKS: Symantec Security Advisory SYM11-013 SecurityTracker Alert ID: 1026157 IMPACT ASSESSMENT: Medium Discussion: Multiple vulnerabilities were reported in Symantec Data Loss Prevention. A remote user can cause denial of service conditions on the target system.A

28

U-217: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site  

Broader source: Energy.gov (indexed) [DOE]

7: Red Hat Certificate System Bugs Let Remote Users Conduct 7: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks U-217: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks July 20, 2012 - 7:00am Addthis PROBLEM: Red Hat Certificate System Bugs Let Remote Users Conduct Cross-Site Scripting and Denial of Service Attacks PLATFORM: Red Hat Certificate System v8 ABSTRACT: Two vulnerabilities were reported in Red Hat Certificate System. A remote user can conduct cross-site scripting attacks. A remote authenticated user can revoke the CA certificate. reference LINKS: Advisory: RHSA-2012:1103-1 SecurityTracker Alert ID: 1027284 CVE-2012-2662 CVE-2012-3367 IMPACT ASSESSMENT: Medium Discussion: The Agent and End Entity pages do not properly filter HTML code from

29

U-168: EMC Documentum Information Rights Management Server Bugs Let Remote  

Broader source: Energy.gov (indexed) [DOE]

168: EMC Documentum Information Rights Management Server Bugs Let 168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service U-168: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service May 14, 2012 - 7:00am Addthis PROBLEM: EMC Documentum Information Rights Management Server Bugs Let Remote Authenticated Users Deny Service PLATFORM: Information Rights Management Server 4.x, 5.x ABSTRACT: Two vulnerabilities were reported in EMC Documentum Information Rights Management Server. A remote authenticated user can cause denial of service conditions. Reference links: SecurityTracker Alert ID: 1027058 CVE-2012-2276 CVE-2012-2277 IMPACT ASSESSMENT: High Discussion: A remote authenticated user can send specially crafted data to trigger a NULL pointer dereference and cause the target service to crash. A remote

30

U-130: JBoss Operations Network LDAP Authentication Bug Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

0: JBoss Operations Network LDAP Authentication Bug Lets Remote 0: JBoss Operations Network LDAP Authentication Bug Lets Remote Users Bypass Authentication U-130: JBoss Operations Network LDAP Authentication Bug Lets Remote Users Bypass Authentication March 21, 2012 - 7:00am Addthis PROBLEM: JBoss Operations Network LDAP Authentication Bug Lets Remote Users Bypass Authentication PLATFORM: JBoss Operations Network 2.x ABSTRACT: A vulnerability was reported in JBoss Operations Network. A remote user can login with an arbitrary password in certain cases. reference LINKS: SecurityTracker Alert ID: 1026826 Secunia Advisory SA48471 CVE-2012-1100 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to an error within the Lightweight Directory Access Protocol (LDAP) authentication when handling invalid bind account credentials, which can be exploited to log-in to LDAP-based

31

V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

10: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 10: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code March 13, 2013 - 12:04am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): 1.6.602.171 and prior for Windows/Mac; other versions on other platforms ABSTRACT: Several vulnerabilities were reported in Adobe Flash Player. REFERENCE LINKS: Adobe Vulnerability identifier: APSB13-09 SecurityTracker Alert ID: 1028277 CVE-2013-0646 CVE-2013-0650 CVE-2013-1371 CVE-2013-1375 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system. The code will run with the privileges of the target user.

32

U-074: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands,  

Broader source: Energy.gov (indexed) [DOE]

4: Microsoft .NET Bugs Let Remote Users Execute Arbitrary 4: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users U-074: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users January 4, 2012 - 8:00am Addthis PROBLEM: Microsoft .NET Bugs Let Remote Users Execute Arbitrary Commands, Access User Accounts, and Redirect Users . PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2

33

U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users  

Broader source: Energy.gov (indexed) [DOE]

9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain 9: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication U-159: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication May 1, 2012 - 7:00am Addthis PROBLEM: Red Hat Enterprise MRG Messaging Qpid Bug Lets Certain Remote Users Bypass Authentication PLATFORM: Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 6) ABSTRACT: A vulnerability was reported in Red Hat Enterprise MRG Messaging. A remote user can access cluster messages and view the internal configuration. reference LINKS: SecurityTracker Alert ID: 1026990 CVE-2011-3620 Red Hat advisory IMPACT ASSESSMENT: High Discussion: Qpid may accept arbitrary passwords and SASL mechanims. A remote user on the local private interconnect network with knowledge of a valid cluster

34

V-016: HP Performance Insight Bugs with Sybase Database Let Remote Users  

Broader source: Energy.gov (indexed) [DOE]

6: HP Performance Insight Bugs with Sybase Database Let Remote 6: HP Performance Insight Bugs with Sybase Database Let Remote Users Deny Service and Take Full Control of the Target System V-016: HP Performance Insight Bugs with Sybase Database Let Remote Users Deny Service and Take Full Control of the Target System November 5, 2012 - 6:00am Addthis PROBLEM: HP Performance Insight Bugs with Sybase Database Let Remote Users Deny Service and Take Full Control of the Target System PLATFORM: HP Performance Insight v5.31, v5.40 and v5.41 running on HP-UX, Solaris, Linux, and Windows and using Sybase as the database ABSTRACT: Two vulnerabilities were reported in HP Performance Insight. REFERENCE LINKS: HP Support Document ID: c03555488 SecurityTracker Alert ID: 1027719 CVE-2012-3269 CVE-2012-3270 IMPACT ASSESSMENT: High DISCUSSION:

35

U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

57: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny 57: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service September 12, 2012 - 6:00am Addthis PROBLEM: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service PLATFORM: ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1, and 8.0 for Windows, Macintosh and UNIX ABSTRACT: Adobe ColdFusion is prone to a remote denial-of-service vulnerability. reference LINKS: Adobe Security bulletins and advisories Adobe Vulnerability identifier: APSB12-21 SecurityTracker Alert ID: 1027516 Bugtraq ID: 55499 CVE-2012-2048 IMPACT ASSESSMENT: Medium Discussion: Adobe has released a security hotfix for ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. This update resolves a vulnerability which

36

U-079: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

79: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute 79: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code U-079: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code January 11, 2012 - 8:00am Addthis PROBLEM: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code. PLATFORM: Adobe Acrobat/Reader Version(s): 9.x prior to 9.5, 10.x prior to 10.1.2 ABSTRACT: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026496 Adobe Security Bulletin APSB12-01 CVE-2011-2462, CVE-2011-4369, CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373. IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in Adobe Acrobat/Reader. A remote

37

U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct  

Broader source: Energy.gov (indexed) [DOE]

21: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, 21: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information March 9, 2012 - 7:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Apple iOS Version(s): prior to 5.1 ABSTRACT: Multiple vulnerabilities were reported in Apple iOS. reference LINKS: SecurityTracker Alert ID: 1026774 Apple Security Updates About the security content of iOS 5.1 Software Update CVE-2012-0641, CVE-2012-0642, CVE-2012-0643, CVE-2011-3453, CVE-2012-0644,

38

U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

3: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote 3: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileges U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileges August 13, 2012 - 7:00am Addthis PROBLEM: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote Authenticated Users Gain Elevated Privileges PLATFORM: Oracle Database Server versions 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 ABSTRACT: A remote authenticated user with 'Create Table' privileges can gain 'SYS' privileges on the target system. Reference LINKS: Oracle Security Alert Oracle Security Alert - CVE-2012-3132 Risk Matrices SecurityTracker Alert ID: 1027367 CVE-2012-3132 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Oracle Database. This vulnerability is not

39

U-026: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject  

Broader source: Energy.gov (indexed) [DOE]

6: Cisco Small Business SRP500 Series Bug Lets Remote Users 6: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands U-026: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands November 3, 2011 - 8:15am Addthis PROBLEM: Cisco Small Business SRP500 Series Bug Lets Remote Users Inject Commands. PLATFORM: The following models are affected when running firmware prior to version 1.1.24: Cisco SRP521W Cisco SRP526W Cisco SRP527W The following models are affected when running firmware prior to version 1.2.1: Cisco SRP541W Cisco SRP546W Cisco SRP547W ABSTRACT: A remote user can create a URL that, when loaded by the target authenticated administrative user, will execute arbitrary commands on the target system. reference LINKS: Advisory ID: cisco-sa-20111102-srp500 SecurityTracker Alert ID: 1026266

40

U-155: WebCalendar Access Control and File Inclusion Bugs Let Remote Users  

Broader source: Energy.gov (indexed) [DOE]

5: WebCalendar Access Control and File Inclusion Bugs Let 5: WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code U-155: WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code April 25, 2012 - 7:00am Addthis PROBLEM: WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code PLATFORM: 1.2.4 and prior versions ABSTRACT: Two vulnerabilities were reported in WebCalendar. A remote user may be able to execute arbitrary PHP code on the target system. reference links: SecurityTracker Alert ID: 1026966 CVE-2012-1495 CVE-2012-1496 IMPACT ASSESSMENT: Medium Discussion: A remote user can access '/install/index.php' to potentially modify '/includes/settings/' with arbitrary values or PHP code. A remote

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information,  

Broader source: Energy.gov (indexed) [DOE]

3:Adobe Flash Player Multiple Bugs Let Remote Users Obtain 3:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code T-723:Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code September 22, 2011 - 8:00am Addthis PROBLEM: Adobe Flash Player Multiple Bugs Let Remote Users Obtain Information, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code. PLATFORM: Adobe Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris. Adobe Flash Player 10.3.186.6 and earlier versions for Android. ABSTRACT: An attacker can exploit this issue by enticing an unsuspecting victim into visiting a malicious website. reference LINKS: Adobe Security Bulletin

42

V-037: Wireshark Multiple Bugs Let Remote Users Deny Service | Department  

Broader source: Energy.gov (indexed) [DOE]

7: Wireshark Multiple Bugs Let Remote Users Deny Service 7: Wireshark Multiple Bugs Let Remote Users Deny Service V-037: Wireshark Multiple Bugs Let Remote Users Deny Service November 30, 2012 - 3:30am Addthis PROBLEM: Wireshark Multiple Bugs Let Remote Users Deny Service PLATFORM: Version(s): prior to 1.6.12, 1.8.4 ABSTRACT: Several vulnerabilities were reported in Wireshark. REFERENCE LINKS: Wireshark Security Advisories Secunia Advisory SA51422 Seclists SecurityTracker Alert ID: 1027822 CVE-2012-5592 CVE-2012-5593 CVE-2012-5594 CVE-2012-5595 CVE-2012-5596 CVE-2012-5597 CVE-2012-5598 CVE-2012-5599 CVE-2012-5600 CVE-2012-5601 CVE-2012-5602 IMPACT ASSESSMENT: Medium DISCUSSION: Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. A user can obtain potentially sensitive information.

43

U-163: PHP Command Parameter Bug Lets Remote Users Obtain Potentially  

Broader source: Energy.gov (indexed) [DOE]

3: PHP Command Parameter Bug Lets Remote Users Obtain 3: PHP Command Parameter Bug Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code U-163: PHP Command Parameter Bug Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code May 7, 2012 - 7:00am Addthis PROBLEM: PHP Command Parameter Bug Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code PLATFORM: Prior to 5.3.12 and 5.4.2 ABSTRACT: A vulnerability was reported in PHP. A remote user can obtain potentially sensitive information. A remote user can execute arbitrary code on the target system. reference LINKS: SecurityTracker Alert ID: 1027022 CVE-2012-1823 CVE-2012-2311 IMPACT ASSESSMENT: High Discussion: A remote user can submit a specially crafted request containing a command

44

V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and  

Broader source: Energy.gov (indexed) [DOE]

1: Apple Safari Bugs Let Remote Users Execute Arbitrary Code 1: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks June 5, 2013 - 1:05am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks PLATFORM: Apple Safari prior to 6.0.5 ABSTRACT: Several vulnerabilities were reported in Apple Safari. REFERENCE LINKS: Apple Article: HT5785 SecurityTracker Alert ID: 1028627 CVE-2013-0926 CVE-2013-1009 CVE-2013-1012 CVE-2013-1013 CVE-2013-1023 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary

45

U-076: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and  

Broader source: Energy.gov (indexed) [DOE]

76: OpenSSL Bugs Let Remote Users Deny Service, Obtain 76: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and Potentially Execute Arbitrary Code U-076: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and Potentially Execute Arbitrary Code January 6, 2012 - 8:15am Addthis PROBLEM: OpenSSL Bugs Let Remote Users Deny Service, Obtain Information, and Potentially Execute Arbitrary Code PLATFORM: OpenSSL prior to 0.9.8s; 1.x prior to 1.0.0f ABSTRACT: A remote user may be able to execute arbitrary code on the target system. reference LINKS: SecurityTracker Alert ID: 1026485 OpenSSL Security Advisory IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in OpenSSL. A remote user can cause denial of service conditions. A remote user can obtain sensitive information. A remote user may be able to execute arbitrary code on the

46

V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service | Department  

Broader source: Energy.gov (indexed) [DOE]

5: Cisco ASA Multiple Bugs Let Remote Users Deny Service 5: Cisco ASA Multiple Bugs Let Remote Users Deny Service V-135: Cisco ASA Multiple Bugs Let Remote Users Deny Service April 16, 2013 - 12:21am Addthis PROBLEM: Cisco ASA Multiple Bugs Let Remote Users Deny Service PLATFORM: Cisco ASA Software for Cisco ASA 5500 Series Adaptive Security Appliances, Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, and Cisco ASA 1000V Cloud Firewall are affected by multiple vulnerabilities. Affected versions of Cisco ASA Software will vary depending on the specific vulnerability. ABSTRACT: Several vulnerabilities were reported in Cisco ASA. REFERENCE LINKS: Cisco Security Advisory Secunia Advisory SA52989 SecurityTracker Alert ID: 1028415 CVE-2013-1149 CVE-2013-1150 CVE-2013-1151 CVE-2013-1152

47

V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting  

Broader source: Energy.gov (indexed) [DOE]

0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site 0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information April 23, 2013 - 12:26am Addthis PROBLEM: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information PLATFORM: Apache ActiveMQ versions prior to 5.8.0 ABSTRACT: Several vulnerabilities were reported in Apache ActiveMQ. REFERENCE LINKS: Apache ActiveMQ SecurityTracker Alert ID: 1028457 CVE-2012-6092 CVE-2012-6551 CVE-2013-3060 IMPACT ASSESSMENT: High DISCUSSION: Several web demos do not properly filter HTML code from user-supplied input

48

U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

7: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny 7: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service September 12, 2012 - 6:00am Addthis PROBLEM: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service PLATFORM: ColdFusion 10, 9.0.2, 9.0.1, 9.0, 8.0.1, and 8.0 for Windows, Macintosh and UNIX ABSTRACT: Adobe ColdFusion is prone to a remote denial-of-service vulnerability. reference LINKS: Adobe Security bulletins and advisories Adobe Vulnerability identifier: APSB12-21 SecurityTracker Alert ID: 1027516 Bugtraq ID: 55499 CVE-2012-2048 IMPACT ASSESSMENT: Medium Discussion: Adobe has released a security hotfix for ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. This update resolves a vulnerability which

49

V-046: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

46: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 46: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-046: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code December 13, 2012 - 3:30am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): 11.5.502.110 and prior for Windows/Mac; 11.2.202.251 and prior for Linux ABSTRACT: Several vulnerabilities were reported in Adobe Flash Player. REFERENCE LINKS: Adobe Vulnerability identifier: APSB12-27 SecurityTracker Alert ID: 1027854 Secunia Advisory SA51560 RHSA-2012:1569-1 CVE-2012-5676 CVE-2012-5677 CVE-2012-5678 IMPACT ASSESSMENT: High DISCUSSION: A buffer overflow can trigger code execution [CVE-2012-5676]. An integer overflow can trigger code execution [CVE-2012-5677]. A memory corruption flaw can trigger code execution [CVE-2012-5678].

50

V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

71: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets 71: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service January 17, 2013 - 12:00am Addthis PROBLEM: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service PLATFORM: The vulnerability is reported in versions 8.7.1 and 8.7.1.1. ABSTRACT: A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall REFERENCE LINKS: Cisco Advisory ID: cisco-sa-20130116-asa1000v SecurityTracker Alert ID: 1028005 Secunia Advisory SA51897 CVE-2012-5419 IMPACT ASSESSMENT: Medium DISCUSSION: A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).

51

T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute  

Broader source: Energy.gov (indexed) [DOE]

T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code September 1, 2011 - 12:00pm Addthis PROBLEM: gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message. PLATFORM: Pidgin before 2.10.0 on Windows ABSTRACT: Pidgin bugs let remote users deny service and potentially execute arbitrary code. reference LINKS: CVE-2011-3185 CVE-2011-2943 CVE-2011-3184 SecurityTracker Alert ID: 1025961 Pidgin Security Advisories IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in Pidgin. A remote user can cause denial of service conditions. A remote user can cause arbitrary code to be

52

U-047: Siemens Automation License Manager Bugs Let Remote Users Deny  

Broader source: Energy.gov (indexed) [DOE]

7: Siemens Automation License Manager Bugs Let Remote Users 7: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code November 29, 2011 - 9:00am Addthis PROBLEM: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code. PLATFORM: Siemens Automation License Manager 500.0.122.1 ABSTRACT: Several vulnerabilities were reported in Siemens Automation License Manager. reference LINKS: SecurityTracker Alert ID: 1026354 Bugtraq Siemens Advisory Services IMPACT ASSESSMENT: Medium Discussion: A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions. A remote user can send specially crafted *_licensekey commands to trigger a

53

U-075: Apache Struts Bug Lets Remote Users Overwrite Files and Execute  

Broader source: Energy.gov (indexed) [DOE]

075: Apache Struts Bug Lets Remote Users Overwrite Files and 075: Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code U-075: Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code January 5, 2012 - 8:15am Addthis PROBLEM: Apache Struts Bug Lets Remote Users Overwrite Files and Execute Arbitrary Code PLATFORM: Version(s): 2.1.0 - 2.3.1 ABSTRACT: A remote user can execute arbitrary Java code on the target system. reference LINKS: SecurityTracker Alert ID: 1026484 Secunia Advisory SA47393 Bugtraq ID: 51257 Apache Struts 2 Documentation S2-008 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Apache Struts. A remote user can execute arbitrary Java code on the target system. A remote user can overwrite arbitrary files on the target system. A remote user can send specially

54

V-030: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

30: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny 30: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service V-030: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service November 21, 2012 - 3:00am Addthis PROBLEM: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service PLATFORM: ColdFusion 10 Update 1 and above for Windows ABSTRACT: Adobe ColdFusion Denial of Service Vulnerability REFERENCE LINKS: Adobe Vulnerability identifier: APSB12-25 SecurityTracker Alert ID: 1027787 Secunia Advisory SA51335 CVE-2012-5674 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in Adobe ColdFusion. A remote user can cause denial of service conditions. A remote user can send specially crafted data to cause unspecified denial of service conditions on the target ColdFusion service on Windows Internet

55

V-091: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

1: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary 1: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code V-091: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code February 14, 2013 - 12:22am Addthis PROBLEM: Adobe Acrobat/Reader Bug Lets Remote Users Execute Arbitrary Code PLATFORM: Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh Adobe Reader 9.5.3 and earlier 9.x versions for Windows and Macintosh Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh ABSTRACT: Adobe has identified critical vulnerabilities in Adobe Reader and Acrobat REFERENCE LINKS: Adobe Reader and Acrobat Vulnerability Report

56

V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code 3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code March 18, 2013 - 1:53am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 6.0.3 ABSTRACT: Two vulnerabilities were reported in Apple Safari. REFERENCE LINKS: Apple security update, Article: HT1222 SecurityTracker Alert ID: 1028292 CVE-2013-0960 CVE-2013-0961 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. IMPACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

57

T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

3: Red Hat Directory Server Bugs Let Local Users Gain Elevated 3: Red Hat Directory Server Bugs Let Local Users Gain Elevated Privileges and Remote and Local Users Deny Service T-563: Red Hat Directory Server Bugs Let Local Users Gain Elevated Privileges and Remote and Local Users Deny Service February 23, 2011 - 7:00am Addthis PROBLEM: Red Hat Directory Server Bugs Let Local Users Gain Elevated Privileges and Remote and Local Users Deny Service. PLATFORM: Red Hat Directory Server v8 EL4, Red Hat Directory Server v8 EL5 ABSTRACT: Several vulnerabilities were reported in Red Hat Directory Server. A local user can obtain elevated privileges on the target system. A remote user can cause denial of service conditions. A local user can cause denial of service conditions. A remote user can send multiple simple paged search requests to cause the

58

U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the  

Broader source: Energy.gov (indexed) [DOE]

2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, 2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information July 27, 2012 - 7:00am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Version(s):Apple Safari prior to 6.0 ABSTRACT: Multiple vulnerabilities were reported in Apple Safari. reference LINKS: The Vendor's Advisory Bugtraq ID: 54683 SecurityTracker Alert ID: 1027307 IMPACT ASSESSMENT:

59

U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially  

Broader source: Energy.gov (indexed) [DOE]

53: Linux kexec Bugs Let Local and Remote Users Obtain 53: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information U-053: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information December 7, 2011 - 7:30am Addthis PROBLEM: Linux kexec Bugs Let Local and Remote Users Obtain Potentially Sensitive Information . PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: Several vulnerabilities were reported in Linux kexec. A remote or local user can obtain potentially sensitive information. reference LINKS: Red Hat Security Advisory: RHSA-2011:1532-3 SecurityTracker Alert ID: 1026375 IMPACT ASSESSMENT: Medium Discussion: Kdump uses the SSH "StrictHostKeyChecking=no" option when dumping to SSH

60

U-208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary 208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code U-208: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code July 10, 2012 - 7:00am Addthis PROBLEM: HP Operations Agent Bugs Let Remote Users Execute Arbitrary Code PLATFORM: HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows prior to v11.03.12. ABSTRACT: Two vulnerabilities were reported in HP Operations Agent. A remote user can execute arbitrary code on the target system reference LINKS: The Vendor's Advisory SecurityTracker Alert ID: 1027225 CVE-2012-2019 CVE-2012-2020 IMPACT ASSESSMENT: High Discussion: Potential security vulnerabilities have been identified with HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code.

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

U-072:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service  

Broader source: Energy.gov (indexed) [DOE]

72:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny 72:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service U-072:Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service December 30, 2011 - 9:15am Addthis PROBLEM: Apache Tomcat Hash Table Collision Bug Lets Remote Users Deny Service PLATFORM: apache Tomcat 5.5.34, 6.0.34, 7.0.22; and prior versions aBSTRACT: A remote user can cause performance to degrade on the target server. reference LINKS: Apache Tomcat Security Alert SecurityTracker Alert ID: 1026477 nruns Advisory SA-2011.004 Secunia Advisory SA47411 CVE-2011-4084 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Apache Tomcat. A remote user can cause denial of service conditions. A remote user can send specially crafted POST request values to trigger hash collisions and cause significant performance

62

T-538: HP OpenView Storage Data Protector Bug Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

T-538: HP OpenView Storage Data Protector Bug Lets Remote Users T-538: HP OpenView Storage Data Protector Bug Lets Remote Users Execute Arbitrary Code T-538: HP OpenView Storage Data Protector Bug Lets Remote Users Execute Arbitrary Code January 20, 2011 - 6:39am Addthis PROBLEM: HP OpenView Storage Data Protector Bug Lets Remote Users Execute Arbitrary Code. PLATFORM: HP OpenView Storage Data Protector v6.11 ABSTRACT: A vulnerability was reported in HP OpenView Storage Data Protector. A remote user can execute arbitrary code on the target system. reference LINKS: HP Security Bulletin SecurityTracker Alert ID: 1024983 CVE-2011-0273 IMPACT ASSESSMENT: High Discussion: A potential security vulnerability has been identified with HP OpenView Storage Data Protector. The vulnerability could be remotely exploited to execute arbitrary code.

63

U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

9: Cisco Firewall Services Module Bugs Let Remote Users Execute 9: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service October 11, 2012 - 6:00am Addthis PROBLEM: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service PLATFORM: Version(s): prior to 4.1(9) ABSTRACT: Several vulnerabilities were reported in Cisco Firewall Services Module. reference LINKS: Cisco Advisory ID: cisco-sa-20121010-fwsm SecurityTracker Alert ID: 1027640 CVE-2012-4661 CVE-2012-4662 CVE-2012-4663 IMPACT ASSESSMENT: High Discussion: A remote user can send specially crafted DCERPC data through the target device to trigger a stack overflow in the DCERPC inspection engine and execute arbitrary code on the target device or cause the target device to

64

U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain  

Broader source: Energy.gov (indexed) [DOE]

42: HP Onboard Administrator Bugs Let Remote Users Gain Access, 42: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks April 6, 2012 - 7:00am Addthis PROBLEM: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks PLATFORM: HP Onboard Administrator (OA) up to and including v3.32 ABSTRACT: A remote user can obtain potentially sensitive information. reference LINKS: HP Support Document ID: c03263573 SecurityTracker Alert ID: 1026889 CVE-2012-0128, CVE-2012-0129, CVE-2012-0130 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Onboard Administrator. A remote

65

V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny  

Broader source: Energy.gov (indexed) [DOE]

9: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users 9: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host July 1, 2013 - 12:48am Addthis PROBLEM: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host PLATFORM: VirtualBox 4.2.12 ABSTRACT: A vulnerability was reported in Oracle VirtualBox. REFERENCE LINKS: VirtualBox ticket: 11863 SecurityTracker Alert ID: 1028712 IMPACT ASSESSMENT: Medium DISCUSSION: A local user on the guest operating system can issue a 'tracepath' command to cause the network on the target host system to become unavailable. IMPACT: A local user on a guest operating system can cause denial of service conditions on the target host system.

66

U-137: HP Performance Manager Unspecified Bug Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

7: HP Performance Manager Unspecified Bug Lets Remote Users 7: HP Performance Manager Unspecified Bug Lets Remote Users Execute Arbitrary Codes U-137: HP Performance Manager Unspecified Bug Lets Remote Users Execute Arbitrary Codes March 30, 2012 - 9:15am Addthis PROBLEM: HP Performance Manager Unspecified Bug Lets Remote Users Execute Arbitrary Codes PLATFORM: HP-UX B.11.31 HP-UX B.11.23 ABSTRACT: A remote user can execute arbitrary code on the target system. REFERENCE LINKS: HP Support Document ID: c03255321 SecurityTracker Alert ID: 1026869 CVE-2012-0127 IMPACT ASSESSMENT: High Discussion: A potential security vulnerability has been identified with HP Performance Manager running on HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to execute arbitrary code and to create a Denial of Service (DoS).

67

V-063: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain  

Broader source: Energy.gov (indexed) [DOE]

3: Adobe ColdFusion Bugs Let Remote Users Gain Access and 3: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain Information V-063: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain Information January 7, 2013 - 1:00am Addthis PROBLEM: Adobe ColdFusion Bugs Let Remote Users Gain Access and Obtain Information PLATFORM: ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX ABSTRACT: Adobe has identified three vulnerabilities affecting ColdFusion for Windows, Macintosh and UNIX REFERENCE LINKS: Adobe Security Bulletin APSA13-01 SecurityTracker Alert ID: 1027938 CVE-2013-0625 CVE-2013-0629 CVE-2013-0631 IMPACT ASSESSMENT: High DISCUSSION: A remote user can bypass authentication and take control of the target system [CVE-2013-0625]. Systems with password protection disabled or with no password set are affected.

68

U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain  

Broader source: Energy.gov (indexed) [DOE]

2: HP Onboard Administrator Bugs Let Remote Users Gain Access, 2: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks U-142: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks April 6, 2012 - 7:00am Addthis PROBLEM: HP Onboard Administrator Bugs Let Remote Users Gain Access, Obtain Information, and Conduct URL Redirection Attacks PLATFORM: HP Onboard Administrator (OA) up to and including v3.32 ABSTRACT: A remote user can obtain potentially sensitive information. reference LINKS: HP Support Document ID: c03263573 SecurityTracker Alert ID: 1026889 CVE-2012-0128, CVE-2012-0129, CVE-2012-0130 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Onboard Administrator. A remote

69

U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

2: HP Protect Tools Device Access Manager Unspecified Bug Lets 2: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code December 6, 2011 - 7:00am Addthis PROBLEM: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code. PLATFORM: HP Protect Tools Device Access Manager for Windows earlier than v.6.1.0.1 running on the following HP PCs: HP EliteBook 2560p Notebook PC HP EliteBook 2760p Notebook PC HP EliteBook 8460p Notebook PC HP EliteBook 8460w Mobile Workstation HP EliteBook 8560p Notebook PC HP EliteBook 8560w Mobile Workstation HP EliteBook 8760w Mobile Workstation HP ProBook 4230s Notebook PC

70

U-203: HP Photosmart Bug Lets Remote Users Deny Service | Department of  

Broader source: Energy.gov (indexed) [DOE]

03: HP Photosmart Bug Lets Remote Users Deny Service 03: HP Photosmart Bug Lets Remote Users Deny Service U-203: HP Photosmart Bug Lets Remote Users Deny Service July 2, 2012 - 8:00am Addthis PROBLEM: HP Photosmart Bug Lets Remote Users Deny Service PLATFORM: HP Photosmart Wireless e-All-in-One Printer series - B110 HP Photosmart e-All-in-One Printer series - D110 HP Photosmart Plus e-All-in-One Printer series - B210 HP Photosmart eStation All-in-One Printer series - C510 HP Photosmart Ink Advantage e-All-in-One Printer series - K510 HP Photosmart Premium Fax e-All-in-One Printer series - C410 ABSTRACT: A vulnerability was reported in HP Photosmart. A remote user can cause denial of service conditions. Reference LINKS: The Vendor's Advisory SecurityTracker Alert ID: 1027213 CVE-2012-2017 IMPACT ASSESSMENT: High Discussion:

71

U-231: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

31: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service 31: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service U-231: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service August 9, 2012 - 7:00am Addthis PROBLEM: Cisco ASA SIP and WebVPN Bugs Let Remote Users Deny Service PLATFORM: Version(s): ASA 5500 Series; 8.2 - 8.4 ABSTRACT: Two vulnerabilities were reported in Cisco ASA. A remote or remote authenticated user can cause denial of service conditions. reference LINKS: Release Notes for the Cisco ASA 5500 Series, 8.4(x) SecurityTracker Alert ID: 1027355 CVE-2012-2472 CVE-2012-2474 IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in Cisco ASA. 1. On systems with SIP inspection enabled, a remote user can send specially crafted SIP traffic to cause the target device to create many identical

72

U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the  

Broader source: Energy.gov (indexed) [DOE]

2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, 2: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information U-222: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information July 27, 2012 - 7:00am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code, Spoof the URL Address Bar, Conduct Cross-Site Scripting Attacks, and Obtain Potentially Sensitive Information PLATFORM: Version(s):Apple Safari prior to 6.0 ABSTRACT: Multiple vulnerabilities were reported in Apple Safari. reference LINKS: The Vendor's Advisory Bugtraq ID: 54683 SecurityTracker Alert ID: 1027307 IMPACT ASSESSMENT:

73

V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting  

Broader source: Energy.gov (indexed) [DOE]

0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site 0: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information April 23, 2013 - 12:26am Addthis PROBLEM: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site Scripting Attacks, Deny Service, and Obtain Potentially Sensitive Information PLATFORM: Apache ActiveMQ versions prior to 5.8.0 ABSTRACT: Several vulnerabilities were reported in Apache ActiveMQ. REFERENCE LINKS: Apache ActiveMQ SecurityTracker Alert ID: 1028457 CVE-2012-6092 CVE-2012-6551 CVE-2013-3060 IMPACT ASSESSMENT: High DISCUSSION: Several web demos do not properly filter HTML code from user-supplied input

74

U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and  

Broader source: Energy.gov (indexed) [DOE]

41: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 41: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information August 22, 2012 - 7:00am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information PLATFORM: Adobe Flash Player 11.3.300.271 and earlier versions for Windows, Macintosh and Linux operating systems Adobe Flash Player 11.1.115.11 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.10 and earlier versions for Android 3.x and 2.x Adobe AIR 3.3.0.3670 and earlier versions for Windows and Macintosh Adobe AIR 3.3.0.3690 SDK (includes AIR for iOS) and earlier versions Adobe AIR 3.3.0.3650 and earlier versions for Android ABSTRACT:

75

T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass  

Broader source: Energy.gov (indexed) [DOE]

7: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users 7: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information T-707: Apache Tomcat AJP Protocol Processing Bug Lets Remote Users Bypass Authentication or Obtain Information August 31, 2011 - 12:00pm Addthis PROBLEM: A vulnerability was reported in Apache Tomcat. A remote user can bypass authentication or obtain potentially sensitive information. PLATFORM: Apache Tomcat 5.5.0 to 5.5.33, 6.0.0 to 6.0.33, 7.0.0 to 7.0.20 ABSTRACT: Apache Tomcat AJP protocol processing bug lets remote users bypass authentication or obtain information. reference LINKS: SecurityTracker Alert ID: 1025993 CVE-2011-3190 (under review) Apache Tomcat Security Updates IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Apache Tomcat. A remote user can bypass

76

U-055: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

5: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 5: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code U-055: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code December 8, 2011 - 8:30am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code . PLATFORM: Adobe Flash Player 11.1.102.55 on Windows and Mac OS X and prior versions ABSTRACT: Two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead were reported in Adobe Flash Player. reference LINKS: Secunia Advisory: SA47161 SecurityTracker Alert ID: 1026392 CVE-2011-4693 CVE-2011-4694 IMPACT ASSESSMENT: High Discussion: A remote or local user can obtain potentially sensitive information. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted SWF file that, when

77

U-025: HP OpenView Network Node Manager Bugs Let Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

U-025: HP OpenView Network Node Manager Bugs Let Remote Users U-025: HP OpenView Network Node Manager Bugs Let Remote Users Execute Arbitrary Code U-025: HP OpenView Network Node Manager Bugs Let Remote Users Execute Arbitrary Code November 2, 2011 - 8:00am Addthis PROBLEM: HP OpenView Network Node Manager Bugs Let Remote Users Execute Arbitrary Code. PLATFORM: HP OpenView Network Node Manager (OV NNM) v7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows ABSTRACT: A remote user can execute arbitrary code on the target system. reference LINKS: HP Support Center Document ID: c03054052 SecurityTracker Alert ID: 1026260 CVE-2011-1365 CVE-2011-1366 CVE-2011-1367 IMPACT ASSESSMENT: Medium Discussion: Several vulnerabilities were reported in HP OpenView Network Node Manager. A remote user can execute arbitrary code on the target system.

78

U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

2: HP Protect Tools Device Access Manager Unspecified Bug Lets 2: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code U-052: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code December 6, 2011 - 7:00am Addthis PROBLEM: HP Protect Tools Device Access Manager Unspecified Bug Lets Remote Users Deny Service and Execute Arbitrary Code. PLATFORM: HP Protect Tools Device Access Manager for Windows earlier than v.6.1.0.1 running on the following HP PCs: HP EliteBook 2560p Notebook PC HP EliteBook 2760p Notebook PC HP EliteBook 8460p Notebook PC HP EliteBook 8460w Mobile Workstation HP EliteBook 8560p Notebook PC HP EliteBook 8560w Mobile Workstation HP EliteBook 8760w Mobile Workstation HP ProBook 4230s Notebook PC

79

U-071:HP Database Archiving Software Bugs Let Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

1:HP Database Archiving Software Bugs Let Remote Users Execute 1:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code U-071:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code December 29, 2011 - 8:15am Addthis PROBLEM: HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code PLATFORM: HP Database Archiving Software v6.31 ABSTRACT: A remote user can execute arbitrary code on the target system. reference LINKS: HP Database Document ID: c03128302 SecurityTracker Alert ID: 1026467 CVE-2011-4163 CVE-2011-4164 CVE-2011-4165 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Database Archiving Software. A remote user can execute arbitrary code on the target system. Impact: A remote user can execute arbitrary code on the target system. Solution:

80

V-015: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users  

Broader source: Energy.gov (indexed) [DOE]

5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, 5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information V-015: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information November 2, 2012 - 6:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information PLATFORM: Apple iOS prior to 6.0.1 ABSTRACT: Three vulnerabilities were reported in Apple iOS. REFERENCE LINKS: Apple Article: HT5567 SecurityTracker Alert ID: 1027716 Bugtraq ID: 56363 CVE-2012-3748 CVE-2012-3749 CVE-2012-3750 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

U-061: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain  

Broader source: Energy.gov (indexed) [DOE]

1: RSA Adaptive Authentication Bugs Let Remote Users Bypass 1: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain Security Controls U-061: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain Security Controls December 14, 2011 - 8:17am Addthis PROBLEM: RSA Adaptive Authentication Bugs Let Remote Users Bypass Certain Security Controls. PLATFORM: 6.0.2.1 SP1 Patch 2 and SP1 Patch 3 6.0.2.1 SP2 and SP2 Patch 1 6.0.2.1 SP3 ABSTRACT: A remote user may be able to bypass certain security controls. reference LINKS: SecurityTracker Alert ID: 1026420 Security Focus: ESA-2011-036 IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in RSA Adaptive Authentication (On-Premise). A remote user may be able to bypass certain security controls. A remote user can send specially crafted data elements to affect the Device

82

U-118: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and  

Broader source: Energy.gov (indexed) [DOE]

18: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 18: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information U-118: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information March 6, 2012 - 7:00am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code and Obtain Information PLATFORM: Adobe Flash Player 10.x, Adobe Flash Player 11.x ABSTRACT: Two vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain potentially information. reference LINKS: Secunia Advisory SA48281 CVE-2012-0769 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error in Matrix3D and execute

83

U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users...

84

U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote...  

Broader source: Energy.gov (indexed) [DOE]

information. Solution: The vendor has issued a fix. Addthis Related Articles U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting...

85

V-140: Apache ActiveMQ Bugs Let Remote Users Conduct Cross-Site...  

Broader source: Energy.gov (indexed) [DOE]

U-255: Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks U-121: Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting...

86

V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

9: Microsoft Internet Explorer Object Access Bug Lets Remote 9: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code May 6, 2013 - 12:07am Addthis PROBLEM: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code PLATFORM: Internet Explorer 8 ABSTRACT: A vulnerability was reported in Microsoft Internet Explorer. REFERENCE LINKS: SecurityTracker Alert ID: 1028514 Microsoft Security Advisory (2847140) CVE-2013-1347 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will access and object that has been deleted or not properly allocated and execute arbitrary code on the target system. The code will run with the privileges of the target user.

87

V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code 3: Apple Safari Bugs Let Remote Users Execute Arbitrary Code V-113: Apple Safari Bugs Let Remote Users Execute Arbitrary Code March 18, 2013 - 1:53am Addthis PROBLEM: Apple Safari Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 6.0.3 ABSTRACT: Two vulnerabilities were reported in Apple Safari. REFERENCE LINKS: Apple security update, Article: HT1222 SecurityTracker Alert ID: 1028292 CVE-2013-0960 CVE-2013-0961 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. IMPACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.

88

V-160: Wireshark Multiple Bugs Let Remote Users Deny Service | Department  

Broader source: Energy.gov (indexed) [DOE]

60: Wireshark Multiple Bugs Let Remote Users Deny Service 60: Wireshark Multiple Bugs Let Remote Users Deny Service V-160: Wireshark Multiple Bugs Let Remote Users Deny Service May 21, 2013 - 12:09am Addthis PROBLEM: Wireshark Multiple Bugs Let Remote Users Deny Service PLATFORM: Versions 1.8.0 to 1.8.6 ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark Docid: wnpa-sec-2013-23 Secunia Advisory SA53425 SecurityTracker Alert ID: 1028582 CVE-2013-2486 CVE-2013-2487 IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the RELOAD dissector (dissectors/packet-reload.c) can be exploited to trigger infinite loops and consume CPU resources via specially

89

U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access  

Broader source: Energy.gov (indexed) [DOE]

5: Apache mod_proxy Pattern Matching Bug Lets Remote Users 5: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers October 6, 2011 - 9:30am Addthis PROBLEM: Apache mod_proxy Pattern Matching Bug Lets Remote Users Access Internal Servers. PLATFORM: Apache HTTP Server 1.3.x, 2.2.21 and prior versions ABSTRACT: A remote user can access internal servers. reference LINKS: The Apache HTTP Server Project SecurityTracker Alert ID: 1026144 CVE-2011-3368 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Apache mod_proxy. A remote user can access internal servers. When this system is configured in reverse proxy mode and uses the RewriteRule or ProxyPassMatch directives with a pattern match, a remote user can send a specially crafted request to access internal

90

V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

0: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary 0: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code V-110: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code March 13, 2013 - 12:04am Addthis PROBLEM: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): 1.6.602.171 and prior for Windows/Mac; other versions on other platforms ABSTRACT: Several vulnerabilities were reported in Adobe Flash Player. REFERENCE LINKS: Adobe Vulnerability identifier: APSB13-09 SecurityTracker Alert ID: 1028277 CVE-2013-0646 CVE-2013-0650 CVE-2013-1371 CVE-2013-1375 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system. The code will run with the privileges of the target user.

91

U-012: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

12: BlackBerry Enterprise Server Collaboration Service Bug Lets 12: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages U-012: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages October 17, 2011 - 9:45am Addthis PROBLEM: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages. PLATFORM: Exchange and Domino 5.0.3 through 5.0.3 MR4 BlackBerry Client for use with Microsoft Office Communications Server 2007 R2 BlackBerry Client for use with Microsoft Lync Server 2010 ABSTRACT: A vulnerability was reported in BlackBerry Enterprise Server. A remote user can impersonate another messaging user within the same organization. reference LINKS: BlackBerry Security Advisory ID: KB28524

92

U-071:HP Database Archiving Software Bugs Let Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

1:HP Database Archiving Software Bugs Let Remote Users Execute 1:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code U-071:HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code December 29, 2011 - 8:15am Addthis PROBLEM: HP Database Archiving Software Bugs Let Remote Users Execute Arbitrary Code PLATFORM: HP Database Archiving Software v6.31 ABSTRACT: A remote user can execute arbitrary code on the target system. reference LINKS: HP Database Document ID: c03128302 SecurityTracker Alert ID: 1026467 CVE-2011-4163 CVE-2011-4164 CVE-2011-4165 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in HP Database Archiving Software. A remote user can execute arbitrary code on the target system. Impact: A remote user can execute arbitrary code on the target system. Solution:

93

U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

9: Cisco IOS Intrusion Prevention System DNS Processing Bug 9: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service September 27, 2012 - 4:07am Addthis PROBLEM: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service PLATFORM: Devices configured with Cisco IOS IPS are affected ABSTRACT: A vulnerability was reported in Cisco IOS. reference LINKS: SecurityTracker Alert ID: 1027580 Cisco Security Advisory CVE-2012-3950 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Cisco IOS. A remote user can cause denial of service conditions. A remote user can send specially crafted (but legitimate) DNS packets through the target device to cause the device to

94

U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

9: Cisco IOS Intrusion Prevention System DNS Processing Bug 9: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service U-269: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service September 27, 2012 - 4:07am Addthis PROBLEM: Cisco IOS Intrusion Prevention System DNS Processing Bug Lets Remote Users Deny Service PLATFORM: Devices configured with Cisco IOS IPS are affected ABSTRACT: A vulnerability was reported in Cisco IOS. reference LINKS: SecurityTracker Alert ID: 1027580 Cisco Security Advisory CVE-2012-3950 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Cisco IOS. A remote user can cause denial of service conditions. A remote user can send specially crafted (but legitimate) DNS packets through the target device to cause the device to

95

V-098: Linux Kernel Extended Verification Module Bug Lets Local...  

Broader source: Energy.gov (indexed) [DOE]

reported in the Linux Kernel. REFERENCE LINKS: The Linux Kernel Archives Linux Kernel Red Hat Bugzilla - Bug 913266 SecurityTracker Alert ID: 1028196 CVE-2013-0313 IMPACT...

96

U-112: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

2: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated 2: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated Privileges, Inject SQL Commands, and Spoof Certificates U-112: PostgreSQL Bugs Let Remote Authenticated Users Gain Elevated Privileges, Inject SQL Commands, and Spoof Certificates February 28, 2012 - 8:45am Addthis PROBLEM: A vulnerability was reported in PostgreSQL. PLATFORM: Version(s): prior to 8.3.18, 8.4.11, 9.0.7, 9.1.3 ABSTRACT: A remote authenticated user can gain elevated privileges. A remote authenticated user can inject SQL commands. A remote user can spoof connections in certain cases. reference LINKS: Vendor Advisory Security Tracker ID 1026744 CVE-2012-0866 IMPACT ASSESSMENT: Medium Discussion: For trigger functions marked SECURITY DEFINER, a remote authenticated user can execute a trigger function and gain elevated privileges CVE-2012-0866.

97

V-203: HP LoadRunner Multiple Bugs Let Remote Users Deny Service and  

Broader source: Energy.gov (indexed) [DOE]

3: HP LoadRunner Multiple Bugs Let Remote Users Deny Service 3: HP LoadRunner Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code V-203: HP LoadRunner Multiple Bugs Let Remote Users Deny Service and Execute Arbitrary Code July 26, 2013 - 3:31am Addthis PROBLEM: A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions. PLATFORM: HP LoadRunner prior to 11.52 ABSTRACT: Multiple vulnerabilities were reported in HP LoadRunner. REFERENCE LINKS: Security Tracker Alert ID: 1028833 CVE-2013-2368 CVE-2013-2369 CVE-2013-2370 CVE-2013-4797 CVE-2013-4798 CVE-2013-4799 CVE-2013-4800 CVE-2013-4801 IMPACT ASSESSMENT: Medium DISCUSSION: Potential security vulnerabilities have been identified with HP LoadRunner. The vulnerabilities could be remotely exploited to allow execution of code

98

U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges |  

Broader source: Energy.gov (indexed) [DOE]

2: Sudo Format String Bug Lets Local Users Gain Elevated 2: Sudo Format String Bug Lets Local Users Gain Elevated Privileges U-092: Sudo Format String Bug Lets Local Users Gain Elevated Privileges January 31, 2012 - 5:45am Addthis PROBLEM: A vulnerability was reported in Sudo. A local user can obtain elevated privileges on the target system. PLATFORM: Linux (Any) Version(s): 1.8.0 - 1.8.3p1 ABSTRACT: A local user can supply a specially crafted command line argument to trigger a format string flaw and execute arbitrary commands on the target system with root privileges. reference LINKS: CVE-2012-0809 SecurityTracker Alert ID: 1026600 Vendor Site IMPACT ASSESSMENT: Medium Discussion: The vulnerability resides in the sudo_debug() function in 'src/sudo.c'. This can be exploited by local users, regardless of whether they are listed

99

U-110: Samba Bug Lets Remote Users Execute Arbitrary Code | Department of  

Broader source: Energy.gov (indexed) [DOE]

0: Samba Bug Lets Remote Users Execute Arbitrary Code 0: Samba Bug Lets Remote Users Execute Arbitrary Code U-110: Samba Bug Lets Remote Users Execute Arbitrary Code February 24, 2012 - 7:30am Addthis PROBLEM: A vulnerability was reported in Samba. PLATFORM: Version(s): prior to 3.4.0 ABSTRACT: A remote user can send specially crafted data to the smbd service to trigger a flaw in chain_reply() and construct_reply() and execute arbitrary code on the target system. reference LINKS: Vendor Advisory Security Tracker ID 1026739 CVE-2012-0870 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Samba. A remote user can execute arbitrary code on the target system. A remote user can send specially crafted data to the smbd service to trigger a flaw in chain_reply() and construct_reply() and execute arbitrary code on the target system. The code will run with the

100

U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code U-184: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code June 6, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities were reported in Mozilla Firefox. PLATFORM: Version(s): prior to 13.0 ABSTRACT: A remote user can cause arbitrary code to be executed on the target user's system. A remote user can conduct cross-site scripting attacks. A remote user can obtain potentially sensitive information. Reference Links: Security Tracker ID 1027120 CVE-2012-0441,CVE-2012-1937 Vendor URL IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system [CVE-2012-1937 , CVE-2012-1938, CVE-2012-1939 ].

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

V-127: Samba Bug Lets Remote Authenticated Users Modify Files | Department  

Broader source: Energy.gov (indexed) [DOE]

7: Samba Bug Lets Remote Authenticated Users Modify Files 7: Samba Bug Lets Remote Authenticated Users Modify Files V-127: Samba Bug Lets Remote Authenticated Users Modify Files April 5, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in Samba. PLATFORM: The vulnerabilities are reported in version(s): 3.6.0 - 3.6.5 ABSTRACT: A remote authenticated user can modify files on the target share REFERENCE LINKS: SecurityTracker Alert ID: 1028389 Samba Security Announcement CVE-2013-0454 IMPACT ASSESSMENT: Medium DISCUSSION: A remote authenticated user can perform operations on the target CIFS export that are not permitted by the CIFS share access control settings. This may include writing to read-only shares. IMPACT: Modification of user information SOLUTION: Update to 3.6.6 and higher or apply the following patch Addthis

102

U-192 VMware Workstation/Player VM Remote Device Bug Lets Local or Remote  

Broader source: Energy.gov (indexed) [DOE]

VMware Workstation/Player VM Remote Device Bug Lets Local or VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service U-192 VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service June 15, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in VMware Workstation/Player. PLATFORM: Version(s): Workstation 8.x, Player 4.x ABSTRACT: A local or remote user can cause denial of service conditions on the target virtual system. reference LINKS: Vendor Advisory Security Tracker ID 1027173 CVE-2012-3289 IMPACT ASSESSMENT: High Discussion: A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash. Impact:

103

V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and  

Broader source: Energy.gov (indexed) [DOE]

6: Cisco Wireless LAN Controller Bugs Let Remote Users Deny 6: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code January 24, 2013 - 6:00am Addthis PROBLEM: Several vulnerabilities were reported in Cisco Wireless LAN Controller. PLATFORM: The vulnerabilities are reported in: Cisco 2000 Series WLC Cisco 2100 Series WLC Cisco 2500 Series WLC Cisco 4100 Series WLC Cisco 4400 Series WLC Cisco 5500 Series WLC Cisco 7500 Series WLC Cisco 8500 Series WLC Cisco 500 Series Wireless Express Mobility Controllers Cisco Wireless Services Module (Cisco WiSM) Cisco Wireless Services Module version 2 (Cisco WiSM version 2)

104

U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

6: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny 6: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny Service February 6, 2012 - 7:00am Addthis PROBLEM: Vulnerability in AIX TCP stack PLATFORM: Version(s): 5.3, 6.1, 7.1 ABSTRACT: A remote user can send a series of specially crafted TCP packets to trigger a kernel panic on the target system. reference LINKS: SecurityTracker Alert ID: 1026640 IBM Security Advisory CVE-2012-0194 IMPACT ASSESSMENT: Medium Discussion: AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially-crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic.

105

V-077: Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication |  

Broader source: Energy.gov (indexed) [DOE]

7: Barracuda SSL VPN Bug Lets Remote Users Bypass 7: Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication V-077: Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication January 25, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in Barracuda SSL VPN. PLATFORM: The vulnerability has been verified to exist in Barracuda SSL VPN version 2.2.2.203 ABSTRACT: A remote user can gain administrative access to the target system. REFERENCE LINKS: SecurityTracker Alert ID: 1028039 Barracuda Networks Advisory IMPACT ASSESSMENT: High DISCUSSION: A remote user can set a specially crafted Java system property (via 'setSysProp.jsp') to bypass access restrictions and gain access to the API functionality. This can be exploited to download configuration files, download database dumps, shutdown the system, and set new administrative

106

T-654: Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary |  

Broader source: Energy.gov (indexed) [DOE]

4: Apple QuickTime Multiple Bugs Let Remote Users Execute 4: Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary T-654: Apple QuickTime Multiple Bugs Let Remote Users Execute Arbitrary June 24, 2011 - 4:39am Addthis PROBLEM: A vulnerability was reported in QuickTime. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: Version(s): prior to QuickTime 7.6.8 ABSTRACT: A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. reference LINKS: SecurityTracker Alert ID: 1025705 Apple Security Article: HT4339 Apple Security Article: HT4723 Apple Security Article: HT1222 CVE-2011-0213 Secunia Advisory: SA45054 IMPACT ASSESSMENT High Discussion:

107

V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain  

Broader source: Energy.gov (indexed) [DOE]

2: Cisco Video Surveillance Manager Bugs Let Remote Users 2: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information V-202: Cisco Video Surveillance Manager Bugs Let Remote Users Obtain Potentially Sensitive Information July 25, 2013 - 2:52am Addthis PROBLEM: A remote user can obtain potentially sensitive information and modify some configuration settings. A remote user can exploit this to create, modify, and remove camera feeds, archives, logs, and users. PLATFORM: Cisco Video Surveillance Manager 7.1, 7.5 ABSTRACT: Two vulnerabilities were reported in Cisco Video Surveillance Manager REFERENCE LINKS: Security Tracker Alert ID: 1028827 CVE-2013-3429 CVE-2013-3430 CVE-2013-3431 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is due to an access control error that occurred. The

108

T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the  

Broader source: Energy.gov (indexed) [DOE]

7: PHP File Upload Bug May Let Remote Users Overwrite Files on 7: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System T-647: PHP File Upload Bug May Let Remote Users Overwrite Files on the Target System June 15, 2011 - 3:45pm Addthis PROBLEM: A vulnerability was reported in PHP. A remote user may be able to overwrite files on the target system. PLATFORM: PHP prior to 5.3.7 ABSTRACT: PHP is prone to a security-bypass vulnerability.Successful exploits will allow an attacker to delete files from the root directory, which may aid in further attacks. PHP 5.3.6 is vulnerable; other versions may also be affected. reference LINKS: PHP Security Notice PHP CVE-2011-2202 SecurityTracker Alert ID: 1025659 Secunia Advisory: SA44874 CVE-2011-2202 IMPACT ASSESSMENT: High Discussion: The vulnerability lies in the 'SAPI_POST_HANDLER_FUNC()' function in

109

U-192: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote  

Broader source: Energy.gov (indexed) [DOE]

92: VMware Workstation/Player VM Remote Device Bug Lets Local or 92: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service U-192: VMware Workstation/Player VM Remote Device Bug Lets Local or Remote Users Deny Service June 15, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in VMware Workstation/Player. PLATFORM: Version(s): Workstation 8.x, Player 4.x aBSTRACT: A local or remote user can cause denial of service conditions on the target virtual system. reference LINKS: Vendor Advisory Security Tracker ID 1027173 CVE-2012-3289 IMPACT ASSESSMENT: High Discussion: A user with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can cause the target virtual machine to crash.

110

T-652: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and Execute  

Broader source: Energy.gov (indexed) [DOE]

2: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and 2: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and Execute Arbitrary Code T-652: Mozilla Thunderbird Bugs Let Remote Users Obtain Cookies and Execute Arbitrary Code June 22, 2011 - 2:55pm Addthis PROBLEM: Multiple vulnerabilities were reported in Mozilla Thunderbird. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain cookies from another domain in certain cases. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system [CVE-2011-2364, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376]. The code will run with the privileges of the target user. PLATFORM: Mozilla Thunderbird prior to 3.1.11

111

V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and  

Broader source: Energy.gov (indexed) [DOE]

3: Cisco TelePresence TC and TE Bugs Let Remote Users Deny 3: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access June 21, 2013 - 6:00am Addthis PROBLEM: Three vulnerabilities were reported in Cisco TelePresence TC and TE PLATFORM: The following product models are affected by the vulnerabilities: Cisco TelePresence MX Series Cisco TelePresence System EX Series Cisco TelePresence Integrator C Series Cisco TelePresence Profiles Series running Cisco TelePresence Quick Set Series Cisco IP Video Phone E20 ABSTRACT: Cisco TelePresence TC and TE Software contain two vulnerabilities in the implementation of the Session Initiation Protocol (SIP) that could allow an

112

U-201: HP System Management Homepage Bugs Let Remote Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

1: HP System Management Homepage Bugs Let Remote Users Deny 1: HP System Management Homepage Bugs Let Remote Users Deny Service U-201: HP System Management Homepage Bugs Let Remote Users Deny Service June 28, 2012 - 7:00am Addthis PROBLEM: A vulnerability was reported in HP System Management Homepage. PLATFORM: Version(s): prior to 7.1.1 ABSTRACT: The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code. Reference links: Original Advisory Security Tracker ID 1027209 CVE-2012-2012, CVE-2012-2013, CVE-2012-2014 CVE-2012-2015, CVE-2012-2016 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP System Management Homepage. A remote authenticated user can gain elevated privileges. A remote authenticated

113

U-088: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

8: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary 8: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code U-088: Symantec pcAnywhere Bugs Let Remote Users Execute Arbitrary Code January 25, 2012 - 6:00am Addthis PROBLEM: A remote user can execute arbitrary code on the target system. PLATFORM: Version(s): 12.5 SP3; pcAnywhere Solutions 7.1 GA, SP 1, and SP 2 ABSTRACT: Two vulnerabilities were reported in Symantec pcAnywhere. A remote user can execute arbitrary code on the target system. A local user can obtain elevated privileges on the target system. reference LINKS: Symantec Advisory Secunia Advisory SecurityTracker Alert ID:102576 IMPACT ASSESSMENT: Medium Discussion: A remote user can send specially crafted data to TCP port 5631 to trigger a but in the validation of authentication data and execute arbitrary code.

114

V-127: Samba Bug Lets Remote Authenticated Users Modify Files | Department  

Broader source: Energy.gov (indexed) [DOE]

7: Samba Bug Lets Remote Authenticated Users Modify Files 7: Samba Bug Lets Remote Authenticated Users Modify Files V-127: Samba Bug Lets Remote Authenticated Users Modify Files April 5, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in Samba. PLATFORM: The vulnerabilities are reported in version(s): 3.6.0 - 3.6.5 ABSTRACT: A remote authenticated user can modify files on the target share REFERENCE LINKS: SecurityTracker Alert ID: 1028389 Samba Security Announcement CVE-2013-0454 IMPACT ASSESSMENT: Medium DISCUSSION: A remote authenticated user can perform operations on the target CIFS export that are not permitted by the CIFS share access control settings. This may include writing to read-only shares. IMPACT: Modification of user information SOLUTION: Update to 3.6.6 and higher or apply the following patch Addthis

115

U-036: Apple iOS Bugs Let Remote Users Execute Arbitrary Code | Department  

Broader source: Energy.gov (indexed) [DOE]

6: Apple iOS Bugs Let Remote Users Execute Arbitrary Code 6: Apple iOS Bugs Let Remote Users Execute Arbitrary Code U-036: Apple iOS Bugs Let Remote Users Execute Arbitrary Code November 15, 2011 - 8:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Obtain Information and Let Local Users Bypass Authentication. PLATFORM: iOS 3.0 through 5.0 for iPhone 3GS iPhone 4 and iPhone 4S iOS 3.1 through 5.0 for iPod touch (3rd generation) and later iOS 3.2 through 5.0 for iPad, iOS 4.3 through 5.0 for iPad 2 ABSTRACT: A remote user can create content that, when loaded by the target user, will execute arbitrary code on or obtain potentially sensitive information from the target user's system. reference LINKS: Apple Security Article: HT5052 Apple Product Security SecurityTracker Alert ID: 1026311 IMPACT ASSESSMENT:

116

V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges | Department  

Broader source: Energy.gov (indexed) [DOE]

5: Apple iOS Bugs Let Local Users Gain Elevated Privileges 5: Apple iOS Bugs Let Local Users Gain Elevated Privileges V-115: Apple iOS Bugs Let Local Users Gain Elevated Privileges March 20, 2013 - 12:08am Addthis PROBLEM: Apple iOS Bugs Let Local Users Gain Elevated Privileges PLATFORM: Version(s): prior to 6.1.3 ABSTRACT: Several vulnerabilities were reported in Apple iOS REFERENCE LINKS: Apple security Article: HT1222 SecurityTracker Alert ID: 1028314 CVE-2013-0977 CVE-2013-0978 CVE-2013-0979 CVE-2013-0981 IMPACT ASSESSMENT: High DISCUSSION: A local user can exploit a flaw in the handling of Mach-O executable files with overlapping segments to execute unsigned code on the target system [CVE-2013-0977]. A local user can exploit a flaw in the ARM prefetch abort handling to determine the address of structures in the kernel [CVE-2013-0978].

117

U-211: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated  

Broader source: Energy.gov (indexed) [DOE]

11: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote 11: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories U-211: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories July 12, 2012 - 7:00am Addthis PROBLEM: EMC Celerra/VNX/VNXe Access Control Bug Lets Remote Authenticated Users Access Files/Directories PLATFORM: EMC Celerra Network Server versions 6.0.36.4 through 6.0.60.2 EMC VNX versions 7.0.12.0 through 7.0.53.1 EMC VNXe 2.0 (including SP1, SP2, and SP3) EMC VNXe MR1 (including SP1, SP2, SP3, and SP3.1) EMC VNXe MR2 (including SP0.1) ABSTRACT: A vulnerability was reported in EMC Celerra/VNX/VNXe. A remote authenticated user can access files and directories on the target file system. reference LINKS: The Vendor's Advisory

118

V-031: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated  

Broader source: Energy.gov (indexed) [DOE]

1: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote 1: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service V-031: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service November 22, 2012 - 3:00am Addthis PROBLEM: IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service PLATFORM: Version(s): XC10 2.0.0.0 - 2.0.0.3, 2.1.0.0 - 2.1.0.2 ABSTRACT: Several vulnerabilities were reported in IBM WebSphere DataPower. REFERENCE LINKS: IBM Security Bulletin SecurityTracker Alert ID: 1027798 CVE-2012-5758 CVE-2012-5759 CVE-2012-5756 IMPACT ASSESSMENT: High DISCUSSION: Several vulnerabilities were reported in IBM WebSphere DataPower. A remote

119

V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other  

Broader source: Energy.gov (indexed) [DOE]

1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to 1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems April 24, 2013 - 1:06am Addthis PROBLEM: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems PLATFORM: HP ElitePad 900 with BIOS version vF.00 ABSTRACT: A vulnerability was reported in HP ElitePad 900 REFERENCE LINKS: HP Document ID: c03727435 SecurityTracker Alert ID: 1028461 CVE-2012-5218 IMPACT ASSESSMENT: Medium DISCUSSION: The BIOS secure boot feature of the BIOS may not be enabled. A local user may be able to bypass the secure boot feature and boot an alternate operating system. IMPACT: A local user can may be able to boot to an alternate operating system. SOLUTION:

120

U-119: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

9: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users 9: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute Arbitrary Code U-119: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute Arbitrary Code March 7, 2012 - 7:00am Addthis PROBLEM: Blackberry PlayBook Unspecified WebKit Bug Lets Remote Users Execute Arbitrary Code PLATFORM: BlackBerry 6, BlackBerry 7, BlackBerry 7.1, and BlackBerry PlayBook tablet software ABSTRACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026769 BlackBerry Security Notice Article ID: KB30152 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Blackberry PlayBook. A remote user can cause arbitrary code to be executed on the target user's system. A remote

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other  

Broader source: Energy.gov (indexed) [DOE]

1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to 1: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems V-141: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems April 24, 2013 - 1:06am Addthis PROBLEM: HP ElitePad 900 Secure Boot Bug Lets Local Users Boot to Other Operating Systems PLATFORM: HP ElitePad 900 with BIOS version vF.00 ABSTRACT: A vulnerability was reported in HP ElitePad 900 REFERENCE LINKS: HP Document ID: c03727435 SecurityTracker Alert ID: 1028461 CVE-2012-5218 IMPACT ASSESSMENT: Medium DISCUSSION: The BIOS secure boot feature of the BIOS may not be enabled. A local user may be able to bypass the secure boot feature and boot an alternate operating system. IMPACT: A local user can may be able to boot to an alternate operating system. SOLUTION:

122

U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof  

Broader source: Energy.gov (indexed) [DOE]

5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and 5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs May 9, 2012 - 7:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs PLATFORM: prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 ABSTRACT: Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL. reference LINKS: SecurityTracker Alert ID: 1027028 CVE-2012-0672 CVE-2012-0674 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a specially crafted file that, when loaded by the

123

T-579: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

9: BlackBerry Device Software Bug in WebKit Lets Remote Users 9: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code T-579: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code March 15, 2011 - 5:05pm Addthis PROBLEM: A vulnerability was reported in BlackBerry Device Software. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: BlackBerry Device Software version 6.0 and later. ABSTRACT: BlackBerry Device Software Bug in WebKit Lets Remote Users Execute Code. reference LINKS: BlackBerry Advisory: KB26132 CVE-2011-1290 BlackBerry Security Note BlackBerry Device Storage IMPACT ASSESSMENT: Moderate Discussion: A vulnerability exists in the open source WebKit browser engine provided in BlackBerry Device Software version 6.0 and later. The issue could result in

124

U-085: OpenSSL DTLS Bug Lets Remote Users Deny Service | Department of  

Broader source: Energy.gov (indexed) [DOE]

5: OpenSSL DTLS Bug Lets Remote Users Deny Service 5: OpenSSL DTLS Bug Lets Remote Users Deny Service U-085: OpenSSL DTLS Bug Lets Remote Users Deny Service January 20, 2012 - 9:15am Addthis PROBLEM: OpenSSL DTLS Bug Lets Remote Users Deny Service PLATFORM: Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected. ABSTRACT: A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack. REFERNCE LINKS: CVE-2012-0050 SecurityTracker Alert ID: 1026548 OpenSSL Security Advisory [18 Jan 2011] OpenSSL News IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in OpenSSL. The fix to correct the Datagram Transport Layer Security (DTLS) vulnerability referenced by CVE-2011-4108 introduced a flaw. A remote user can send specially crafted data to cause denial of service conditions on the target system.

125

V-029: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

29: Mozilla Firefox Multiple Bugs Let Remote Users Execute 29: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks V-029: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks November 21, 2012 - 2:00am Addthis PROBLEM: Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks PLATFORM: Version(s): prior to 17.0 ABSTRACT: Multiple vulnerabilities were reported in Mozilla Firefox REFERENCE LINKS: Mozilla Foundation Security Advisories Bugtraq ID: 55260 SecurityTracker Alert ID: 1027791 CVE-2012-4201, CVE-2012-4202, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4206, CVE-2012-4207,CVE-2012-4208, CVE-2012-4209, CVE-2012-4210, CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216,

126

U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof  

Broader source: Energy.gov (indexed) [DOE]

5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and 5: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs May 9, 2012 - 7:00am Addthis PROBLEM: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs PLATFORM: prior to 5.1.1; iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 ABSTRACT: Two vulnerabilities were reported in Apple iOS. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can spoof the address bar URL. reference LINKS: SecurityTracker Alert ID: 1027028 CVE-2012-0672 CVE-2012-0674 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a specially crafted file that, when loaded by the

127

T-718:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

8:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute 8:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code T-718:Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code September 15, 2011 - 8:45am Addthis PROBLEM: Adobe Acrobat/Reader Multiple Bugs Let Remote Users Execute Arbitrary Code. PLATFORM: Adobe Reader X (10.1) and earlier 10.x versions for Windows and Macintosh Adobe Reader 9.4.5 and earlier 9.x versions for Windows, Macintosh and UNIX Adobe Reader 8.3 and earlier 8.x versions for Windows and Macintosh Adobe Acrobat X (10.1) and earlier 10.x versions for Windows and Macintosh Adobe Acrobat 9.4.5 and earlier 9.x versions for Windows and Macintosh Adobe Acrobat 8.3 and earlier 8.x versions for Windows and Macintosh ABSTRACT: A remote user can create a file that, when loaded by the target user, will

128

U-176: Wireshark Multiple Bugs Let Remote Users Deny Service | Department  

Broader source: Energy.gov (indexed) [DOE]

U-176: Wireshark Multiple Bugs Let Remote Users Deny Service U-176: Wireshark Multiple Bugs Let Remote Users Deny Service U-176: Wireshark Multiple Bugs Let Remote Users Deny Service May 24, 2012 - 7:00am Addthis PROBLEM: Wireshark Multiple Bugs Let Remote Users Deny Service PLATFORM: 1.4.0 to 1.4.12, 1.6.0 to 1.6.7 ABSTRACT: Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. Reference Links: SecurityTracker Alert ID: 1027094 CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 IMPACT ASSESSMENT: Medium Discussion: A remote user can send specially crafted ANSI MAP, ASF, BACapp, Bluetooth HCI, IEEE 802.11, IEEE 802.3, LTP, and R3 data to cause Wireshark to hang or enter an infinite loop. A remote user can cause the DIAMETER dissector to crash. A remote user can trigger a memory error on SPARC or Itanium processors and

129

T-633: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

3: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets 3: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users Deny Service T-633: BIND RRSIG RRsets Negative Caching Off-by-one Bug Lets Remote Users Deny Service May 31, 2011 - 3:35pm Addthis PROBLEM: A vulnerability was reported in BIND. A remote user can cause denial of service conditions. PLATFORM: BIND Version(s): 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, 9.8.0 and later; prior to 9.4-ESV-R4-P1, 9.6-ESV-R4-P1, 9.7.3-P1, 9.8.0-P2 ABSTRACT: A remote DNS server can supply very large RRSIG RRsets in a negative response to trigger an off-by-one error in a buffer size check and cause the target requesting named process to crash. A remote user can cause named to crash. reference LINKS: SecurityTracker Alert ID: 1025575 SecurityTracker Alert ID: 1025572

130

V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data |  

Broader source: Energy.gov (indexed) [DOE]

V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data August 3, 2013 - 2:37am Addthis PROBLEM: A vulnerability was reported in HP Printers. A remote user can obtain potentially sensitive information. PLATFORM: HP LaserJet Pro products ABSTRACT: A potential security vulnerability has been identified with certain HP LaserJet Pro printers. The vulnerability could be exploited remotely to gain unauthorized access to data. REFERENCE LINKS: SecurityTracker Alert ID 1028869 CVE-2013-4807 Vendor URL IMPACT ASSESSMENT: Medium DISCUSSION: The following models are affected: HP LaserJet Pro P1102w CE657A/CE658A HP LaserJet Pro P1606dn CE749A HP LaserJet Pro M1212nf MFP CE841A HP LaserJet Pro M1213nf MFP CE845A

131

U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain  

Broader source: Energy.gov (indexed) [DOE]

5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users 5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code September 21, 2012 - 6:00am Addthis PROBLEM: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code PLATFORM: HP SiteScope v11.10, v11.11, v11.12 for Windows, Linux and Solaris ABSTRACT: A vulnerability was reported in HP SiteScope. reference LINKS: HP Security Bulletin Document ID: c03489683 SecurityTracker Alert ID: 1027547 CVE-2012-3259 CVE-2012-3260 CVE-2012-3261 CVE-2012-3262 CVE-2012-3263 CVE-2012-3264 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP SiteScope. A remote user can execute

132

U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the  

Broader source: Energy.gov (indexed) [DOE]

32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny 32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS August 10, 2012 - 7:00am Addthis PROBLEM: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS PLATFORM: This vulnerability effects only Xen 4.0 and 4.1. Xen 3.4 and earlier and xen-unstable are not vulnerable. ABSTRACT: A vulnerability was reported in Xen. A local user on a guest operating system can cause denial of service conditions on the host. reference LINKS: Xen Security Announcements SecurityTracker Alert ID: 1027365 seclists.org CVE-2012-3433 IMPACT ASSESSMENT: Medium Discussion: An HVM guest is able to manipulate its physical address space such that tearing down the guest takes an extended period amount of time searching

133

U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

29: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote 29: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users Gain Unauthorized Access U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users Gain Unauthorized Access November 8, 2011 - 8:00am Addthis PROBLEM: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets Remote Users Gain Unauthorized Access. PLATFORM: HP TCP/IP Services for OpenVMS v5.6 and v5.7 on iTanium and ALPHA Servers. ABSTRACT: A remote user can gain unauthorized access reference LINKS: HP Support document ID: c01908983 SecurityTracker Alert ID: 1026279 CVE-2011-3168 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in TCP/IP Services for OpenVMS. A remote user can gain unauthorized access. On systems running POP or IMAP servers, a remote user can gain unauthorized access.

134

U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the  

Broader source: Energy.gov (indexed) [DOE]

32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny 32: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS August 10, 2012 - 7:00am Addthis PROBLEM: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny Service on the Host OS PLATFORM: This vulnerability effects only Xen 4.0 and 4.1. Xen 3.4 and earlier and xen-unstable are not vulnerable. ABSTRACT: A vulnerability was reported in Xen. A local user on a guest operating system can cause denial of service conditions on the host. reference LINKS: Xen Security Announcements SecurityTracker Alert ID: 1027365 seclists.org CVE-2012-3433 IMPACT ASSESSMENT: Medium Discussion: An HVM guest is able to manipulate its physical address space such that tearing down the guest takes an extended period amount of time searching

135

U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain  

Broader source: Energy.gov (indexed) [DOE]

5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users 5: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code U-265: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code September 21, 2012 - 6:00am Addthis PROBLEM: HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code PLATFORM: HP SiteScope v11.10, v11.11, v11.12 for Windows, Linux and Solaris ABSTRACT: A vulnerability was reported in HP SiteScope. reference LINKS: HP Security Bulletin Document ID: c03489683 SecurityTracker Alert ID: 1027547 CVE-2012-3259 CVE-2012-3260 CVE-2012-3261 CVE-2012-3262 CVE-2012-3263 CVE-2012-3264 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP SiteScope. A remote user can execute

136

U-075: Apache Struts Bug Lets Remote Users Overwrite Files and...  

Broader source: Energy.gov (indexed) [DOE]

Flaw Lets Remote Users Execute Arbitrary Commands V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code U-058: Apache Struts Conversion Error...

137

U-012: BlackBerry Enterprise Server Collaboration Service Bug...  

Broader source: Energy.gov (indexed) [DOE]

12: BlackBerry Enterprise Server Collaboration Service Bug Lets Remote Users Impersonate Intra-organization Messages U-012: BlackBerry Enterprise Server Collaboration Service Bug...

138

U-153: EMC Data Protection Advisor Server and Collector Bugs...  

Broader source: Energy.gov (indexed) [DOE]

53: EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service U-153: EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service...

139

U-052: HP Protect Tools Device Access Manager Unspecified Bug...  

Broader source: Energy.gov (indexed) [DOE]

Flaw Lets Remote Users Update Firmware with Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-049:...

140

V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting...  

Energy Savers [EERE]

V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions V-026: RSA Data Protection Manager Bugs Permit...

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

Water Bugs  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Bugs Bugs Nature Bulletin No. 221-A March 12, 1966 Forest Preserve District of Cook County Seymour Simon, President Roland F. Eisenbeis, Supt. of Conservation WATER BUGS It is fascinating to lie in a boat or on a log at the edge of the water and watch the drama that unfolds among the small water animals. Among the star performers in small streams and ponds are the Water Bugs. These are aquatic members of that large group of insects called the "true bugs", most of which live on land. Moreover, unlike many other types of water insects, they do not have gills but get their oxygen directly from the air. Those that do go beneath the surface usually carry an oxygen supply with them in the form of a shiny glistening sheath of air imprisoned among a covering of fine waterproof hairs. The common water insect known to small boys at the "Whirligig Bug" is not a water bug but a beetle.

142

U-048: HP LaserJet Printers Unspecified Flaw Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

AutoStart Buffer Overflows Let Remote Users Execute Arbitrary Code U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code U-052:...

143

A bug's leaf | EMSL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

A bug's leaf A bug's leaf Leaf-cutter ant fungus gardens give bioenergy-relevant information Leafcutter ants cultivate gardens of fungi and bacteria. Photo courtesy of Alejandro...

144

V-146: HP Service Manager Bugs Permit Cross-Site Scripting and...  

Broader source: Energy.gov (indexed) [DOE]

the update from The HP Software Support Online (SSO). Addthis Related Articles V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting...

145

Underground Layout Configuration  

SciTech Connect (OSTI)

The purpose of this analysis was to develop an underground layout to support the license application (LA) design effort. In addition, the analysis will be used as the technical basis for the underground layout general arrangement drawings.

A. Linden

2003-09-25T23:59:59.000Z

146

U-141: Sourcefire Defense Center Bugs | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

1: Sourcefire Defense Center Bugs 1: Sourcefire Defense Center Bugs U-141: Sourcefire Defense Center Bugs April 5, 2012 - 8:30am Addthis PROBLEM: Sourcefire Defense Center Bugs Let Remote Users Traverse the Directory, Access the Database, and Conduct Cross-Site Scripting Attacks PLATFORM: Version(s): prior to 4.10.2.3 ABSTRACT: Several vulnerabilities were reported in Sourcefire Defense Center. A remote user can conduct cross-site scripting attacks. A remote user can access the database. A remote user can view files on the target system reference LINKS: Original Advisory Security Tracker ID 1026890 Secunia Advisory 48667 IMPACT ASSESSMENT: Medium Discussion: A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the Sourcefire Defense

147

U-141: Sourcefire Defense Center Bugs | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

1: Sourcefire Defense Center Bugs 1: Sourcefire Defense Center Bugs U-141: Sourcefire Defense Center Bugs April 5, 2012 - 8:30am Addthis PROBLEM: Sourcefire Defense Center Bugs Let Remote Users Traverse the Directory, Access the Database, and Conduct Cross-Site Scripting Attacks PLATFORM: Version(s): prior to 4.10.2.3 ABSTRACT: Several vulnerabilities were reported in Sourcefire Defense Center. A remote user can conduct cross-site scripting attacks. A remote user can access the database. A remote user can view files on the target system reference LINKS: Original Advisory Security Tracker ID 1026890 Secunia Advisory 48667 IMPACT ASSESSMENT: Medium Discussion: A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the Sourcefire Defense

148

V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting  

Broader source: Energy.gov (indexed) [DOE]

2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site 2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code October 29, 2012 - 6:00am Addthis PROBLEM: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code PLATFORM: Firefox, Thunderbird, SeaMonkey ABSTRACT: Three vulnerabilities were reported in Mozilla Firefox. REFERENCE LINKS: Mozilla Foundation Security Advisory 2012-90 SecurityTracker Alert ID: 1027701 SecurityTracker Alert ID: 1027702 Advisory: RHSA-2012:1407-1 CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 IMPACT ASSESSMENT: High DISCUSSION: A remote user can exploit the valueOf() method of window.location to, in

149

V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks  

Broader source: Energy.gov (indexed) [DOE]

6: RSA Data Protection Manager Bugs Permit Cross-Site Scripting 6: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions V-026: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions November 16, 2012 - 6:00am Addthis PROBLEM: RSA Data Protection Manager Bugs Permit Cross-Site Scripting Attacks and Let Local Users Bypass Security Restrictions. PLATFORM: RSA Data Protection Manager Appliance versions 2.7.x and 3.x ABSTRACT: Two vulnerabilities were reported in RSA Data Protection Manager. REFERENCE LINKS: SecurityTracker Alert ID: 1027781 EMC Identifier: ESA-2012-055 RSA Worldwide Customer Support CVE-2012-4612 CVE-2012-4613 IMPACT ASSESSMENT: Medium DISCUSSION: Two vulnerabilities were reported in RSA Data Protection Manager. A remote

150

V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting  

Broader source: Energy.gov (indexed) [DOE]

2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site 2: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code V-012: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code October 29, 2012 - 6:00am Addthis PROBLEM: Mozilla Firefox 'window.location' Bugs Permit Cross-Site Scripting Attacks and May Let Remote Users Execute Arbitrary Code PLATFORM: Firefox, Thunderbird, SeaMonkey ABSTRACT: Three vulnerabilities were reported in Mozilla Firefox. REFERENCE LINKS: Mozilla Foundation Security Advisory 2012-90 SecurityTracker Alert ID: 1027701 SecurityTracker Alert ID: 1027702 Advisory: RHSA-2012:1407-1 CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 IMPACT ASSESSMENT: High DISCUSSION: A remote user can exploit the valueOf() method of window.location to, in

151

Massive June Bug Emergence  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Massive June Bug Emergence Massive June Bug Emergence Name: Cordell Location: N/A Country: N/A Date: N/A Question: We are infested with june bugs next to the street light near the end of my driveway. They have burrowed into the ground and underneath my driveway. Yesterday we shoveled 2/3 of a 33-gallon trash bag of just bugs. What can we spray or do to kill these june bugs? Replies: Not knowing which part of the country you are from and I could be wrong because of this fact buy this does not sound like June Bugs. This has to be a Circadia outbreak which are relatives to the June Bug. They run in 13, 17 or other year cycles and this depends upon the part of the country you are from. Ask a local garden center or naturalist and you'll probably see that this won't happen again for a number of years to come.

152

T-699: EMC AutoStart Buffer Overflows Let Remote Users Execute...  

Broader source: Energy.gov (indexed) [DOE]

EMC AutoStart Technical Info EMC Support Addthis Related Articles U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code T-639:...

153

U-017: HP MFP Digital Sending Software Lets Local Users Obtain...  

Broader source: Energy.gov (indexed) [DOE]

vulnerability. HP MFP Digital Sending Software v4.20 can be downloaded from HP Driver, Patch, Security and Support Addthis Related Articles V-210: HP LaserJet Pro Printer Bug Lets...

154

T-575: OpenLDAP back-ndb Lets Remote Users Authenticate Without...  

Broader source: Energy.gov (indexed) [DOE]

LDAP Authentication Bug Lets Remote Users Bypass Authentication U-185: OpenLDAP May Ignore TLSCipherSuite Setting in Some Cases T-535: Oracle Critical Patch Update - January 2011...

155

V-165: Cisco WebEx for iOS Certificate Validation Flaw Lets Remote...  

Office of Environmental Management (EM)

T-551: Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities U-165: Apple iOS Bugs Let Remote Users Execute Arbitrary Code and Spoof Address Bar URLs U-239:...

156

U-074: Microsoft .NET Bugs Let Remote Users Execute Arbitrary...  

Broader source: Energy.gov (indexed) [DOE]

user can redirect users to arbitrary sites. Solution: The vendor has issued a fix. A patch matrix is available in the vendor's advisory. Microsoft Security Bulletin MS11-100...

157

V-029: Mozilla Firefox Multiple Bugs Let Remote Users Execute...  

Broader source: Energy.gov (indexed) [DOE]

that, when loaded by the target user, will trigger a buffer overflow, use-after-free memory error, or memory corruption error and execute arbitrary code on the target system. The...

158

T-589: Citrix XenApp and Citrix Presentation Server Bug | Department of  

Broader source: Energy.gov (indexed) [DOE]

9: Citrix XenApp and Citrix Presentation Server Bug 9: Citrix XenApp and Citrix Presentation Server Bug T-589: Citrix XenApp and Citrix Presentation Server Bug March 28, 2011 - 3:05pm Addthis PROBLEM: Citrix XenApp and Citrix Presentation Server Bug in ActiveSync Lets Remote Users Execute Arbitrary Code. PLATFORM: Citrix XenApp Presentation versions 4.5, 5 ABSTRACT: A vulnerability was reported in Citrix XenApp (Presentation Server). A remote user can execute arbitrary code on the target system. -------------------------------------------------------------------------------- LINKS: DOE-CIRC BULLETIN: http://www.doecirc.energy.gov/bulletins/t-589.shtml OTHER LINKS: Citrix Document: CTX128366 SecurityTracker Alert ID: 1025254 Citrix Support Technical Support Downloads --------------------------------------------------------------------------------

159

T-589: Citrix XenApp and Citrix Presentation Server Bug | Department of  

Broader source: Energy.gov (indexed) [DOE]

89: Citrix XenApp and Citrix Presentation Server Bug 89: Citrix XenApp and Citrix Presentation Server Bug T-589: Citrix XenApp and Citrix Presentation Server Bug March 28, 2011 - 3:05pm Addthis PROBLEM: Citrix XenApp and Citrix Presentation Server Bug in ActiveSync Lets Remote Users Execute Arbitrary Code. PLATFORM: Citrix XenApp Presentation versions 4.5, 5 ABSTRACT: A vulnerability was reported in Citrix XenApp (Presentation Server). A remote user can execute arbitrary code on the target system. -------------------------------------------------------------------------------- LINKS: DOE-CIRC BULLETIN: http://www.doecirc.energy.gov/bulletins/t-589.shtml OTHER LINKS: Citrix Document: CTX128366 SecurityTracker Alert ID: 1025254 Citrix Support Technical Support Downloads --------------------------------------------------------------------------------

160

Method-level bug prediction  

Science Journals Connector (OSTI)

Researchers proposed a wide range of approaches to build effective bug prediction models that take into account multiple aspects of the software development process. Such models achieved good prediction performance, guiding developers towards those parts ... Keywords: code metrics, fine-grained source code changes, method-level bug prediction

Emanuel Giger; Marco D'Ambros; Martin Pinzger; Harald C. Gall

2012-09-01T23:59:59.000Z

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

bug | OpenEI Community  

Open Energy Info (EERE)

bug bug Home Rmckeel's picture Submitted by Rmckeel(297) Contributor 20 July, 2012 - 07:55 Image upload with broken thumbnail image bug images wiki OpenEI users can upload images to the wiki by typing a new file name http://en.openei.org/wiki/File:My_new_file.jpg However, due to a caching timing issue, right after upload, the 120px-wide thumbnail has not yet been created by the time the fetier cache goes after it. Thus, the thumbnail appears broken. Is anyone up for debugging? For users uploading images, this can be fixed by forcing a reload of the page: Rmckeel's picture Submitted by Rmckeel(297) Contributor 19 June, 2012 - 08:04 "Ghost" entries bug utility rate There is an issue that Illinois State University has come across. From Nick B: Syndicate content 429 Throttled (bot load)

162

Chinch Bugs in St. Augustine Lawns  

E-Print Network [OSTI]

Chinch bugs can be extremely damaging to home lawns. Their feeding causes small yellow or brown areas in lawns. Chinch bugs can usually be seen on careful inspection of the soil surface. Insecticides provide effective control....

Merchant, Michael E.; Mott, Dale

2006-10-17T23:59:59.000Z

163

Team Bug Bag Biogas For Nicaragua  

E-Print Network [OSTI]

Team Bug Bag Biogas For Nicaragua Project Recap The task for Team Bug Bag was to create for under $100 (USD), and be able to produce biogas that could boil water for a thirty minute time period

Demirel, Melik C.

164

Summary of Bugs Database Jeremy Kepner  

E-Print Network [OSTI]

written to create the current version of the bugs database. 1.2 Brief Project History Development1 Summary of Bugs Database Jeremy Kepner September, 1993 1. Introduction 1.1 Document Purpose of the Bugs database began in May of 1992. Initially, a very simple database model was used. By July

Kepner, Jeremy

165

Chapter 3 - Substation Layouts  

Science Journals Connector (OSTI)

Publisher Summary Substations are the points in the power network, where transmission lines and distribution feeders are connected together through circuit breakers or switches via busbars and transformers. This allows for the control of power flows in the network and general switching operations for maintenance purposes. This chapter describes the principal substation layouts, the effects of advancements in substation equipment, the modular design, the compact substations, and the moves toward design and construction “turnkey” contract work. The descriptions concentrate on air insulated switchgear (AIS) outdoor open terminal designs at rated voltages of 72 kV and higher. In an ideal situation all circuits and substation equipment would be duplicated such that following a fault or during maintenance a connection remains available. This would involve very high cost. Methods have therefore been adopted to achieve a compromise between complete security of supply and capital investment. A measure of circuit duplication is adopted while recognizing that duplication may itself reduce the security of supply by, for example, providing additional leakage paths to earth.

C.R. Bayliss; B.J. Hardy

2012-01-01T23:59:59.000Z

166

TVDG LET Calculator  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

To The B N L Tandem Van de Graaff Accelerator To The B N L Tandem Van de Graaff Accelerator TVDG LET Calculator This program calculates the Peak LET, Corresponding Energy and Range as well as the LET and Range at the Specified Energy for the Specified Ion in the Specified Target. Select the Target Material from the dropdown list. Select the Ion Specie from the dropdown list. Enter the Total Ion Energy in the text box. This is equal to the Atomic Mass times the Energy/Nucleon. Click the 'Calculate' button or press the 'Enter' key. The Peak LET, Corresponding Energy and Range as well as the LET and Range at the Specified Energy for the Specified Ion in the Specified Target will be returned. Select your Target from the list Air Aluminum Oxide Carbon Copper Gallium Arsenide Gold Polyester Polyethylene Silicon Silicon Dioxide Skin Soda Lime Glass Sodium Iodide Water Select your Ion from the list

167

Scale Insects and Mealy Bugs  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Scale Insects and Mealy Bugs Scale Insects and Mealy Bugs Nature Bulletin No. 404-A January 30, 1971 Forest Preserve District of Cook County George W. Dunne, President Roland F. Eisenbeis, Supt. of Conservation SCALE INSECTS AND MEALY BUGS The insect world contains an enormous number and variety of species but, of them all, the Scale Insects and Mealy Bugs come nearest to being vegetables. Most insects are active animals that fly, hop, scamper, crawl or burrow, but these queer creatures spend most of their lives merely sitting in one spot, sucking plant juices from a branch, twig, leaf, or fruit. Some of our most destructive pests are included among the several hundred kinds of these highly specialized insects. They are so small that the average person seldom realizes that they are responsible for the sickly or dying condition of a tree or shrub. Adult scale insects are extremely variable in shape, and range in size from that of a pinhead up to forms which are a quarter of an inch long. Each hides under a hard protective shell, or scale, of wax secreted by pores on its body, and are frequently so numerous that they form a dense crust. The females molt a few times, and usually discard their legs and wings, before they mature. She lays eggs under the scale and then dies. These hatch into young (called "crawlers") which move around for a period varying from a few hours to a day or two before they settle down and build scales. Unlike the female, the male -always the smaller of the two -- goes through a cocoon stage from which he emerges with a pair of wings but with no means of taking food. He merely mates and dies. Males are scarce In most kinds and in many species have never been seen.

168

T-714:Wireshark OpenSafety and CSN.1 Dissector Bugs | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

714:Wireshark OpenSafety and CSN.1 Dissector Bugs 714:Wireshark OpenSafety and CSN.1 Dissector Bugs T-714:Wireshark OpenSafety and CSN.1 Dissector Bugs September 12, 2011 - 9:00am Addthis PROBLEM: Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions. PLATFORM: Version(s): 1.4.0 to 1.4.8, 1.6.0 to 1.6.1 ABSTRACT: Wireshark OpenSafety and CSN.1 Dissector Bugs Lets Remote Users Deny Service. reference LINKS: Wireshark 1.6.2 Release Notes Wireshark 1.4.9 Release Notes Docid: wnpa-sec-2011-12 Docid: wnpa-sec-2011-14 Docid: wnpa-sec-2011-15 Docid: wnpa-sec-2011-16 SecurityTracker Alert ID: 1026030 IMPACT ASSESSMENT: High Discussion: A remote user can cause arbitrary scripting code to be executed on the target user's system. A large loop in the OpenSafety dissector could cause a crash. A remote user

169

U-230: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local  

Broader source: Energy.gov (indexed) [DOE]

0: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets 0: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges U-230: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges August 8, 2012 - 7:00am Addthis PROBLEM: Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges PLATFORM: Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) ABSTRACT: An updated sudo package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. reference LINKS: Advisory: RHSA-2012:1149-1 SecurityTracker Alert ID: 1027356 Sudo Main Page Bugzilla 844442 CVE-2012-3440 IMPACT ASSESSMENT: Medium Discussion: A local user can exploit a temporary file symbolic link flaw in the %postun

170

U-080: Linux Kernel XFS Heap Overflow May Let Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

80: Linux Kernel XFS Heap Overflow May Let Remote Users Execute 80: Linux Kernel XFS Heap Overflow May Let Remote Users Execute Arbitrary Code U-080: Linux Kernel XFS Heap Overflow May Let Remote Users Execute Arbitrary Code January 12, 2012 - 9:00am Addthis PROBLEM: Linux Kernel XFS Heap Overflow May Let Remote Users Execute Arbitrary Code PLATFORM: Linux ABSTRACT: A vulnerability was reported in the Linux Kernel. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: Linux Kernel Update SecurityTracker Alert ID: 1026512 CVE-2012-0038 Red Hat Bugzilla Bug 773280 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a filesystem that, when mounted by the target user, will execute arbitrary code on the target user's system. Impact: A remote user can create a specially crafted filesystem that, when mounted

171

Patch layout generation by detecting feature networks  

Science Journals Connector (OSTI)

Abstract The patch layout of 3D surfaces reveals the high-level geometric and topological structures. In this paper, we study the patch layout computation by detecting and enclosing feature loops on surfaces. We present a hybrid framework which combines several key ingredients, including feature detection, feature filtering, feature curve extension, patch subdivision and boundary smoothing. Our framework is able to compute patch layouts through concave features as previous approaches, but also able to generate nice layouts through smoothing regions. We demonstrate the effectiveness of our framework by comparing with the state-of-the-art methods.

Yuanhao Cao; Dong-Ming Yan; Peter Wonka

2014-01-01T23:59:59.000Z

172

Dynamically fighting bugs : prevention, detection and elimination  

E-Print Network [OSTI]

This dissertation presents three test-generation techniques that are used to improve software quality. Each of our techniques targets bugs that are found by different stake-holders: developers, testers, and maintainers. ...

Artzi, Shay

2009-01-01T23:59:59.000Z

173

Bed Bugs: Clinical Relevance and Control Options  

Science Journals Connector (OSTI)

...most do not come with quality efficacy data; an industry standard can review these...Anonymous. 2010. Bedbug bites becoming bigger battle. CMAJ 182 : 1606. 19. Anonymous...bug (Hemiptera: Cimicidae) by static electricity and air currents. J. Entomol. Sci...

Stephen L. Doggett; Dominic E. Dwyer; Pablo F. Peńas; Richard C. Russell

2012-01-01T23:59:59.000Z

174

MINT Optical Layout Yeong Shang Loh1  

E-Print Network [OSTI]

MINT Optical Layout Yeong Shang Loh1 April 5, 2000 Abstract This paper discusses the criteria affecting the choice of optical configuration for the MINT antennae. Parameters for the shielded Cassegrain degradation from misalignment and mounting errors. 1 Advisor: S. Staggs and L. Page #12;2 MINT Optical Layout

175

U-250: Wireshark DRDA Dissector Flaw Lets Remote Users Deny Service...  

Broader source: Energy.gov (indexed) [DOE]

Wireshark Bug Database - Bug 7666 SecurityTracker Alert ID: 1027464 Bugtraq ID: 55284 Red Hat Bugzilla - Bug 849926 CVE-2012-3548 IMPACT ASSESSMENT: Medium Discussion: An...

176

T-624: Novell eDirectory LDAP-SSL Memory Allocation Error Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

4: Novell eDirectory LDAP-SSL Memory Allocation Error Lets 4: Novell eDirectory LDAP-SSL Memory Allocation Error Lets Remote Users Deny Service T-624: Novell eDirectory LDAP-SSL Memory Allocation Error Lets Remote Users Deny Service May 17, 2011 - 3:05pm Addthis PROBLEM: A vulnerability was reported in Novell eDirectory. A remote user can cause denial of service conditions. A remote user can send specially crafted data to cause the target service to crash. On Netware-based systems, the system may crash. PLATFORM: Red Hat Enterprise, SuSE,AIX, HP/UX, Solaris, Windows 2000, 2003 ABSTRACT: A remote user can cause denial of service conditions. reference LINKS: Novell eDirectory - LDAP-SSL SECURELIST.ORG SecurityFocus BugTrackID: 47858 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Novell eDirectory. A remote user can cause

177

Bed Bugs: Clinical Relevance and Control Options  

Science Journals Connector (OSTI)

...assist those who cannot pay the high price of control, bed bugs are set to...antigen and bronchial asthma in Egypt. J. Egypt. Soc. Parasitol. 21 : 735-746...Doggett, SL . 2009. Identification natural history, p 13-22. InSL Doggett...

Stephen L. Doggett; Dominic E. Dwyer; Pablo F. Peńas; Richard C. Russell

2012-01-01T23:59:59.000Z

178

U-153: EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service  

Broader source: Energy.gov [DOE]

Two vulnerabilities were reported in EMC Data Protection Advisor. A remote user can cause denial of service conditions.

179

V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Cisco TelePresence Profiles Series running Cisco TelePresence Quick Set Series Cisco IP Video Phone E20 ABSTRACT: Cisco TelePresence TC and TE Software contain two vulnerabilities...

180

U-155: WebCalendar Access Control and File Inclusion Bugs Let...  

Broader source: Energy.gov (indexed) [DOE]

were reported in WebCalendar. A remote user may be able to execute arbitrary PHP code on the target system. reference links: SecurityTracker Alert ID: 1026966...

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

V-077: Barracuda SSL VPN Bug Lets Remote Users Bypass Authentication...  

Broader source: Energy.gov (indexed) [DOE]

property (via 'setSysProp.jsp') to bypass access restrictions and gain access to the API functionality. This can be exploited to download configuration files, download database...

182

U-233: Oracle Database INDEXTYPE CTXSYS.CONTEXT Bug Lets Remote...  

Energy Savers [EERE]

11.2.0.2 and 11.2.0.3 are not affected on systems that have the July 2012 Critical Patch Update. Impact: A remote authenticated user with 'Create Table' privileges can gain...

183

U-005: Apache mod_proxy Pattern Matching Bug Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

Impact: A remote user can access internal servers. Solution: The vendor has issued a patch for version 2.2.21 Apache 2.2.21 (released 2011-09-13) Addthis Related Articles U-046:...

184

T-538: HP OpenView Storage Data Protector Bug Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions...

185

U-092: Sudo Format String Bug Lets Local Users Gain Elevated...  

Broader source: Energy.gov (indexed) [DOE]

Sudo version 1.8.3p1 may be updated to version 1.8.3p2 via the file sudo-1.8.3p2.patch.gz. For sudo versions 1.8.0-1.8.3, the patch to sudo.c in sudo-1.8.3p2.patch.gz will...

186

V-199: Solaris Bugs Let Local Users Gain Root Privileges, Remote...  

Broader source: Energy.gov (indexed) [DOE]

reported in Solaris REFERENCE LINKS: SecurityTracker Alert ID: 1028802 Oracle Critical Patch Update Advisory - July 2013 CVE-2013-3745 CVE-2013-3746 CVE-2013-3748 CVE-2013-3750...

187

T-647: PHP File Upload Bug May Let Remote Users Overwrite Files...  

Broader source: Energy.gov (indexed) [DOE]

affects PHP 5.3.6 and earlier versions. No new package has been released yet, but a patch can be grabbed from the repository and applied manually. The vulnerability does not...

188

U-096: IBM AIX TCP Large Send Offload Bug Lets Remote Users Deny...  

Broader source: Energy.gov (indexed) [DOE]

Impact: A remote user can cause the target system to crash. Solution: IBM has issued a patch available via ftp at "aix.software.ibm.comaixefixessecuritylargesendfix.tar" The...

189

U-029: TCP/IP Services for OpenVMS POP/IMAP Service Bug Lets...  

Broader source: Energy.gov (indexed) [DOE]

access. Impact: A remote user can gain unauthorized access. Solution: HP has made patch kits available to resolve the vulnerability. The patch kits and installation...

190

U-192: VMware Workstation/Player VM Remote Device Bug Lets Local...  

Broader source: Energy.gov (indexed) [DOE]

with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can...

191

U-192 VMware Workstation/Player VM Remote Device Bug Lets Local...  

Broader source: Energy.gov (indexed) [DOE]

with the ability to modify communications data between a remote virtual device (e.g., CD-ROM, keyboard) located on a physically separate system and the target virtual machine can...

192

U-241: Adobe Flash Player Bugs Let Remote Users Execute Arbitrary...  

Broader source: Energy.gov (indexed) [DOE]

create specially crafted content that, when loaded by the target user, will trigger a memory corruption error CVE-2012-4163, CVE-2012-4164, CVE-2012-4165, CVE-2012-4166 or...

193

V-171: Apple Safari Bugs Let Remote Users Execute Arbitrary Code...  

Broader source: Energy.gov (indexed) [DOE]

can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system CVE-2013-1009,...

194

U-232: Xen p2m_teardown() Bug Lets Local Guest OS Users Deny...  

Broader source: Energy.gov (indexed) [DOE]

unavailable and may cause the domain 0 kernel to panic. There is no requirement for memory sharing to be in use. Impact: A guest kernel can cause the host to become unresponsive...

195

T-708:Pidgin Bugs Let Remote Users Deny Service and Potentially...  

Broader source: Energy.gov (indexed) [DOE]

A remote user can send specially crafted HTTP 100 responses to trigger a memory access error in the MSN protocol plugin and cause the target user's client to crash....

196

U-201: HP System Management Homepage Bugs Let Remote Users Deny Service  

Broader source: Energy.gov [DOE]

The vulnerabilities could be exploited remotely resulting in unauthorized access, disclosure of information, data modification, Denial of Service (DoS), and execution of arbitrary code.

197

High-let radiation carcinogenesis  

SciTech Connect (OSTI)

Recent results for neutron radiation-induced tumors are presented to illustrate the complexities of the dose-response curves for high-LET radiation. It is suggested that in order to derive an appropriate model for dose-response curves for the induction of tumors by high-LET radiation it is necessary to take into account dose distribution, cell killing and the susceptibility of the tissue under study. Preliminary results for the induction of Harderian gland tumors in mice exposed to various heavy ion beams are presented. The results suggest that the effectiveness of the heavy ion beams increases with increasing LET. The slopes of the dose-response curves for the different high-LET radiations decrease between 20 and 40 rads and therefore comparisons of the relative effectiveness should be made from data obtained at doses below about 20 to 30 rads.

Fry, R.J.M.; Powers-Risius, P.; Alpen, E.L.; Ainsworth, E.J.; Ullrich, R.L.

1982-01-01T23:59:59.000Z

198

Microsoft Word - Final BUGS article final.docx  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

of a good peak resource (Figure 1). Characteristics of a Good Peak Resource Demand Response Program Central- Station Peaker BUGS for Peaks Close to the Load ...

199

UCRL-JRNL-211774 Cache-Oblivious Mesh Layouts  

E-Print Network [OSTI]

UCRL-JRNL-211774 Cache-Oblivious Mesh Layouts Sung-Eui Yoon, Peter Lindstrom, Valerio Pascucci endorsement purposes. #12;Cache-Oblivious Mesh Layouts Sung-Eui Yoon1 Peter Lindstrom2 Valerio Pascucci2

Pascucci, Valerio

200

U-260: ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

0: ISC BIND RDATA Processing Flaw Lets Remote Users Deny 0: ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service U-260: ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service September 14, 2012 - 6:00am Addthis PROBLEM: ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service PLATFORM: Version(s): 9.0.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1, 9.6-ESV->9.6-ESV-R7-P2, 9.7.0->9.7.6-P2, 9.8.0->9.8.3-P2, 9.9.0->9.9.1-P2 ABSTRACT: A vulnerability was reported in ISC BIND. reference LINKS: The vendor's advisory SecurityTracker Alert ID: 1027529 Bugtraq ID: 55522 Red Hat Bugzilla - Bug 856754 CVE-2012-4244 IMPACT ASSESSMENT: High Discussion: A remote user can send a query for a record that has RDATA in excess of 65535 bytes to cause named to exit. This can be exploited against recursive servers by causing the server to query for records provided by an

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

MaximumLetThrough.PDF  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

9 9 Maximum Let-Through Currents in the APS Storage Ring Quadrupole, Sextupole, and Corrector Magnets J. Carwardine, D. McGhee, G. Markovich May 18, 1999 Abstract Limits are described for the maximum magnet currents, under specified fault conditions, for the storage ring quadrupole, sextupole, and corrector magnets. Introduction In computing the maximum let-through current for the magnets for the storage ring, several factors must be considered. In general, the maximum current likely to occur even under fault conditions is less than the maximum theoretical DC current given the magnet resistance and the maximum available DC voltage. The first level of protection against magnet current overloads is the over-current interlock that is built into the converter electronics package. The threshold is set to approximately 110% of

202

Repository surface design site layout analysis  

SciTech Connect (OSTI)

The purpose of this analysis is to establish the arrangement of the Yucca Mountain Repository surface facilities and features near the North Portal. The analysis updates and expands the North Portal area site layout concept presented in the ACD, including changes to reflect the resizing of the Waste Handling Building (WHB), Waste Treatment Building (WTB), Carrier Preparation Building (CPB), and site parking areas; the addition of the Carrier Washdown Buildings (CWBs); the elimination of the Cask Maintenance Facility (CMF); and the development of a concept for site grading and flood control. The analysis also establishes the layout of the surface features (e.g., roads and utilities) that connect all the repository surface areas (North Portal Operations Area, South Portal Development Operations Area, Emplacement Shaft Surface Operations Area, and Development Shaft Surface Operations Area) and locates an area for a potential lag storage facility. Details of South Portal and shaft layouts will be covered in separate design analyses. The objective of this analysis is to provide a suitable level of design for the Viability Assessment (VA). The analysis was revised to incorporate additional material developed since the issuance of Revision 01. This material includes safeguards and security input, utility system input (size and location of fire water tanks and pump houses, potable water and sanitary sewage rates, size of wastewater evaporation pond, size and location of the utility building, size of the bulk fuel storage tank, and size and location of other exterior process equipment), main electrical substation information, redundancy of water supply and storage for the fire support system, and additional information on the storm water retention pond.

Montalvo, H.R.

1998-02-27T23:59:59.000Z

203

History's Worst Software Bugs By Simson Garfinkel Story location: http://www.wired.com/news/technology/bugs/0,2924,69355,00.html  

E-Print Network [OSTI]

they lurk within our cell phones and our pacemakers, our power plants and medical equipment. And now, in our working for the U.S. Central Intelligence Agency allegedly (.pdf) plant a bug in a Canadian computer: "first actual case of a bug being found." Sixty years later, computer bugs are still with us, and show

Overstreet, C. Michael

204

JC3 Bulletin Archive | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

28, 2011 28, 2011 U-046: Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers. November 25, 2011 U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny November 23, 2011 U-044: HP Operations Agent and Performance Agent Lets Local Users Access a Restricted Directory A local user can access a directory on the target system. November 22, 2011 U-043: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote Servers Execute Arbitrary Code A remote server can execute arbitrary code on the connected target system. November 21, 2011 U-042: Mac RealPlayer Multiple Vulnerabilities Multiple vulnerabilities have been reported in Mac RealPlayer, which can be

205

A Spring-Embedding Approach for the Facility Layout Problem  

E-Print Network [OSTI]

a requirement; for example, planning of an airplane's dashboard, a city or a neighbourhood, a layout of office ... To describe the DISCON4,5 (DISpersion-

2003-01-27T23:59:59.000Z

206

V-128: Xen Event Channel Tracking Pointer Bug Local Privilege...  

Broader source: Energy.gov (indexed) [DOE]

privileges on the target host system. SOLUTION: The vendor has issued a fix (xsa47-4.1.patch, xsa47-4.2-unstable.patch). Addthis Related Articles U-232: Xen p2mteardown() Bug...

207

Page not found | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

81 - 19790 of 28,905 results. 81 - 19790 of 28,905 results. Article U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny http://energy.gov/cio/articles/u-045-windows-win32ksys-keyboard-layout-bug-lets-local-users-deny-service Article T-650: Microsoft Word Unspecified Flaw Lets Remote Users Execute Arbitrary Code Microsoft Word Unspecified Flaw Lets Remote Users Execute Arbitrary Code. http://energy.gov/cio/articles/t-650-microsoft-word-unspecified-flaw-lets-remote-users-execute-arbitrary-code Article T-639: Debian update for libxml2 Libxml2 XPath Nodeset Processing Vulnerability http://energy.gov/cio/articles/t-639-debian-update-libxml2 Article T-613: Microsoft Excel Axis Properties Remote Code Execution

208

A WYSIWYG approach for configuring model layout using model transformations  

Science Journals Connector (OSTI)

Model transformation is a core technology in Domain-Specific Modeling (DSM). While a number of model transformation languages and tools have been developed to support model transformation activities, the layout of visual models in the transformation ... Keywords: demonstration, model layout, model transformation

Yu Sun; Jeff Gray; Philip Langer; Manuel Wimmer; Jules White

2010-10-01T23:59:59.000Z

209

Let's Move! Enjoy Moving as a Family  

E-Print Network [OSTI]

and employer.This material is partially funded by USDA's Supplemental Nutrition Assistance Program ­ SNAP which by the Expanded Food Nutrition Education Program, USDA, NIFA. Let's Move...Cold Weather Fun! Let's Move, Virginia Polytechnic Institute and State University, 2013 Virginia Cooperative Extension programs

Liskiewicz, Maciej

210

Chapter 6 - Brake System Layout Design  

Science Journals Connector (OSTI)

Abstract This chapter brings together high-level braking system design (Chapters 3 and 4Chapter 3Chapter 4) and the design of friction brakes (Chapter 5) to complete the ’layout’ design of road vehicle braking systems. Two actuation systems are studied: hydraulic (used on passenger cars and light commercial vehicles) and pneumatic (used on heavy commercial vehicles). Other braking technologies (e.g. regenerative) and actuation systems (e.g. power hydraulic and electromechanical) are also mentioned. A four-step design procedure is presented, which includes designing the basic braking system parameters based on the vehicle configuration, specifying the brakes (size and torque capacity), designing the actuation system, and verification (legislative requirements). Examples are presented for a hydraulic system with a vacuum booster (passenger car) and a pneumatic system (articulated commercial vehicle), which illustrate the important features of achieving a good basic system configuration. In passenger cars, the importance of driver interface parameters such as pedal feel is explained, and for commercial vehicles, compatibility, load sensing, and predominance between the trailer and towing vehicle brake systems is discussed.

Andrew Day

2014-01-01T23:59:59.000Z

211

Microsoft Word - Final BUGS article final.docx  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

October 18, 2010 DOE/NETL-2010/1435 BUGS: The Next Smart Grid Peak Resource? BUGS: The Next Smart Grid Peak Resource? 2 Prepared by: Booz Allen Hamilton (BAH) Steve Pullins Horizon Energy Group DOE Contract number: DE-FE000400 BUGS: The Next Smart Grid Peak Resource? 3 Acknowledgements This report was prepared by Booz Allen Hamilton, Inc. (BAH) for the United States Department of Energy's National Energy Technology Laboratory. This work was completed under DOE NETL Contract Number DE-FE000400, and performed under BAH Task 430.04. The authors wish to acknowledge the excellent guidance, contributions, and cooperation of the NETL staff, particularly: Steven Bossart, Integrated Electric Power Systems Division Director Keith Dodrill, Integrated Electric Power Systems Division NETL Technical Monitor

212

NSLS-II Source Properties and Floor Layout  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

NSLS-II Source Properties and Floor Layout NSLS-II Source Properties and Floor Layout April 12, 2010 Contents Basic Storage Ring Parameters Basic and Advanced Source Parameters Brightness Flux Photon Source Size and Divergence Power Infrared Sources Distribution of Sources Available for User Beamlines Floor Layout This document provides a summary of the current NSLS-II source and floor layout parameters. For a more complete description of the NSLS-II accelerator properties planned for NSLS-II, see the NSLS-II Preliminary Design Report Basic NSLS-II Storage Ring Parameters at NSLS-II website. We note that this document summarizes the present status of the design, but that the design continues to be refined and that these parameters may change as part of this process. NSLS-II is designed to deliver photons with high average spectral brightness in the 2 keV to 10 keV

213

Case studies on lithography-friendly vlsi circuit layout  

E-Print Network [OSTI]

lithography-friendly. In this work, we intend to implement these modifications as a series of perturbations on the initial layout generated by the CAD tool for the circuit. To implement these changes we first calculate the feature variations offline...

Shah, Pratik Jitendra

2009-05-15T23:59:59.000Z

214

Photonic Device Layout Within the Foundry CMOS Design Environment  

E-Print Network [OSTI]

A design methodology to layout photonic devices within standard electronic complementary metal-oxide-semiconductor (CMOS) foundry data preparation flows is described. This platform has enabled the fabrication of designs ...

Orcutt, Jason Scott

215

Optimal Heliostat Layout for Concentrating Solar Tower Systems  

Science Journals Connector (OSTI)

A methodology to give an optimal layout of a group of heliostats has been developed for concentrating solar tower ... the method determines an optimal configuration of a heliostat field around a tower where refle...

Motoaki Utamura; Yutaka Tamaura…

2007-01-01T23:59:59.000Z

216

Lockout: Efficient Testing for Deadlock Bugs Ali Kheradmand  

E-Print Network [OSTI]

Lockout: Efficient Testing for Deadlock Bugs Ali Kheradmand School of Computer and Communication introduce Lockout, a technique and a tool that increases the proba- bility of deadlock manifestation and the testing infrastructure. Lockout produces binaries that are more prone to deadlock compared to native

Candea, George

217

Foiling the Flu Bug Global Partnerships for Nuclear Energy  

E-Print Network [OSTI]

1 1663 Foiling the Flu Bug Global Partnerships for Nuclear Energy Dark Universe Mysteries WILL NOT NEED TESTING Expanding Nuclear Energy the Right Way GLOBAL PARTNERSHIPS AND AN ADVANCED FUEL CYCLE sense.The Laboratory is operated by Los Alamos National Security, LLC, for the Department of Energy

218

MEXICO: GE Lets Mexicans Buy In  

Science Journals Connector (OSTI)

MEXICO: GE Lets Mexicans Buy In ... General Electric de Mexico, the country's biggest manufacturer of electrical products, had been one of the major Mexican firms still wholly owned by a foreign parent. ...

1968-07-15T23:59:59.000Z

219

T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote...  

Broader source: Energy.gov (indexed) [DOE]

Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary...

220

T-583: Linux Kernel OSF Partition Table Buffer Overflow Lets...  

Broader source: Energy.gov (indexed) [DOE]

3: Linux Kernel OSF Partition Table Buffer Overflow Lets Local Users Obtain Information T-583: Linux Kernel OSF Partition Table Buffer Overflow Lets Local Users Obtain Information...

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let...  

Broader source: Energy.gov (indexed) [DOE]

8: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct Bypass Attacks T-728: Apache Tomcat HTTP DIGEST Authentication Weaknesses Let Remote Users Conduct...

222

U-094: EMC Documentum Content Server Lets Local Administrative...  

Broader source: Energy.gov (indexed) [DOE]

4: EMC Documentum Content Server Lets Local Administrative Users Gain Elevated Privileges U-094: EMC Documentum Content Server Lets Local Administrative Users Gain Elevated...

223

V-103: RSA Authentication Agent Lets Remote Users Bypass Authenticatio...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

RSA Authentication Agent Lets Remote Users Bypass Authentication Requirements March 4, 2013 - 12:27am Addthis PROBLEM: RSA Authentication Agent Lets Remote Users Bypass...

224

U-240: Apple Remote Desktop Encryption Failure Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

0: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain...

225

U-030: Apache Tomcat Lets Untrusted Web Applications Gain Elevated...  

Broader source: Energy.gov (indexed) [DOE]

0: Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges U-030: Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges November 9, 2011 - 8:30am...

226

V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

6: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code June...

227

OpenEI/URDB Bug? | OpenEI Community  

Open Energy Info (EERE)

OpenEI/URDB Bug? OpenEI/URDB Bug? Home > Groups > Utility Rate Clarknd's picture Submitted by Clarknd(20) Member 26 November, 2012 - 07:39 I ran into a problem today on the Utility Rate Database (URDB). Every time I select the "Assume net metering (buy = sell)" box and go to save the page for some reason it doesn't save that change and reverts back to "No" rather than "Yes". Groups: Utility Rate Login to post comments Latest discussions Rmckeel New page curation tool Posted: 7 May 2013 - 08:16 by Rmckeel Rmckeel Considering removing "Show Preview" button on utility rate form edit Posted: 22 Apr 2013 - 13:55 by Rmckeel 5 comment(s) 1 of 10 ›› Groups Menu You must login in order to post into this group. Latest discussion comments NickL

228

CMOS Photovoltaic-cell Layout Configurations for Harvesting Microsystems  

E-Print Network [OSTI]

CMOS Photovoltaic-cell Layout Configurations for Harvesting Microsystems Rajiv Damodaran Prabha, and radiation, photovoltaic (PV) systems are appealing options. Still, chip-sized CMOS PV cells produce only well in substrate cell are better. Index Terms--Ambient light energy, harvester, CMOS photovoltaic (PV

Rincon-Mora, Gabriel A.

229

Facility Siting and Layout Optimization Based on Process Safety  

E-Print Network [OSTI]

) that identifies potential layouts by minimizing overall costs. This approach gives the coordinates of each facility in a continuous plane, and estimates for the total length of pipes, the land area, and the selection of safety devices. Finally, the 3D...

Jung, Seungho

2012-02-14T23:59:59.000Z

230

Near optimal design of fixture layouts in multi-station assembly processes  

E-Print Network [OSTI]

This dissertation presents a methodology for the near optimal design of fixture layouts in multi-station assembly processes. An optimal fixture layout improves the robustness of a fixture system, reduces product variability and leads...

Kim, Pansoo

2004-11-15T23:59:59.000Z

231

Automated material handling systems: an approach to robust layout planning of AMHS  

Science Journals Connector (OSTI)

The simulation-based layout planning of automated material handling systems (AMHS) for microelectronics and semiconductor manufacturing demands adequate simulation models. An approach for measuring and quantifying the AMHS layout performance of alternative ...

Roland Sturm; Joachim Seidelmann; Johann Dorner; Kevin Reddig

2003-12-01T23:59:59.000Z

232

Microsoft Word - EN_M278 - NIM Optical Layout.doc  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

SSRL ENGINEERING NOTE M278 Page 1 of 6 March 20, 1997 M. Rowen Beam Line 5-4 NIM, Optical Layout and Alignment Data Purpose: This document specifies the optical layout for the beam...

233

Entrapment of bed bugs by leaf trichomes inspires microfabrication of biomimetic surfaces  

Science Journals Connector (OSTI)

...18 h; the total area impacted by 60 bug feet with eight locomotory cycles per minute...generally occurred on the underside of the foot. The same legs that appeared irreversibly...potential to harness the bed bug-entrapping power of natural leaf surfaces using purely physical...

2013-01-01T23:59:59.000Z

234

Using Combinatorial Benchmark Construction to Improve the Assessment of Concurrency Bug Detection Tools  

E-Print Network [OSTI]

of performance measures. The inclusion of performance measures ensure that we can assess the fitnessUsing Combinatorial Benchmark Construction to Improve the Assessment of Concurrency Bug Detection, it is difficult to assess the fitness of a particular con- currency bug detection method and to compare

Bradbury, Jeremy S.

235

U-027: RSA Key Manager Appliance Session Logout Bug Fails to Terminate  

Broader source: Energy.gov (indexed) [DOE]

7: RSA Key Manager Appliance Session Logout Bug Fails to 7: RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions U-027: RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions November 4, 2011 - 8:00am Addthis PROBLEM: RSA Key Manager Appliance Session Logout Bug Fails to Terminate Sessions. PLATFORM: RSA Key Manager Appliance 2.7 Service Pack 1 ABSTRACT: A remote authenticated user session may not terminate properly. reference LINKS: SecurityTracker Alert ID: 1026276 SecurityFocus Bug Traq Seclists: ESA-2011-035 CVE-2011-2740 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in RSA Key Manager Appliance. A remote authenticated user session may not terminate properly. When using Firefox 4 and 5, an authenticated user session is not terminated properly when logging out.

236

T-700:Red Hat: kernel security, bug fix, and enhancement update |  

Broader source: Energy.gov (indexed) [DOE]

700:Red Hat: kernel security, bug fix, and enhancement update 700:Red Hat: kernel security, bug fix, and enhancement update T-700:Red Hat: kernel security, bug fix, and enhancement update August 24, 2011 - 3:45pm Addthis PROBLEM: Updated kernel packages that fix several security issues, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. PLATFORM: Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Server EUS (v. 6.1.z) Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: Red Hat: kernel security, bug fix, and enhancement update. reference LINKS: RHSA-2011: 1189-1 Secunia Advisory: SA45746 Red Hat Download CVE-2011-1182 , CVE-2011-1576 CVE-2011-1593 , CVE-2011-1776 CVE-2011-1898 , CVE-2011-2183

237

Application of the Analytic Network Process to facility layout selection  

Science Journals Connector (OSTI)

Abstract This paper applies the Analytic Network Process (ANP) method to the selection of the best facility layout plan based on multiple dependent and independent criteria. This is the first time that this method is used in such a context. An ANP model is built taking into account the interdependencies between criteria that are found based on experts’ opinions and fundamental equations. A network structure is built that shows all elements and clusters and their interactions that can be used to find the most effective layout. Limit priorities are computed which identify the most important factors in the selection process. A case study is conducted in a wood factory which represents a real demonstration of the developed model. A comparison is conducted between ANP and Analytic Hierarchy Process (AHP) which shows the differences between the two methods. Finally, sensitivity analysis shows the robustness of the model.

Tarek Al-Hawari; Ahmad Mumani; Amer Momani

2014-01-01T23:59:59.000Z

238

EVACUATED TUBE COLLECTORS SIMPLIFY SOLAR THERMAL SYSTEM LAYOUT  

Science Journals Connector (OSTI)

SUMMARY Evacuated tube collectors (ETC's) differ quite markedly in their behaviour from the more familiar flat plate solar collectors. The consequences in cost of the entire system are investigated for a typical residential dwelling, making full use of the advantages offered by ETC's. A significant saving in initial cost as well as in maintenance costs can be realised. KEYWORDS Evacuated tube collectors; solar system layout; freeze protection; overheat protection.

C.W.J. van Koppen; P. Verhaart

1986-01-01T23:59:59.000Z

239

Solar Decathlon 2015: Let the Competition Begin | Department...  

Broader source: Energy.gov (indexed) [DOE]

5: Let the Competition Begin Solar Decathlon 2015: Let the Competition Begin February 13, 2014 - 1:00pm Addthis The Solar Decathlon competition has provided more than 17,000...

240

Coherent Image Layout using an Adaptive Visual Vocabulary  

SciTech Connect (OSTI)

When querying a huge image database containing millions of images, the result of the query may still contain many thousands of images that need to be presented to the user. We consider the problem of arranging such a large set of images into a visually coherent layout, one that places similar images next to each other. Image similarity is determined using a bag-of-features model, and the layout is constructed from a hierarchical clustering of the image set by mapping an in-order traversal of the hierarchy tree into a space-filling curve. This layout method provides strong locality guarantees so we are able to quantitatively evaluate performance using standard image retrieval benchmarks. Performance of the bag-of-features method is best when the vocabulary is learned on the image set being clustered. Because learning a large, discriminative vocabulary is a computationally demanding task, we present a novel method for efficiently adapting a generic visual vocabulary to a particular dataset. We evaluate our clustering and vocabulary adaptation methods on a variety of image datasets and show that adapting a generic vocabulary to a particular set of images improves performance on both hierarchical clustering and image retrieval tasks.

Dillard, Scott E.; Henry, Michael J.; Bohn, Shawn J.; Gosink, Luke J.

2013-03-06T23:59:59.000Z

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

An interactive algorithm for editing VLSI geometric layouts  

E-Print Network [OSTI]

as the original design. In VLSI designs, this can mean up to 60 man-years just for debugging ~1'. The tools depicted in the left portion of Fig. 1 are used extensively to detect and correct as many of the design and layout errors as possible before the circuit... the start. it is only logical to lay out the mask in a manner which reflects this modularity. The 4echnique of so called floor planning [6j is first used to define the overall location of the various subsystems in the physical layou4 space. The size ol...

Denman, Stephen David

1984-01-01T23:59:59.000Z

242

V-146: HP Service Manager Bugs Permit Cross-Site Scripting and Information  

Broader source: Energy.gov (indexed) [DOE]

6: HP Service Manager Bugs Permit Cross-Site Scripting and 6: HP Service Manager Bugs Permit Cross-Site Scripting and Information Disclosure Attacks V-146: HP Service Manager Bugs Permit Cross-Site Scripting and Information Disclosure Attacks May 1, 2013 - 12:43am Addthis PROBLEM: HP Service Manager Bugs Permit Cross-Site Scripting and Information Disclosure Attacks PLATFORM: Service Manager v9.31 Web Tier ABSTRACT: Two vulnerabilities were reported in HP Service Manager REFERENCE LINKS: HP Document ID: c03748875 SecurityTracker Alert ID: 1028496 CVE-2012-5222 CVE-2013-2321 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can obtain potentially sensitive information [CVE-2012-5222]. Service Manager Web Tier does not properly filter HTML code from user-supplied input before displaying the input [CVE-2013-2321]. A remote

243

T-667: Red Hat Enterprise Linux kernel security and bug fix update |  

Broader source: Energy.gov (indexed) [DOE]

7: Red Hat Enterprise Linux kernel security and bug fix update 7: Red Hat Enterprise Linux kernel security and bug fix update T-667: Red Hat Enterprise Linux kernel security and bug fix update July 13, 2011 - 7:24am Addthis PROBLEM: Red Hat Enterprise Linux kernel security and bug fix update PLATFORM: Vulnerable Linux Kernels; Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux HPC Node (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Server EUS (v. 6.1.z), Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into

244

U-129: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and  

Broader source: Energy.gov (indexed) [DOE]

9: RSA enVision Bugs Permit Cross-Site Scripting, SQL 9: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and Directory Traversal Attacks U-129: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and Directory Traversal Attacks March 20, 2012 - 7:00am Addthis PROBLEM: RSA enVision Bugs Permit Cross-Site Scripting, SQL Injection, and Directory Traversal Attacks PLATFORM: 4.x, prior to 4.1 Patch 4 ABSTRACT: Several vulnerabilities were reported in RSA enVision. A remote user can access the system. A remote authenticated user can conduct cross-site scripting attacks. A remote authenticated user can inject SQL commands. A remote authenticated user can view files on the target system. Reference LINKS: SecurityTracker Alert ID: 1026819 CVE-2012-0403 IMPACT ASSESSMENT: High Discussion: The system does not properly filter HTML code from user-supplied input

245

T-712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and 712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update T-712: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update September 8, 2011 - 10:30am Addthis PROBLEM: A flaw was discovered in Cumin where it would log broker authentication credentials to the Cumin log file. A vulnerability was reported in Red Hat Enterprise MRG Grid. A local user can access the broker password. PLATFORM: Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 5) ABSTRACT: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update. reference LINKS: RHSA-2011:1249-1 SecurityTracker Alert ID: 1026021 CVE-2011-2925 IMPACT ASSESSMENT: Medium Discussion: A local user exploiting this flaw could connect to the broker outside of Cumin's control and perform certain operations such as scheduling jobs,

246

V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks  

Broader source: Energy.gov (indexed) [DOE]

8: WordPress Bugs Permit Cross-Site Scripting and Port Scanning 8: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks January 28, 2013 - 12:32am Addthis PROBLEM: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks PLATFORM: WordPress all versions are affected prior to 3.5.1 ABSTRACT: WordPress 3.5.1 Maintenance and Security Release REFERENCE LINKS: WordPress News SecurityTracker Alert ID: 1028045 Secunia Advisory SA51967 IMPACT ASSESSMENT: Medium DISCUSSION: Several scripts do not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the WordPress software and will run in the security

247

E-Print Network 3.0 - automated fixture layout Sample Search...  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

1 Individual Dissertation (G53IDS) Summary: than fixtures per day). Before designing any interface layouts I decided to conduct research... Automated Scheduling of Sport...

248

Efficient Formulations for the Multi-Floor Facility Layout Problem with ...  

E-Print Network [OSTI]

Feb 28, 2007 ... Abstract: The block layout problem for a multi-floor facility is an important sub ... Category 2: Applications -- OR and Management Sciences ...

Marc Goetschalckx

2007-02-28T23:59:59.000Z

249

Optimization Online - A binary LP model to the facility layout problem  

E-Print Network [OSTI]

Abstract: In facility layout problems, a major concern is the optimal design or remodeling of the ... Category 1: Applications -- OR and Management Sciences.

Christos Papahristodoulou

250

LAYOUT AND SIZING OF ESF ALCOVES AND REFUGE CHAMBERS  

SciTech Connect (OSTI)

The purpose of this analysis is to establish size requirements and approximate locations of Exploratory Studies Facility (ESF) test and operations alcoves, including refuge chambers during construction of the Topopah Spring (TS) loop. Preliminary conceptual layouts for non-deferred test alcoves will be developed to examine construction feasibility based on current test plans and available equipment. The final location and configuration layout for alcoves will be developed when in-situ rock conditions can be visually determined. This will be after the TBM has excavated beyond the alcove location and the rock has been exposed. The analysis will examine the need for construction of walkways and electrical alcoves in the ramps and main drift. Niches that may be required to accommodate conveyor booster drives and alignments are not included in this analysis. The analysis will develop design criteria for refuge chambers to meet MSHA requirements and will examine the strategic location of refuge chambers based on their potential use in various ESF fire scenarios. This document supersedes DI:BABE00000-01717-0200-00003 Rev 01, ''TS North Ramp Alcove and Stubout Location Analysis'' in its entirety (Reference 5-6).

John Beesley and Romeo S. Jurani

1995-08-25T23:59:59.000Z

251

V-055: Firefly Media Server Null Pointer Dereference Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

V-055: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny Service December 26, 2012 - 9:00am Addthis PROBLEM: Firefly Media Server Null Pointer Dereference...

252

U-219: Symantec Web Gateway Input Validation Flaws Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

9: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords U-219: Symantec Web Gateway Input...

253

Heliostat Field Optimization: A New Computationally Efficient Model and Biomimetic Layout  

E-Print Network [OSTI]

Heliostat Field Optimization: A New Computationally Efficient Model and Biomimetic Layout Corey J for heliostat field layout optimization are introduced. The model, described and validated herein, includes & blocking, aberration and atmospheric attenuation. The model is based on a discretization of the heliostats

254

Quantifying the sensitivity of wind farm performance to array layout options using large-eddy simulation  

E-Print Network [OSTI]

the effects of array layout on the performance of offshore wind farms. Array layout is characterized by the spacing between wind turbines (along and across the prevailing wind direction) and by their alignment and is coupled with an actuator line model to simulate the effects of the rotating wind turbine blades. A control

255

Species composition and seasonal abundance of stink bugs in cotton in the Lower Texas Gulf Coast and the virulence of Euschistus species to cotton  

E-Print Network [OSTI]

with the drop cloth. ........................................................................................................... 26 2.2. Distribution of most common pest stink bugs by county, 2004. ........................ 31 2.3. Distribution... Page 2.1. Mean number of stink bug species collected per six row-feet, by date. Lower Texas Gulf Coast region, 2004.............................................................. 30 2.2. Mean number of stink bug species...

Hopkins, Bradley Wayne

2006-04-12T23:59:59.000Z

256

Backup Generators (BUGS): The Next Smart Grid Peak Resource? | Open Energy  

Open Energy Info (EERE)

Backup Generators (BUGS): The Next Smart Grid Peak Resource? Backup Generators (BUGS): The Next Smart Grid Peak Resource? Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Backup Generators (BUGS): The Next Smart Grid Peak Resource? Focus Area: Crosscutting Topics: Potentials & Scenarios Website: www.netl.doe.gov/smartgrid/referenceshelf/articles/10-18-2010_BUGS%20a Equivalent URI: cleanenergysolutions.org/content/backup-generators-bugs-next-smart-gri Language: English Policies: "Deployment Programs,Financial Incentives,Regulations" is not in the list of possible values (Deployment Programs, Financial Incentives, Regulations) for this property. DeploymentPrograms: Demonstration & Implementation Regulations: "Resource Integration Planning,Energy Standards" is not in the list of possible values (Agriculture Efficiency Requirements, Appliance & Equipment Standards and Required Labeling, Audit Requirements, Building Certification, Building Codes, Cost Recovery/Allocation, Emissions Mitigation Scheme, Emissions Standards, Enabling Legislation, Energy Standards, Feebates, Feed-in Tariffs, Fuel Efficiency Standards, Incandescent Phase-Out, Mandates/Targets, Net Metering & Interconnection, Resource Integration Planning, Safety Standards, Upgrade Requirements, Utility/Electricity Service Costs) for this property.

257

The Insect's Christmas Podcast Welcome to Bug Bytes, a bimonthly podcast from Texas A&M University's  

E-Print Network [OSTI]

Bug Bytes The Insect's Christmas Podcast **Music Up Welcome to Bug Bytes, a bimonthly podcast from didn't cooperate under the bright film lights. So when they died, Starevitch decided to make them. Starevitch has inspired contemporary greats like Tim Burton and Henry Selick of Nightmare before Christmas

Behmer, Spencer T.

258

Queen of the Sun Transcript Welcome to Bug Bytes, a bimonthly podcast from Texas A&M University's  

E-Print Network [OSTI]

Bug Bytes Queen of the Sun Transcript **Music Up Welcome to Bug Bytes, a bimonthly podcast from beekeepers of the world. Why? We recently screened a documentary called Queen of the Sun. The film explores in the face of almost certain impending disaster. We were prepared for this, as we thought Queen of the Sun

Behmer, Spencer T.

259

V-128: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation |  

Broader source: Energy.gov (indexed) [DOE]

8: Xen Event Channel Tracking Pointer Bug Local Privilege 8: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation V-128: Xen Event Channel Tracking Pointer Bug Local Privilege Escalation April 8, 2013 - 12:28am Addthis PLATFORM: Version(s): 3.2 and later ABSTRACT: A vulnerability was reported in Xen. REFERENCE LINKS: SecurityTracker Alert ID: 1028388 CVE-2013-1920 IMPACT ASSESSMENT: Medium DISCUSSION: A local user with kernel level privileges on the guest operating system can exploit a memory pointer error when the hypervisor is under memory pressure and Xen Security Module (XSM) is enabled to execute arbitrary code on the target host system IMPACT: A local user on the guest operating system can obtain elevated privileges on the target host system. SOLUTION: The vendor has issued a fix (xsa47-4.1.patch, xsa47-4.2-unstable.patch).

260

U-030: Apache Tomcat Lets Untrusted Web Applications Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

30: Apache Tomcat Lets Untrusted Web Applications Gain Elevated 30: Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges U-030: Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges November 9, 2011 - 8:30am Addthis PROBLEM: Apache Tomcat Lets Untrusted Web Applications Gain Elevated Privileges. PLATFORM: Apache Tomcat 7.0.0-7.0.21. ABSTRACT: An untrusted web application can access Manager application functions. reference LINKS: Apache Tomcat 7.x vulnerabilities SecurityTracker Alert ID: 1026295 CVE-2011-3376 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Apache Tomcat. A local user (application) can obtain elevated privileges on the target system. A local web application (that is not trusted) can access Manager application functions without being marked as privileged. This can be exploited to obtain

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

V-103: RSA Authentication Agent Lets Remote Users Bypass Authentication  

Broader source: Energy.gov (indexed) [DOE]

3: RSA Authentication Agent Lets Remote Users Bypass 3: RSA Authentication Agent Lets Remote Users Bypass Authentication Requirements V-103: RSA Authentication Agent Lets Remote Users Bypass Authentication Requirements March 4, 2013 - 12:27am Addthis PROBLEM: RSA Authentication Agent Lets Remote Users Bypass Authentication Requirements PLATFORM: RSA Authentication Agent 7.1, 7.1.1 for Microsoft Windows ABSTRACT: A vulnerability was reported in RSA Authentication Agent. REFERENCE LINKS: RSA SecurCare SecurityTracker Alert ID: 1028230 CVE-2013-0931 IMPACT ASSESSMENT: Medium DISCUSSION: On systems configured for Quick PIN Unlock, the system will request a PIN instead of a full Passcode when the session is activated from an active screensaver after the Quick PIN Unlock timeout has expired. RSA Authentication Agent on Windows Vista, Windows 7, Windows 2008, and

262

U-161: Citrix Provisioning Services Unspecified Flaw Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

1: Citrix Provisioning Services Unspecified Flaw Lets Remote 1: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code U-161: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code May 3, 2012 - 7:00am Addthis PROBLEM: Citrix Provisioning Services Unspecified Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: 6.1 and prior ABSTRACT: A vulnerability was reported in Citrix Provisioning Services. A remote user can execute arbitrary code on the target system. reference LINKS: SecurityTracker Alert ID: 1027004 Secunia Advisory SA48971 Citrix advisory IMPACT ASSESSMENT: Medium Discussion: A remote user can send a specially crafted packet to trigger an unspecified flaw and execute arbitrary code on the target system. The code will run with the privileges of the target service.

263

T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote Users  

Broader source: Energy.gov (indexed) [DOE]

41: Citrix Provisioning Services Unspecified Flaw Let's Remote 41: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code T-541: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code January 24, 2011 - 5:34pm Addthis PROBLEM: Citrix Provisioning Services Unspecified Flaw Let's Remote Users Execute Arbitrary Code PLATFORM: * Provisioning Services 5.1 * Provisioning Services 5.6 ABSTRACT: A vulnerability has been identified in Citrix Provisioning Services that could result in arbitrary code execution. This vulnerability can be triggered by an attacker sending a specially crafted packet to the Provisioning Services server. This vulnerability is present in all supported versions of Citrix Provisioning Services up to and including version 5.6. reference LINKS:

264

LET THE SUN SHINE: OPTIMAL DEPLOYMENT OF PHOTOVOLTAICS IN GERMANY  

E-Print Network [OSTI]

LET THE SUN SHINE: OPTIMAL DEPLOYMENT OF PHOTOVOLTAICS IN GERMANY Anna CRETI Jérôme JOAUG Cahier n:chantal.poujouly@polytechnique.edu hal-00751743,version1-14Nov2012 #12;Let the sun shine: optimal deployment of photovoltaics in Germany-in tari¤s to foster the di¤usion of photovoltaics is recently being rediscussed in several countries

Paris-Sud XI, Université de

265

Simulation of Turbulent Flow Inside and Above Wind Farms: Model Validation and Layout Effects  

Science Journals Connector (OSTI)

A recently-developed large-eddy simulation framework is validated and used to investigate turbulent flow within and above wind farms under neutral conditions. Two different layouts are considered, consisting of t...

Yu-Ting Wu; Fernando Porté-Agel

2013-02-01T23:59:59.000Z

266

Study on the general layout of semi-submersible offshore drilling platforms based on process flow  

Science Journals Connector (OSTI)

The general layout of 6th generation semi-submersible drilling platforms is the main factor impacting the efficiency ... a reference for implementation of domestic designs of semi-submersible rigs.

Ji-xiang Yue ???; Yao-guang Qi ???…

2009-06-01T23:59:59.000Z

267

Concurrent design of facility layout and flow-based department formation  

E-Print Network [OSTI]

of their similarities in manufacturing and design [30]. The department may be formed based on the product family, the process, or a combination of both, and the part-machine incidence matrix is traditionally used to form the department. The fractal layout [31, 32... be placed randomly throughout the manufacturing facility with no speci?c department boundary, while the product family and fractal layout assume that the number of departments and the maximum number of machines assigned to each department are known...

Chae, Junjae

2005-02-17T23:59:59.000Z

268

T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain...  

Energy Savers [EERE]

Chain Validation Flaw Lets Certain Remote Users Access or Modify SSLTLS Sessions T-676: Apple iOS Certificate Chain Validation Flaw Lets Certain Remote Users Access or...

269

T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users...  

Office of Environmental Management (EM)

727:Microsoft Windows SSLTLS Protocol Flaw Lets Remote Users Decryption Sessions T-727:Microsoft Windows SSLTLS Protocol Flaw Lets Remote Users Decryption Sessions September 27,...

270

T-635: Cisco AnyConnect Secure Mobility Client Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

Client Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges T-635: Cisco AnyConnect Secure Mobility Client Lets Remote Users Execute Arbitrary Code...

271

T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary...  

Broader source: Energy.gov (indexed) [DOE]

Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct...

272

T-719:Apache mod_proxy_ajp HTTP Processing Error Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

719:Apache modproxyajp HTTP Processing Error Lets Remote Users Deny Service T-719:Apache modproxyajp HTTP Processing Error Lets Remote Users Deny Service September 16, 2011 -...

273

V-027: Adobe InDesign Server SOAP Interface Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

Code U-131: Adobe Photoshop TIFF Image Heap Overflow Lets Remote Users Execute Arbitrary Code U-166: Adobe Shockwave Player Memory Corruption Flaws Let Remote Users Execute...

274

Control of the chinch bug, Blissus leucopterous (say) on corn and grain sorghum  

E-Print Network [OSTI]

) ~ Painter et ~a. (19$$) azui SnellinS, azzi ~ (ling'p), ore mn~ ztuymoekeC bg other meieOLes an@ strains oF oem. 'tests moro ccn8uctcS Surinam lg6$-3. 966 to evaluate the toxicity cf s~2. imscotici@cs to thc chinch bug. both in the laboratory exxon...

Todd, Larry Leland

2012-06-07T23:59:59.000Z

275

Static Detection of API Error-Handling Bugs via Mining Source Code  

E-Print Network [OSTI]

Static Detection of API Error-Handling Bugs via Mining Source Code Mithun Acharya and Tao Xie}@csc.ncsu.edu Abstract Incorrect handling of errors incurred after API invoca- tions (in short, API errors) can lead to security and robust- ness problems, two primary threats to software reliability. Correct handling of API

Young, R. Michael

276

V-163: Red Hat Network Satellite Server Inter-Satellite Sync...  

Broader source: Energy.gov (indexed) [DOE]

Apache modproxymodrewrite Bug Lets Remote Users Access Internal Servers U-047: Siemens Automation License Manager Bugs Let Remote Users Deny Service or Execute Arbitrary Code...

277

RIS-M-2308 HIGH-LET DOSE-RESPONSE CHARACTERISTICS DESCRIBED BY TRACK  

E-Print Network [OSTI]

DOSEMETERS. CYANIDES, DOSE-RE- SPONSE RELATIONSHIPS, DYES, IONIZING RADIATIONS. LET. PARTICLE TRACKS by Katz and co- workers ascribes the effect of high-LET radiation to the highly inhomogeneous dose irradiation is used as a reference low-LET radiation, while high-LET radiation ranging from 16 MeV protons

278

V-220: Juniper Security Threat Response Manager Lets Remote Authenticated  

Broader source: Energy.gov (indexed) [DOE]

0: Juniper Security Threat Response Manager Lets Remote 0: Juniper Security Threat Response Manager Lets Remote Authenticated Users Execute Arbitrary Commands V-220: Juniper Security Threat Response Manager Lets Remote Authenticated Users Execute Arbitrary Commands August 17, 2013 - 4:01am Addthis PROBLEM: A remote authenticated user can execute arbitrary commands on the target system. PLATFORM: 2010.0, 2012.0, 2012.1, 2013.1 ABSTRACT: A vulnerability was reported in Juniper Security Threat Response Manager (STRM) REFERENCE LINKS: SecurityTracker Alert ID: 1028921 CVE-2013-2970 IMPACT ASSESSMENT: High DISCUSSION: A remote authenticated user can inject commands to execute arbitrary operating system commands with the privileges of the target web service. This can be exploited to gain shell access on the target device.

279

Solar Decathlon 2013: Let the Building Begin | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Solar Decathlon 2013: Let the Building Begin Solar Decathlon 2013: Let the Building Begin Solar Decathlon 2013: Let the Building Begin September 30, 2013 - 10:45am Addthis Day 7 Construction 1 of 22 Day 7 Construction During the 7th day of construction, the Solar Decathlon village has started to take shape. The houses open to the public on October 3, 2013 at 11 am. Image: Stefano Paltera, Energy Department Day 7 Construction 2 of 22 Day 7 Construction The University of North Carolina at Charlotte team members assemble their Solar Decathlon entry. Image: Eric Grigorian, Energy Department Day 7 Construction 3 of 22 Day 7 Construction Kevin Davis, of West Virginia University, fills his house's water tank while team members discuss a potential problem. Water was delivered to all team houses today. Image: Amy Vaughn, Energy Department

280

Low Dose Radiation Research Program: Low-LET Microdosimetry Calculations  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Low-LET Microdosimetry Calculations Low-LET Microdosimetry Calculations Authors: W.E. Wilson, J.H. Miller, D.J. Lynch, R.R. Lewis and M. Batdorf Institutions: Washington State University, Richland, WA, USA Liquid Model Calculations of low-linear-transfer (LET) microdosimetry have been extended to condensed phase by introducing new modules into the PITS code suite. Probability tables for inelastic interactions are constructed using the Dingfelder-GSF model for liquid-water cross-sections. Dingfelder et al. 1 re-evaluated low-energy electron interactions in liquid water in terms of five excitation and five ionization channels, and without assuming any collective interactions (plasmons). We use Dingfelder’s algorithms to calculate differential energy-loss distributions for the ten channels; by

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

Solar Decathlon 2013: Let the Building Begin | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Let the Building Begin Let the Building Begin Solar Decathlon 2013: Let the Building Begin Addthis Day 7 Construction 1 of 22 Day 7 Construction During the 7th day of construction, the Solar Decathlon village has started to take shape. The houses open to the public on October 3, 2013 at 11 am. Image: Stefano Paltera, Energy Department Day 7 Construction 2 of 22 Day 7 Construction The University of North Carolina at Charlotte team members assemble their Solar Decathlon entry. Image: Eric Grigorian, Energy Department Day 7 Construction 3 of 22 Day 7 Construction Kevin Davis, of West Virginia University, fills his house's water tank while team members discuss a potential problem. Water was delivered to all team houses today. Image: Amy Vaughn, Energy Department Day 6 Construction 4 of 22 Day 6 Construction

282

U-021: Cisco Unified Communications Manager Directory Traversal Flaw Lets  

Broader source: Energy.gov (indexed) [DOE]

1: Cisco Unified Communications Manager Directory Traversal 1: Cisco Unified Communications Manager Directory Traversal Flaw Lets Remote Users Obtain Files U-021: Cisco Unified Communications Manager Directory Traversal Flaw Lets Remote Users Obtain Files October 27, 2011 - 7:45am Addthis PROBLEM: Cisco Unified Communications Manager Directory Traversal Flaw Lets Remote Users Obtain Files. PLATFORM: Cisco Unified Communications Manager 6.x, 7.x and 8.x ABSTRACT: A vulnerability was reported in Cisco Unified Communications Manager. reference LINKS: Cisco Advisory ID: cisco-sa-20111026-cucm Cisco Security Advisories and Response SecurityTracker Alert ID: 1026243 CVE-2011-3315 IMPACT ASSESSMENT: Medium Discussion: A remote user can view files on the target system. The software does not properly validate user-supplied input. A remote user can supply a specially

283

Solar Decathlon 2013: Let the Building Begin | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

Solar Decathlon 2013: Let the Building Begin Solar Decathlon 2013: Let the Building Begin Solar Decathlon 2013: Let the Building Begin September 30, 2013 - 10:45am Addthis Day 7 Construction 1 of 22 Day 7 Construction During the 7th day of construction, the Solar Decathlon village has started to take shape. The houses open to the public on October 3, 2013 at 11 am. Image: Stefano Paltera, Energy Department Day 7 Construction 2 of 22 Day 7 Construction The University of North Carolina at Charlotte team members assemble their Solar Decathlon entry. Image: Eric Grigorian, Energy Department Day 7 Construction 3 of 22 Day 7 Construction Kevin Davis, of West Virginia University, fills his house's water tank while team members discuss a potential problem. Water was delivered to all team houses today. Image: Amy Vaughn, Energy Department

284

ADORE: Alternative detector layout optimization for ROP system of CANDU reactors  

Science Journals Connector (OSTI)

In CANDU® reactor design, the regional overpower protection (ROP) systems protect the reactor against overpower in the fuel which could reduce the safety margin-to-dryout. Specifically for the CANDU® 600 MW (CANDU 6) design, there are two ROP systems in the core, one for each fast-acting shutdown systems. Each ROP system includes a number of fast-responding, self-powered flux detectors suitably distributed throughout the core within vertical and horizontal assemblies. The placement of these ROP detectors is a challenging discrete optimization problem. The DLO (detector layout optimization) module of ROVER-F code was used to design the existing ROP detector layout of CANDU 6 reactors. In the past couple of years, a new methodology for designing the detector layout for the ROP system, called DETPLASA algorithm, has been developed. This method utilizes the simulated annealing (SA) technique to optimize the placement of the detectors in the core. This algorithm was developed to overcome the shortcoming of DLO method to produce a detector layout configuration when the size of the problem is large. An alternative method has been recently developed for solving the ROP detector placement problem. This method is called ADORE (Alternative Detector layout Optimization for \\{REgional\\} overpower protection system). Although technically any stochastic optimization technique can be utilized, presently this method utilizes the SA technique as its optimization engine. This paper presents an overview of ADORE methodology and provides some numerical results from its execution.

Doddy Y.F. Kastanya

2011-01-01T23:59:59.000Z

285

Pumping Lemma for Regular Sets: Let D = (Q, , , q0, F) be a DFA.  

E-Print Network [OSTI]

Pumping Lemma for Regular Sets: Let D = (Q, , , q0, F) be a DFA. Let n = |Q|. Let w L(D) s.t. |w(D)) Pumping Lemma for Regular Sets #12;proof: Let w L(D), |w| n, w = w1, w2, . . . , wn · u w = w1 w2 w3, 2, . . . Pumping Lemma for Regular Sets #12;Pumping Lemma for Regular Sets: Let D = (Q, , , q0, F

Immerman, Neil

286

C:\MYDOCS\FBSS-M~1\HATTIE\LAYOUT94.TXT  

U.S. Energy Information Administration (EIA) Indexed Site

1993 Federal Buildings Supplemental Survey 1993 Federal Buildings Supplemental Survey Survey Data File Documentation Energy Information Administration August 1997 Overview of Survey Data File Documentation This document contains only the file layouts and variable codes for use with the 1993 Public Use files. For information on the FBSS and the organization and use of these files, please go to http://www/eia.doe.gov/emeu/cbecs/contents.html and click on: "1993 Micro-Data Files." Layout of Data Files A file layout is provided here for each of the 22 files. Column 1 is the variable name that is found in the files; column 2 is a brief description of the variable; column 3 is the variable position on the files.

287

Microsoft Word - BUGS_The Next Smart Grid Peak Resource Final 4_19.docx  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

April 15, 2010 April 15, 2010 DOE/NETL-2010/1406 Backup Generators (BUGS): The Next Smart Grid Peak Resource Backup Generators (BUGS): The Next Smart Grid Peak Resource v1.0 ii DISCLAIMER This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference therein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or

288

A new method for the design of the heliostat field layout for solar tower power plant  

Science Journals Connector (OSTI)

A new method for the design of the heliostat field layout for solar tower power plant is proposed. In the new method, the heliostat boundary is constrained by the receiver geometrical aperture and the efficiency factor which is the product of the annual cosine efficiency and the annual atmospheric transmission efficiency of heliostat. With the new method, the annual interception efficiency does not need to be calculated when places the heliostats, therefore the total time of design and optimization is saved significantly. Based on the new method, a new code for heliostat field layout design (HFLD) has been developed and a new heliostat field layout for the PS10 plant at the PS10 location has been designed by using the new code. Compared with current PS10 layout, the new designed heliostats have the same optical efficiency but with a faster response speed. In addition, to evaluate the feasibility of crops growth on the field land under heliostats, a new calculation method for the annual sunshine duration on the land surface is proposed as well.

Xiudong Wei; Zhenwu Lu; Zhifeng Wang; Weixing Yu; Hongxing Zhang; Zhihao Yao

2010-01-01T23:59:59.000Z

289

Linear Regression and Random Forests for Layer Identification in IC Layout Reverse-Engineering  

E-Print Network [OSTI]

050 051 052 053 Linear Regression and Random Forests for Layer Identification in IC Layout Reverse in the process; the bulk of the work consists of tracing from the die images the regions which form components, resistors, and capacitors. The common types of layers are the bulk (substrate, i.e. the base silicon

de Freitas, Nando

290

Design and Layout of Schottky Diodes in a Standard CMOS Process Ben Rivera1  

E-Print Network [OSTI]

semiconductor is the anode and the semiconductor material, contacted through an ohmic contact, is the cathode a layout design solution. To increase the frequency and active range of the diode, reducing the series. When the two materials are brought into contact with each other the difference in potential gives rise

Baker, R. Jacob

291

A Mathematical Programming Model for Optimal Layout Considering Quantitative Risk Analysis  

E-Print Network [OSTI]

, Departamento de IngenierĂ­a QuĂ­mica, Celaya, Gto 38010 MĂ©xico 2 Carnegie Mellon University, Chemical Engineering). #12;The Center for Chemical Process Safety (CCPS) has published guidelines for facility siting model for safe process layout considering three possible hazardous incidents in an ethylene oxide plant

Grossmann, Ignacio E.

292

Design of wind farm layout for maximum wind energy capture Andrew Kusiak*, Zhe Song  

E-Print Network [OSTI]

Design of wind farm layout for maximum wind energy capture Andrew Kusiak*, Zhe Song Intelligent sources of alternative energy. The construction of wind farms is destined to grow in the U.S., possibly twenty-fold by the year 2030. To maximize the wind energy capture, this paper presents a model for wind

Kusiak, Andrew

293

Data Layout Transformation Exploiting Memory-Level Parallelism in Structured Grid Many-Core Applications  

E-Print Network [OSTI]

using a dense, regular grid as the primary data structure. Fluid dynamics and heat distribution, which general than a fixed stencil. Examples of structured grid applications include fluid dy- namics and heatData Layout Transformation Exploiting Memory-Level Parallelism in Structured Grid Many

Hwu, Wen-mei W.

294

Wireless Cloud Networks for the Factory of Things: Connectivity Modeling and Layout Design  

E-Print Network [OSTI]

measurements in an oil refinery site (modelled by 3D CAD) using industry standard ISA IEC 62734 devices operating at 2.4GHz. A graph-theoretic approach to node deployment is discussed by focusing on practical network architecture. Field device (FD) layout over 3D-CAD model of the plant (oil refinery site). Bottom

Savazzi, Stefano

295

T-703: Cisco Unified Communications Manager Open Query Interface Lets  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

703: Cisco Unified Communications Manager Open Query Interface 703: Cisco Unified Communications Manager Open Query Interface Lets Remote Users Obtain Database Contents T-703: Cisco Unified Communications Manager Open Query Interface Lets Remote Users Obtain Database Contents August 26, 2011 - 3:45pm Addthis PROBLEM: A vulnerability was reported in Cisco Unified Communications Manager. A remote user can obtain database contents PLATFORM: Cisco Unified Communications Manager 6.x, 7.x, 8.0, 8.5 ABSTRACT: A remote user can obtain database contents, including authentication credentials. reference LINKS: SecurityTracker Alert ID: 1025971 Cisco Document ID: 113190 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Cisco Unified Communications Manager. A remote user can obtain database contents. A remote user can access an open

296

Argonne CNM Highlight: Let a Virus Do All the Work  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Let a Virus Do All the Work Let a Virus Do All the Work Developing an efficient method to fabricate nanoscale building blocks and organize them into functional architectures is the key to nanoscience and nanotechnology. As a result of millions years of evolution, biological systems can provide spatially defined host systems that can be used as templates for uniform fabrication of structured materials with different length scales. Viruses, in this regard, exemplify an extraordinarily organized nano-architecture: they are complex molecular biosystems in which nucleic acid strands are confined within a nano-size compartment (capsid). This project engages the use of an emptied ligand-displayed phage virus as a template to synthesize magnetic nanoparticles. Benefiting from the phage display technology, the particle generated inside the hollow phage has integrated biorecognition elements with high affinity and specificity for selected target molecules. In addition, the size and shape of the magnetic particles can be highly regulated by molecularly engineering virus capsid.

297

T-621: Citrix XenServer Lets Local Administrative Users on the...  

Broader source: Energy.gov (indexed) [DOE]

1: Citrix XenServer Lets Local Administrative Users on the Guest OS Deny Service T-621: Citrix XenServer Lets Local Administrative Users on the Guest OS Deny Service May 12, 2011 -...

298

T-669: Linux Kernel GFS2 Allocation Error Lets Local Users Deny...  

Broader source: Energy.gov (indexed) [DOE]

69: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service T-669: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service July 15, 2011 - 2:14am Addthis PROBLEM:...

299

T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

36: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls...

300

T-601: Windows Kernel win32k.sys Lets Local Users Gain Elevated...  

Broader source: Energy.gov (indexed) [DOE]

01: Windows Kernel win32k.sys Lets Local Users Gain Elevated Privileges T-601: Windows Kernel win32k.sys Lets Local Users Gain Elevated Privileges April 13, 2011 - 5:12am Addthis...

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

T-648: Avaya IP Office Manager TFTP Server Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

48: Avaya IP Office Manager TFTP Server Lets Remote Users Traverse the Directory T-648: Avaya IP Office Manager TFTP Server Lets Remote Users Traverse the Directory June 16, 2011 -...

302

T-692: VMware vFabric tc Server Lets Remote Users Login Using...  

Broader source: Energy.gov (indexed) [DOE]

2: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated Passwords T-692: VMware vFabric tc Server Lets Remote Users Login Using Obfuscated Passwords August 12, 2011 -...

303

T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets...  

Energy Savers [EERE]

T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute...

304

V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute...  

Broader source: Energy.gov (indexed) [DOE]

2: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code April 25, 2013 - 12:14am...

305

V-104: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code...  

Broader source: Energy.gov (indexed) [DOE]

Code V-104: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code March 5, 2013 - 12:53am Addthis PROBLEM: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code...

306

U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof...  

Broader source: Energy.gov (indexed) [DOE]

39: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses August 20,...

307

T-684: Apple QuickTime Buffer Overflows Let Remote Users Execute...  

Broader source: Energy.gov (indexed) [DOE]

84: Apple QuickTime Buffer Overflows Let Remote Users Execute Arbitrary Code T-684: Apple QuickTime Buffer Overflows Let Remote Users Execute Arbitrary Code August 4, 2011 - 3:33pm...

308

V-194: Citrix XenServer Memory Management Error Lets Local Administrat...  

Broader source: Energy.gov (indexed) [DOE]

4: Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host V-194: Citrix XenServer Memory Management Error Lets Local...

309

U-064: Adobe Acrobat/Reader PRC Memory Corruption Error Lets...  

Broader source: Energy.gov (indexed) [DOE]

4: Adobe AcrobatReader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code U-064: Adobe AcrobatReader PRC Memory Corruption Error Lets Remote Users Execute...

310

Pumping Lemma for Regular Sets: Let D = (Q, , , q0, F) be a DFA.  

E-Print Network [OSTI]

Pumping Lemma for Regular Sets: Let D = (Q, , , q0, F) be a DFA. Let n = |Q|. Let w L(D) s.t. |w: Pumping Lemma CS250: Discrete Math for Computer Science #12;proof: Let w L(D), |w| n, w = w1, w2 F Thus, xykz L(D) for k = 0, 1, 2, . . . L30: Pumping Lemma CS250: Discrete Math for Computer

Massachusetts at Amherst, University of

311

Threshold LET for SEU induced by low energy ions  

SciTech Connect (OSTI)

Simulations to determine the threshold LET as a function of the length of the ion track are consistent with there being two regions of charge collection. In the top layer which contains the depletion region all the charge generated is collected in time to upset the device. In the next layer, 10% to 20% of the charge generated is collected and contributes to upsetting the device. This second layer of partial charge collection may significantly impact the accuracy of SEU predictions involving low-energy neutrons and protons. A simple method of including this contribution in calculations is proposed.

McNulty, P.J.; Roche, P.; Palau, J.M.; Gasiot, J.

1999-12-01T23:59:59.000Z

312

U-082: McAfee SaaS 'myCIOScn.dll' ActiveX Control Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

Lets Remote Users Execute Arbitrary Code January 17, 2012 - 1:00pm Addthis PROBLEM: PHP Null Pointer Dereference in zendstrndup() Lets Local Users Deny Service PLATFORM: PHP...

313

Process-circuit and layout solutions for steam-turbine units and performance efficiency of thermal power plants  

Science Journals Connector (OSTI)

Criteria for evaluating process-circuit and layout solutions adopted in designing steam-turbine units are presented together with their values for a number of steam-turbine units produced by the Ural Turbine Work...

A. A. Gol’dberg; T. L. Shibaev

2014-12-01T23:59:59.000Z

314

Abstract-The ALICE trigger system is situated in the experimental cavern and has a centralized layout: the Central  

E-Print Network [OSTI]

Abstract- The ALICE trigger system is situated in the experimental cavern and has a centralized. Layout of the ALICE CTP in the experimental cavern The ALICE Central Trigger System D. Evans1 , S. Fedor2

Birmingham, University of

315

1. Jordan Lemma Let R0 be a positive number and a a real number with |a| < R0. Let  

E-Print Network [OSTI]

= R -(R) (R) e-mR sin f(Rei ) d R max z R |f(z)| -(R) (R) e-mR sin d R max z R |f(z)| 0 e-mR sin d = 2R max z R |f(z)| 2 0 e-mR sin d. Now we use the following simple lemma. 1.2. Lemma. Let [0 e- 2mR 2 0 = 2mR 1 - e-mR 2mR . Combining this with the above we get R eimz f(z) dz m max z

Milicic, Dragan

316

Year of Biodiversity Podcast Welcome to Bug Bytes, a bimonthly podcast from Texas A&M University's  

E-Print Network [OSTI]

are affected. Biodiversity encompasses humans, plants, animals, fungi, bacteria, food, and water at the scale that we don't! Join us on this excursion as we learn from the bugs that share in every aspect of our lives the human element, the diversity of cultures and how we impact the world around us. How, in turn we

Behmer, Spencer T.

317

Frostbite Theater - Liquid Nitrogen Experiments - Let's Pour Liquid  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Shattering Flowers! Shattering Flowers! Previous Video (Shattering Flowers!) Frostbite Theater Main Index Next Video (Giant Koosh Ball!) Giant Koosh Ball! Let's Pour Liquid Nitrogen on the Floor! Liquid nitrogen?! On the floor?! Who's going to clean that mess up?! See what really happens when one of the world's most beloved cryogenic liquids comes into contact with a room temperature floor. [ Show Transcript ] Announcer: Frostbite Theater presents... Cold Cuts! No baloney! Joanna and Steve: Just science! Joanna: Hi! I'm Joanna! Steve: And I'm Steve! Joanna: From time to time, we spill a little liquid nitrogen! The reaction we sometimes get is.... Shannon: Did they just pour LIQUID NITROGEN on the FLOOR?!?! Joanna: Yes. Yes we did. Steve: One thing people seem to have a problem with is the mess that liquid

318

Frostbite Theater - Liquid Nitrogen Experiments - Let's Freeze Liquid  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Shattering Pennies! Shattering Pennies! Previous Video (Shattering Pennies!) Frostbite Theater Main Index Next Video (Liquid Nitrogen in a Microwave!) Liquid Nitrogen in a Microwave! Let's Freeze Liquid Nitrogen! By removing the hottest molecules, we're able to freeze liquid nitrogen! [ Show Transcript ] Announcer: Frostbite Theater presents... Cold Cuts! No baloney! Joanna and Steve: Just science! Joanna: Hi! I'm Joanna! Steve: And I'm Steve! Joanna: Today, we're going to freeze liquid nitrogen! Joanna and Steve: Yeah! Joanna: The obvious way to do this is to put the liquid nitrogen into something colder. Something that we have lots of around here! Something like... liquid helium! Steve: Yes! Joanna: Yeah, but we're not going to do that. Instead, we're going to freeze the nitrogen by removing the hottest molecules!

319

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

Southeastern Power Administration Southeastern Power Administration Annual Report 2012 Hartwell Dam 50th Anniversary 2 0 1 2 A N N U A L R E P O R T S O U T H E A S T E R N P O W E R A D M I N I S T R A T I O N 2 Fast Facts ....................................................................................................................2 Letter to the Secretary ..............................................................................................3 Human Capital Initiatives ......................................................................................4 Strategic Plan 2012 - 2015.........................................................................................4 ePerformance Implementation ...............................................................................4 Information Management........................................................................................4

320

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

ANNUAL REPORT 2007 SEPA ANNUAL REPORT Contents Fast Facts ..........................................................................................2 Letter to the Secretary .......................................................................3 Marketing Area .................................................................................4 Customer Funding.............................................................................5 Energy Efficiency and Renewable Energy Program ..............................6 Drought Conditions in the Southeast ..................................................6 Energy Policy Act - Section 1834 Study ..............................................6 Cumberland System Dam Safety Issues ..............................................7 Cyber and Physical Security...............................................................7

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Energy Technology Laboratory's Native American Initiative seeks to stimulate economic development Energy Technology Laboratory's Native American Initiative seeks to stimulate economic development and increase oil and natural gas production on American Indian lands while protecting the environment. The pro- gram supports the development and application of innovative petroleum technologies, and promotes government- to-government relationships and tribal partnerships with industry and academia-resulting in increased revenues and educational benefits for tribal members. Some 13 million barrels of oil and 300 billion cubic feet of natural gas were produced on American Indian lands in 2002, generating $183 million for tribes and allottees. However, potential revenue is far greater. If only a fraction of the estimated 890 million barrels of oil and 5.6 trillion cubic feet of gas on American Indian lands were produced,

322

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Few stop to consider the consequences Few stop to consider the consequences of their daily ablutions, the washing of clothes, the watering of lawns, and the flush of a toilet. However, wastewater treatment-one of the cornerstones of modern civilization-is inside this issue 2. Finishers Convene in NM Spot Awards 3. Termites in Costa Rica 4. Profile: Erika Lindquist 5. Plant Pathogens Decoded OPA Recipients 6. Young Investigator Winner 8. Spotlight on Safety 9. Hazards of Being a Microbiologist 10. All About Webfeeds 11. Eukaryotic Finishing at Stanford 12. Symbiotic Tree Fungus 17. New CSP Targets 19. Pichia stipitis 20. Aspergillus niger PRIMER the October 2006 Volume 3 Issue 2 First Tree Genome Is Published: Poplar Holds Promise as Renewable Bioenergy Resource Wood from a common tree may one day figure prominently in meeting trans-

323

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

32 32 0163-6804/11/$25.00 © 2011 IEEE INTRODUCTION A grid network is a collection of geographical- ly distributed resources, such as storage clus- ters, supercomputers, and scientific equipment, that are accessible to users over a network. Examples of e-Science grids include the Large Hadron Collider Computing Grid Project, the Biomedical Informatics Research Network, and the George E. Brown Network for Earthquake Engineering and Simulation. These networks typically deal with the trans- fer of large amounts of data in the terabytes and petabytes range. When the grid resources are connected by application-configurable optical paths (e.g., on an optical wavelength- routed network), the grid can be considered a LambdaGrid [1]. Optical wavelength-routed wavelength-divi-

324

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

ANNUAL ANNUAL REPORT SOUTHEASTERN POWER ADMINISTRATION 1 2010 SEPA ANNUAL REPORT Fast Facts ....................................................................................................................2 Letter to the Secretary ..............................................................................................3 Customer Funding....................................................................................................4 Cumberland System Dam Safety Issues................................................................5 Human Capital Initiatives .......................................................................................5 Contract Negotiations ..............................................................................................5 Energy Efficiency

325

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Hurricanes Hurricanes are strong storms that cause life- and property- threatening hazards such as flooding, storm surge, high winds and tornadoes. Preparation is the best protection against the dangers of a hurricane. Know the Difference Hurricane Watch-Hurricane conditions are a threat within 48 hours. Review your hurricane plans, keep informed and be ready to act if a warning is issued. Hurricane Warning-Hurricane conditions are expected within 36 hours. Complete your storm preparations and leave the area if directed to do so by authorities. J Listen to a NOAA Weather Radio for critical information from the National Weather Service (NWS). J Check your disaster supplies and replace or restock as needed. J Bring in anything that can be picked up by the wind (bicycles, lawn furniture). J Close windows, doors and hurricane shutters. If you do not have hurricane shutters, close and board up all

326

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

N N NOTICE OTICE In the first instance, an employee was using a floor- mounted abrasive cut-off wheel saw to remove bolts extending past a plate's surface when the wheel shat- tered. The employee's right thumb was impacted, break- ing the thumbnail, splitting open the skin, and shattering the thumb's end bone. Use of a hand-held, angle-head cutting wheel tool, or making a jig to hold the plate in place would have prevented this injury. In the second case, an employee was using a pneu- matic crimping tool. The open end of the tool's jaws was not guarded. The injury occurred when the tip of the employee's right-hand little finger was in the wrong place at the wrong time and the tool's jaws shut on the finger- tip. This resulted in the fingernail being cut through, an open cut on the bottom of the fingertip, and a chipped end bone. The injury would have been avoided had the open jaws been guarded. Unfortunately,

327

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

HE HE MISSION of Southeastern Power Administration is to market and deliver federal hydroelectric power at the lowest possible cost to public bodies and cooperatives in the southeastern United States. Southeastern will excel in an evolving energy market by maintaining a well-trained, flexible workforce in an open, rewarding and safe environment. Marketing Area: Alabama, Florida, Georgia, Illinois, Kentucky, Mississippi, North Carolina, South Carolina, Tennessee, Virginia, and West Virginia Customers: Electric Cooperatives .......................................... 198 Public Bodies ........................................................ 290 Investor-Owned Utilities ........................................1 Total..................................................................

328

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

This This page intentionally left blank. OCTOBER 1, 2010 - MARCH 31, 2011 1 SEMIANNUAL REPORT TO CONGRESS Table of Contents Message from the Inspector General . . . . . . . . . . . . . . . . . . . . . . . . . 2 Key Accomplishments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Implementation of the American Recovery and Reinvestment Act of 2009 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Other Significant Audits, Inspections, and Reviews . . . . . . . . . . . . 13 Investigative Outcomes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Positive Outcomes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Highlights Based on Office of Inspector General Work . . . . . . . . . . . . . . . . 29 Congressional Responses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Legislative and Regulatory Reviews . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Hotline System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Qui Tams . . . . . . . . . . . . . . . .

329

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

October 2010 October 2010 Issue #5 COMMERCIAL MOTOR VEHICLE ROADSIDE TECHNOLOGY CORRIDOR Federal Motor Carrier Safety Administration Office of Analysis, Research, and Technology CMV Technologies Showcased in Tennessee The second triennial Fed- eral Motor Carrier Safety Ad- ministration (FMCSA) Commercial Motor Vehicle (CMV) Safety Technology Showcase was conducted within FMCSA's Commercial Motor Vehicle Roadside Tech- nology Corridor (CMVRTC) at the Greene County, Ten- nessee, CMV Inspection sta- tion on October 14, 2010. The event was conducted in part- nership with Oak Ridge Na- tional Laboratory (ORNL), which facilitated the event, and the Tennessee Department of Transportation, Tennessee Department of Safety, and the University of Tennessee. FMCSA Administrator Anne S. Ferro was among

330

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

22 22 0163-6804/11/$25.00 © 2011 IEEE INTRODUCTION Emerging paradigms for next-generation net- work architectures revolve around the notion of the network as a heterogeneous "multilayer, multitechnology" construct over which multiple "services" can be provided. These services include traditional IP-routed services as well as native access services from lower layers based on technologies such as multiprotocol label switch- ing (MPLS), Ethernet, Ethernet provider back- bone bridge (PBB), synchronous optical networking (SONET)/synchronous digital hierar- chy (SDH), next-generation SONET/SDH, and wavelength-division multiplexing (WDM). It is envisioned that such direct access to and control of lower layers will enable advanced traffic engi- neering of IP routed networks, along with the

331

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

COMMERCIAL MOTOR VEHICLE COMMERCIAL MOTOR VEHICLE ROADSIDE TECHNOLOGY CORRIDOR October 2009 Issue !4 Federal Motor Carrier Safety Administration Office of Analysis, Research, and Technology "In about 96 percent of cases there was not a statistically significant degradation of the brakes during the FOT." (Page 1) "Nearly 64 percent of vehicles flagged by SIRIS were placed OOS, and fully 77 percent were found to exhibit one or more safety flaws." (Page 3) Brake Wear and Performance FOT The Oak Ridge National Laboratory com- pleted the Brake Wear and Performance Test (BWPT) field operation test (FOT) and data analysis in September 2009. This effort in- cluded assisting the Tennessee Department of Safety (TDOS) in the procurement and installa- tion of a Performance-Based Brake Testing

332

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

JGI, JGI, approaching its eighth year of existence and its sixth of operation at the Production Genomics Facility (PGF) in Walnut Creek, continues to grow-in staff, space requirements and the posi- tive impact our sequencing and science are having on the scientific community. As our influence and distance between our workstations expands, there emerges a need to keep our team bet- ter informed and to cultivate an environ- ment that recognizes our meaningful contributions to this growing concern, hence the creation of The JGI Primer. On the occasion of the maiden voyage of our newsletter, The JGI Primer, I would like to share with you my enthusiasm for my favorite holiday, Halloween. For me and my lab, Halloween has always served as an occasion to bring us together for some big fun.

333

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Liquid-gas cylinder hand trucks similar to the Harper Liquid-gas cylinder hand trucks similar to the Harper Model ULG65050-51 (A) use a spring-loaded hook assembly (B) to engage with the liquid nitrogen Dewar support ring. This provides a positive point of contact allowing the Dewar to be tilted onto the hand truck for transport. Failure of this spring assembly can result in a loss of control, allowing the Dewar to become separated from the hand truck, leading to a very dangerous sit- uation. If the spring is weak such that it fails to fully engage the Dewar, replacement springs can be purchased through welding suppliers using part number HDW- SP-UL650-8 The entire cart assembly can be replaced with a newer model from Harper (model number 650-50-51). A potential replacement is an upright style cart such as the EZ Load 4L for SAFTCART (C). This is a cart

334

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

Fast Facts ............................................................................................2 Letter to the Secretary .........................................................................3 Customer Funding ...............................................................................4 Energy Efficiency and Renewable Energy Program ................................5 Cumberland System Dam Safety Issues ................................................5 Cyber and Physical Security..................................................................6 Drought Conditions in the Southeast ...................................................6 Marketing Objectives...........................................................................7 Marketing Area....................................................................................8

335

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

vi vi This page intentionally left blank. vii Contract and Project Management: Corrective Action Plan JULY 2008 Executive Summary Achieving and maintaining excellence in contract and project management is a top priority for the Department of Energy (DOE). To accomplish this goal, the Department has already implemented a series of significant contract and project management reforms, including the conduct of a root cause analysis (RCA) to identify the major challenges to planning and managing DOE projects. The RCA pinpoints opportunities for improving the Department's management of contracts and projects and is serving as the foundation for developing and implementing corrective measures to improve performance and, ultimately, being removed from the Government Accountability

336

Cleanroom Layout  

Science Journals Connector (OSTI)

Since we now have some understanding of the problems of microcontamination and have acquired some elementary knowledge about how to create basic clean areas, it is time to tackle the problem of how to put togethe...

M. Kozicki; S. Hoenig; P. Robinson

1991-01-01T23:59:59.000Z

337

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Aiken Chamber of Commerce Greater Aiken Chamber of Commerce Appointment Dr. Sandra J. Jordan University of South Carolina Aiken Congressional Appointment Anna G. Loadholt...

338

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

& Nuclear Fuels Materials SPOTLIGHT Idaho National Laboratory P.O. Box 1625 Mailstop 3878 Idaho Falls, ID 83415-3878 INLNFMSpotlight@inl.gov Tel: 208-526-9549 Fax: 208-526-2930...

339

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Chancellor's Distinguished Lectureship Series Nanotechnology: Thinking Small or Small Thinking? Chad Mirkin Northwestern University Director of Institute for Nanotechnology...

340

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

SCIENCE 2010 RESEARCh ANd ENgINEERINg hIghLIghtS fRoM thE AdvANCEd PhotoN SouRCE At ARgoNNE NAtIoNAL LAboRAtoRy ANL-1035 ISSN 1931-5007 May 2011 ANL-1035 ISSN 1931-5007 May 2011...

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Advancing Science by Accelerating Science Access Delivering smart, global search technologies to speed discovery U.S. Department of Energy Office of Science Office of Scientific...

342

SQE Layout  

National Nuclear Security Administration (NNSA)

Carolyn MS-A105 ALDNW 1 McCoy, Don MS-F652 NW-SC 1 McKinney, Gregg MS-F663 X-5 1 Mercer-Smith, Jas MS-A105 ALDNW 1 Miller, Charlie MS-F652 NW-SC 1 Morrison, John MS-B260 CIC-DO 1...

343

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

14 14 0163-6804/11/$25.00 © 2011 IEEE 1 See the reports collected at http://www.es.net/ requirements.html 2 See "National Lab" and "User Facilities" tabs at http://www.sc.doe.gov/ INTRODUCTION Across a number of scientific disciplines, users are demanding more network capabilities, including higher network end-to-end throughput, guaranteed bandwidth, and quality of service, in order to collaborate and share large amounts of data around the globe. In many fields, scientific discovery is now directly related to the amount of data that can be shared, accessed, and pro- cessed collaboratively. Our understanding of the requirements of modern science for network services has emerged from detailed discussions with researchers 1 about how their analysis and simu-

344

Layout 1  

Broader source: Energy.gov (indexed) [DOE]

s s o u t h e a s t e r n p o w e r a d m i n i s t r a t i o n 2011 a n n u a l r e p o r t 2 s o u t h e a s t e r n p o w e r a d m i n i s t r a t i o n 2 0 1 1 a n n u a l r e p o r t Fast Facts ....................................................................................................................2 Letter to the Secretary ..............................................................................................3 Human Capital .........................................................................................................4 Information Management .......................................................................................4 Energy Efficiency and Renewable Energy ............................................................4 Customer Funding....................................................................................................5

345

Layout 1  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

* BUS: Make sure she knows where and when to be picked up before and after school * BICYCLE: Review road safety and make sure he has a helmet * ON FOOT: Walk the route together...

346

V-010: 3Com, HP, and H3C Switches SNMP Configuration Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

The vendor has issued a fix for some affected products. Addthis Related Articles U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive...

347

U-131: Adobe Photoshop TIFF Image Heap Overflow Lets Remote Users...  

Broader source: Energy.gov (indexed) [DOE]

time of this entry. Addthis Related Articles U-002:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities U-080: Linux Kernel XFS Heap Overflow May Let Remote Users...

348

State College WWTP Tour 2003 A map of the plant layout is given to visitors  

E-Print Network [OSTI]

the sludge go? Lets see... #12;Sludge first goes to a sludge thickener #12;It looks bad and smells bad, but the supernatent is quite clear. #12;This is the first digestor used to treat the sludge. #12;The second digestor is underground #12;The temperature of the sludge units is kept at about 95oF to enhance fermentation

349

Optical layout and mechanical structure of polarimeter-interferometer system for Experimental Advanced Superconducting Tokamak  

SciTech Connect (OSTI)

A Far-InfaRed (FIR) three-wave POlarimeter-INTerferometer (POINT) system for measurement current density profile and electron density profile is under development for the EAST tokamak. The FIR beams are transmitted from the laser room to the optical tower adjacent to EAST via ?20 m overmoded dielectric waveguide and then divided into 5 horizontal chords. The optical arrangement was designed using ZEMAX, which provides information on the beam spot size and energy distribution throughout the optical system. ZEMAX calculations used to optimize the optical layout design are combined with the mechanical design from CATIA, providing a 3D visualization of the entire POINT system.

Zou, Z. Y.; Liu, H. Q., E-mail: hqliu@ipp.ac.cn; Jie, Y. X.; Wang, Z. X.; Shen, J. S.; An, Z. H.; Yang, Y.; Zeng, L.; Wei, X. C.; Li, G. S.; Zhu, X. [Institute of Plasma Physics, Chinese Academy of Sciences, Hefei, Anhui 230031 (China); Ding, W. X.; Brower, D. L. [Department of Physics and Astronomy, University of California Los Angeles, Los Angeles, California 90095 (United States); Lan, T. [Department of Modern Physics, University of Science and Technology of China, Hefei, Anhui 230026 (China)

2014-11-15T23:59:59.000Z

350

Empirical Performance Model-Driven Data Layout Optimization and Library Call Selection for Tensor Contraction Expressions  

SciTech Connect (OSTI)

Empirical optimizers like ATLAS have been very effective in optimizing computational kernels in libraries. The best choice of parameters such as tile size and degree of loop unrolling is determined by executing different versions of the computation. In contrast, optimizing compilers use a model-driven approach to program transformation. While the model-driven approach of optimizing compilers is generally orders of magnitude faster than ATLAS-like library generators, its effectiveness can be limited by the accuracy of the performance models used. In this paper, we describe an approach where a class of computations is modeled in terms of constituent operations that are empirically measured, thereby allowing modeling of the overall execution time. The performance model with empirically determined cost components is used to perform data layout optimization together with the selection of library calls and layout transformations in the context of the Tensor Contraction Engine, a compiler for a high-level domain-specific language for expressing computational models in quantum chemistry. The effectiveness of the approach is demonstrated through experimental measurements on representative computations from quantum chemistry.

Lu, Qingda; Gao, Xiaoyang; Krishnamoorthy, Sriram; Baumgartner, Gerald; Ramanujam, J.; Sadayappan, Ponnuswamy

2012-03-01T23:59:59.000Z

351

Ultra Heavy Ion LET Determination with Solid State Nuclear Track Detectors  

Science Journals Connector (OSTI)

......Ion LET Determination with Solid State Nuclear Track Detectors C. Domingo C. Baixeras...such particles. If we know the linear energy transfer (LET) of these particles...mission will be exposed. Solid state nuclear track detector stacks can give us information......

C. Domingo; C. Baixeras; F. Fernández; A. Vidal-Quadras

1990-12-01T23:59:59.000Z

352

Design and Realize of the Graphics Platform for LED Lamps’ Layout Based on GDI+ and Dual-Buffer  

Science Journals Connector (OSTI)

Based on the GDI+ class library and dual-buffer technology of .NET framework, the software for LED lamps’ layout is developed. On the basis of determining the scheme of layout platform, the metafile class library model by Composite design-set and the process of calling the LED pixels metafile symbol interface are designed firstly. The design method of realizing the LED pixels metafile visual editing on the drawn LED logical pixel based on GDI+ is analyzed. The dual-buffer technology is used to solve the problem of flicker when fast refreshing. The testing results show that the platform can meet the basic function requirements of engineering application, and realize partial adjust on the process of LED lamps layout without distortion.

Wen Yuanmei; Nie Xinming; Liu Guixiong

2012-01-01T23:59:59.000Z

353

AUGUST 2014 | DALHOUSIE BRAND GUIDE AND TOOL KIT Some of the slide layouts in the Dalhousie PowerPoint template contain text in the  

E-Print Network [OSTI]

AUGUST 2014 | DALHOUSIE BRAND GUIDE AND TOOL KIT Some of the slide layouts in the Dalhousie Power. Navigate to the VIEW tab. 2. Click the SLIDE MASTER button. 3. Choose the fifth thumbnail in the slide GUIDE AND TOOL KIT Some of the slide layouts in the Dalhousie PowerPoint template contain text

Dellaire, Graham

354

A new approach to teaching factory layout using closed-circuit television  

E-Print Network [OSTI]

HNT ~ III. D. Vl&OP". "!'. NT 0! TH'": SYST'i:N ~ ~ ~ c ~ I'V. USING Tll"-' S1ST":N IN FACTOH': LAYOUT Vc BY-PPOBUCTS C!F TH"' S5'STHlf c 31 ~ ~ ~ ~ ~ 38 VI. CONC1USION ~ ~ BIBB IOGHAPHY ~ ~ ~ ~ ~ ~ c ~ ~ c ~ 45 LIST OF' TABLES 1. Table of lnit...- 'coals an&1 sounds t;o his aud1ence. CCTV has b ien used. 1!& many cases as a su?&s&iitui fox an inst;rucbor. n this use, t;he instructor makes a video recol-ding of hi&& lecture. The. tsoo is t:hen "played bac&&" to s u;. el!i;oi 1n the appro...

Britain, Jack Chancellor

2012-06-07T23:59:59.000Z

355

The effects of the RHIC E-lenses magnetic structure layout on the proton beam trajectory  

SciTech Connect (OSTI)

We are designing two electron lenses (E-lens) to compensate for the large beam-beam tune spread from proton-proton interactions at IP6 and IP8 in the Relativistic Heavy Ion Collider (RHIC). They will be installed in RHIC IR10. First, the layout of these two E-lenses is introduced. Then the effects of e-lenses on proton beam are discussed. For example, the transverse fields of the e-lens bending solenoids and the fringe field of the main solenoids will shift the proton beam. For the effects of the e-lens on proton beam trajectory, we calculate the transverse kicks that the proton beam receives in the electron lens via Opera at first. Then, after incorporating the simplified E-lens lattice in the RHIC lattice, we obtain the closed orbit effect with the Simtrack Code.

Gu, X.; Pikin, A.; Luo, Y.; Okamura, M.; Fischer, W.; Gupta, R.; Hock, J.; Raparia, D.

2011-03-28T23:59:59.000Z

356

ATLAS-Experiment Abbildung 48: Monte-Carlo-Simulation eines tt-Ereignisses in einem Layout fur den Inne-  

E-Print Network [OSTI]

ATLAS-Experiment Abbildung 48: Monte-Carlo-Simulation eines t¯t-Ereignisses in einem Layout f¨ur den Inne- ren Detektor des ATLAS-Experiments mit vier Lagen von Silizium-Pixeldetektoren und f¨unf Lagen von Silizium-Streifendetektoren. 82 #12;ATLAS-Experiment ATLAS-Experiment Gruppenleiter: M

357

V-101: McAfee VirusScan Enterprise Lets Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

1: McAfee VirusScan Enterprise Lets Local Users Gain Elevated 1: McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges V-101: McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges February 28, 2013 - 12:05am Addthis PROBLEM: McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges PLATFORM: VSE 8.8 Patch 2 with Access Protection, including Self Protection, turned off ABSTRACT: A vulnerability was reported in McAfee VirusScan Enterprise. REFERENCE LINKS: McAfee Security Bulletins ID: SB10038 SecurityTracker Alert ID: 1028209 IMPACT ASSESSMENT: Medium DISCUSSION: When Access Protection has been disabled, a local user can gain full control of the target application IMPACT: A local user can obtain elevated privileges on the target system. SOLUTION: The vendor has issued a fix (8.8 Patch 2 with HF778101, 8.8 Patch 3)

358

T-571: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny  

Broader source: Energy.gov (indexed) [DOE]

1: Linux Kernel dns_resolver Key Processing Error Lets Local 1: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services T-571: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services March 7, 2011 - 3:05pm Addthis PROBLEM: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services. PLATFORM: Linux Kernel 2.6.37 and prior versions ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions. reference LINKS: SecurityTracker Alert ID:1025162 Latest Stable Kernel CVE-2011-1076 IMPACT ASSESSMENT: High Discussion: When a DNS resolver key is instantiated with an error indication, a local user can attempt to read the key to trigger a null pointer dereference and cause a kernel crash. A local user can cause the target system to crash.

359

U-044: HP Operations Agent and Performance Agent Lets Local Users Access a  

Broader source: Energy.gov (indexed) [DOE]

44: HP Operations Agent and Performance Agent Lets Local Users 44: HP Operations Agent and Performance Agent Lets Local Users Access a Restricted Directory U-044: HP Operations Agent and Performance Agent Lets Local Users Access a Restricted Directory November 23, 2011 - 8:00am Addthis PROBLEM: HP Operations Agent and Performance Agent Lets Local Users Access a Restricted Directory. PLATFORM: HP Operations Agent v11.00 and Performance Agent v4.73, v5.0 for AIX, HP-UX, Linux, and Solaris ABSTRACT: A local user can access a directory on the target system. reference LINKS: HP Security Bulletin Document ID: c03091656 CVE-2011-4160 SecurityTracker Alert ID: 1026345 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP Operations Agent and Performance Agent. A local user can access data on the target system. A local user can gain

360

U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root  

Broader source: Energy.gov (indexed) [DOE]

6: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root 6: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges U-056: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges December 9, 2011 - 8:00am Addthis PROBLEM: Linux Kernel HFS Buffer Overflow Lets Local Users Gain Root Privileges. PLATFORM: Linux kernel ABSTRACT: A vulnerability was reported in the Linux Kernel. reference LINKS: The Linux Kernel Archives SecurityTracker Alert ID: 1026395 CVE-2011-4330 IMPACT ASSESSMENT: Medium Discussion: When a specially crafted Hierarchical File System (HFS) file system is mounted, a local user can to trigger a buffer overflow and execute arbitrary code on the target system with root privileges. The vulnerability resides in the hfs_mac2asc() function. Impact: A local user can obtain root privileges on the target system.

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

V-055: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny  

Broader source: Energy.gov (indexed) [DOE]

5: Firefly Media Server Null Pointer Dereference Lets Remote 5: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny Service V-055: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny Service December 26, 2012 - 9:00am Addthis PROBLEM: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny Service PLATFORM: Version(s): 1.0.0.1359 and prior ABSTRACT: A vulnerability was reported in Firefly Media Server REFERENCE LINKS: SecurityTracker Alert ID: 1027917 HTB Advisory ID: HTB23129 CVE-2012-5875 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can send specially crafted data to trigger a null pointer dereference and cause the target service to crash. IMPACT: A remote user can cause denial of service conditions. SOLUTION: No solution was available at the time of this entry. Addthis

362

U-213: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

U-213: Google Chrome Multiple Flaws Let Remote Users Execute U-213: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-213: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code July 16, 2012 - 7:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 20.0.1132.57 ABSTRACT: Several vulnerabilities were reported in Google Chrome. reference LINKS: Stable Channel Update SecurityTracker Alert ID: 1027249 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

363

U-064: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

4: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote 4: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code U-064: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code December 19, 2011 - 9:15am Addthis PROBLEM: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code. PLATFORM: Adobe Acrobat Reader Version(s): 10.1.1 and prior versions ABSTRACT: A vulnerability was reported in Adobe Acrobat/Reader, this vulnerability is being actively exploited against Windows-based systems. reference LINKS: SecurityTracker Alert ID: 1026432 APSB11-30 CVE-2011-4369 JC3-CIRC Tech Bulletin U-054 APSA11-04 IMPACT ASSESSMENT: High Discussion: A remote user can create a specially crafted PDF file that, when loaded by the target user, will trigger a memory corruption error in the PRC

364

U-266: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP  

Broader source: Energy.gov (indexed) [DOE]

6: Apache CXF Lets Remote Authenticated Users Execute 6: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions U-266: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions September 24, 2012 - 6:00am Addthis PROBLEM: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions PLATFORM: This vulnerability affects all released versions of Apache CXF. ABSTRACT: A vulnerability was reported in Apache CXF reference LINKS: SecurityTracker Alert ID: 1027554 Apache CXF Security Advisories Apache CXF Advisory - CVE-2012-3451 CVE-2012-3451 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Apache CXF. A remote authenticated user can execute unauthorized commands on the target web service. Impact: A remote authenticated user can execute potentially unauthorized actions on

365

U-219: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject  

Broader source: Energy.gov (indexed) [DOE]

19: Symantec Web Gateway Input Validation Flaws Lets Remote 19: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords U-219: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords July 24, 2012 - 7:00am Addthis PROBLEM: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords PLATFORM: Symantec Web Gateway 5.0.x.x ABSTRACT: Several vulnerabilities were reported in Symantec Web Gateway. REFERENCE LINKS: Security Advisories Relating to Symantec Products SecurityTracker Alert ID: 1027289 Bugtraq ID: 54424 Bugtraq ID: 54425 Bugtraq ID: 54426 Bugtraq ID: 54427 Bugtraq ID: 54429 Bugtraq ID: 54430

366

U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote  

Broader source: Energy.gov (indexed) [DOE]

6: HP StorageWorks File Migration Agent Buffer Overflows Let 6: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code July 19, 2012 - 7:14am Addthis PROBLEM: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code PLATFORM: HP StorageWorks File Migration Agent ABSTRACT: Two vulnerabilities were reported in HP StorageWorks File Migration Agent. reference LINKS: SecurityTracker Alert ID: 1027281 ZDI-12-127 ZDI-12-126 IMPACT ASSESSMENT: High Discussion: The vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. 1. (ZDI-12-127) The specific flaw exists within the HsmCfgSvc.exe service

367

U-266: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP  

Broader source: Energy.gov (indexed) [DOE]

6: Apache CXF Lets Remote Authenticated Users Execute 6: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions U-266: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions September 24, 2012 - 6:00am Addthis PROBLEM: Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions PLATFORM: This vulnerability affects all released versions of Apache CXF. ABSTRACT: A vulnerability was reported in Apache CXF reference LINKS: SecurityTracker Alert ID: 1027554 Apache CXF Security Advisories Apache CXF Advisory - CVE-2012-3451 CVE-2012-3451 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Apache CXF. A remote authenticated user can execute unauthorized commands on the target web service. Impact: A remote authenticated user can execute potentially unauthorized actions on

368

T-650: Microsoft Word Unspecified Flaw Lets Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

650: Microsoft Word Unspecified Flaw Lets Remote Users Execute 650: Microsoft Word Unspecified Flaw Lets Remote Users Execute Arbitrary Code T-650: Microsoft Word Unspecified Flaw Lets Remote Users Execute Arbitrary Code June 20, 2011 - 3:35pm Addthis PROBLEM: A vulnerability was reported in Microsoft Word. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: Office XP; possibly other versions ABSTRACT: Microsoft Word Unspecified Flaw Lets Remote Users Execute Arbitrary Code. reference LINKS: Secunia Advisory: SA44923 SecurityTracker Alert ID: 1025675 Bugtraq ID: 48261 TSL ID: TSL20110614-02 PRL: 2011-07 IMPACT ASSESSMENT: High Discussion: A code execution vulnerability has been reported in Microsoft Office Word. The vulnerability is due to memory corruption when parsing a specially crafted Word file.

369

U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote  

Broader source: Energy.gov (indexed) [DOE]

U-216: HP StorageWorks File Migration Agent Buffer Overflows Let U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code U-216: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code July 19, 2012 - 7:14am Addthis PROBLEM: HP StorageWorks File Migration Agent Buffer Overflows Let Remote Users Execute Arbitrary Code PLATFORM: HP StorageWorks File Migration Agent ABSTRACT: Two vulnerabilities were reported in HP StorageWorks File Migration Agent. reference LINKS: SecurityTracker Alert ID: 1027281 ZDI-12-127 ZDI-12-126 IMPACT ASSESSMENT: High Discussion: The vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability.

370

T-669: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service |  

Broader source: Energy.gov (indexed) [DOE]

69: Linux Kernel GFS2 Allocation Error Lets Local Users Deny 69: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service T-669: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service July 15, 2011 - 2:14am Addthis PROBLEM: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions. PLATFORM: 2.6.39 and prior versions ABSTRACT: Linux Kernel GFS2 Allocation Error Lets Local Users Deny Service. references LINKS: SecurityTracker Alert ID: 1025776 Linux Kernel Updates CVE-2011-2689 IMPACT ASSESSMENT: Medium Discussion: A local user can invoke the gfs2_fallocate() function in 'fs/gfs2/file.c' in certain cases to allocate a non-blksize aligned amount, resulting in an error in subsequent code that requires blksize aligned offsets. Impact: A local user can cause denial of service conditions on the target system.

371

V-027: Adobe InDesign Server SOAP Interface Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

7: Adobe InDesign Server SOAP Interface Lets Remote Users 7: Adobe InDesign Server SOAP Interface Lets Remote Users Execute Arbitrary Commands V-027: Adobe InDesign Server SOAP Interface Lets Remote Users Execute Arbitrary Commands November 19, 2012 - 2:30am Addthis PROBLEM: Adobe InDesign Server SOAP Interface Lets Remote Users Execute Arbitrary Commands PLATFORM: CS5.5 7.5.0.142; possibly other versions ABSTRACT: Adobe InDesign Server "RunScript" SOAP Message Command Execution Vulnerability REFERENCE LINKS: Secunia Advisory SA48572 SecurityTracker Alert ID: 1027783 Adobe IMPACT ASSESSMENT: Medium DISCUSSION: A vulnerability was reported in Adobe InDesign Server. A remote user can execute arbitrary commands on the target system. A remote user can send a specially crafted "RunScript" SOAP message to

372

V-035: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

5: Google Chrome Multiple Flaws Let Remote Users Execute 5: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code V-035: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code November 28, 2012 - 1:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 23.0.1271.91 ABSTRACT: Several vulnerabilities were reported in Google Chrome. REFERENCE LINKS: Release updates from the Chrome team SecurityTracker Alert ID: 1027815 Secunia Advisory SA51437 CVE-2012-5130 CVE-2012-5131 CVE-2012-5132 CVE-2012-5133 CVE-2012-5134 CVE-2012-5135 CVE-2012-5136 IMPACT ASSESSMENT: High DISCUSSION: Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted content that, when loaded by the

373

V-002: EMC NetWorker Module for Microsoft Applications Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

2: EMC NetWorker Module for Microsoft Applications Lets Remote 2: EMC NetWorker Module for Microsoft Applications Lets Remote Users Execute Arbitrary Code and Local Users Obtain Passwords V-002: EMC NetWorker Module for Microsoft Applications Lets Remote Users Execute Arbitrary Code and Local Users Obtain Passwords October 15, 2012 - 6:00am Addthis PROBLEM: EMC NetWorker Module for Microsoft Applications Lets Remote Users Execute Arbitrary Code and Local Users Obtain Passwords PLATFORM: EMC NetWorker Module for Microsoft Applications 2.2.1, 2.3 prior to build 122, 2.4 prior to build 375 ABSTRACT: EMC NetWorker Module for Microsoft Applications Two Vulnerabilities REFERENCE LINKS: EMC Identifier: ESA-2012-025 Secunia Advisory SA50957 SecurityTracker Alert ID: 1027647 CVE-2012-2284 CVE-2012-2290 IMPACT ASSESSMENT: Medium DISCUSSION:

374

V-066: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

6: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users 6: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges V-066: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges January 10, 2013 - 2:00am Addthis PROBLEM: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges PLATFORM: *Adobe Reader XI (11.0.0) for Windows and Macintosh *Adobe Reader X (10.1.4) and earlier 10.x versions for Windows and Macintosh *Adobe Reader 9.5.2 and earlier 9.x versions for Windows and Macintosh *Adobe Reader 9.5.1 and earlier 9.x versions for Linux *Adobe Acrobat XI (11.0.0) for Windows and Macintosh *Adobe Acrobat X (10.1.4) and earlier 10.x versions for Windows and

375

V-067: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

7: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code 7: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code V-067: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code January 11, 2013 - 12:01am Addthis PROBLEM: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: Oracle Java Runtime Environment (JRE) 1.7 in Java 7 Update 10 and earlier ABSTRACT: A vulnerability was reported in Oracle Java. REFERENCE LINKS: Seclist.org Vulnerability Note VU#625617 SecurityTracker Alert ID: 1027972 Malware.dontneedcoffee.com CVE-2013-0422 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted Java content that, when loaded by the target user, will execute arbitrary code on the target user's system. The code will run with the privileges of the target user. This vulnerability is being actively exploited.

376

U-048: HP LaserJet Printers Unspecified Flaw Lets Remote Users Update  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

8: HP LaserJet Printers Unspecified Flaw Lets Remote Users 8: HP LaserJet Printers Unspecified Flaw Lets Remote Users Update Firmware with Arbitrary Code U-048: HP LaserJet Printers Unspecified Flaw Lets Remote Users Update Firmware with Arbitrary Code November 30, 2011 - 8:15am Addthis PROBLEM: HP LaserJet Printers Unspecified Flaw Lets Remote Users Update Firmware with Arbitrary Code . PLATFORM: HP LaserJet Printers manufactured prior to 2009 ABSTRACT A remote user can upgrade the printer's firmware with arbitrary code. reference LINKS: SecurityTracker Alert ID:1026357 HP Security for Imaging and Printing HP Clarifies on Printer Security IMPACT ASSESSMENT: Low Discussion: A vulnerability was reported in some HP LaserJet Printers. A remote user can update the firmware with arbitrary code. A remote user can send a specially crafted print job or specially crafted data to the

377

T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption  

Broader source: Energy.gov (indexed) [DOE]

7:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users 7:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions September 27, 2011 - 8:00am Addthis PROBLEM: Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions. PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack

378

U-131: Adobe Photoshop TIFF Image Heap Overflow Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

131: Adobe Photoshop TIFF Image Heap Overflow Lets Remote Users 131: Adobe Photoshop TIFF Image Heap Overflow Lets Remote Users Execute Arbitrary Code U-131: Adobe Photoshop TIFF Image Heap Overflow Lets Remote Users Execute Arbitrary Code March 22, 2012 - 3:47am Addthis PROBLEM: Adobe Photoshop TIFF Image Heap Overflow Lets Remote Users Execute Arbitrary Code PLATFORM: Adobe Photoshop CS5 12.x ABSTRACT: Successful exploitation may allow execution of arbitrary code reference LINKS: SecurityTracker Alert ID: 1026831 Secunia Advisory: SA48457 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Adobe Photoshop. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted TIFF file that, when loaded by the target user, will trigger a heap overflow and execute arbitrary code on the target

379

V-093: Symantec PGP Desktop Buffer Overflows Let Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

3: Symantec PGP Desktop Buffer Overflows Let Local Users Gain 3: Symantec PGP Desktop Buffer Overflows Let Local Users Gain Elevated Privileges V-093: Symantec PGP Desktop Buffer Overflows Let Local Users Gain Elevated Privileges February 18, 2013 - 12:53am Addthis PROBLEM: Symantec PGP Desktop Buffer Overflows Let Local Users Gain Elevated Privileges PLATFORM: Symantec PGP Desktop 10.2.x,10.1.x,10.0.x Symantec Encryption Desktop 10.3.0 ABSTRACT: Two vulnerabilities were reported in Symantec PGP Desktop. REFERENCE LINKS: Symantec Security Advisory SYM13-001 Bugtraq ID: 57170 SecurityTracker Alert ID: 1028145 CVE-2012-4351 CVE-2012-4352 IMPACT ASSESSMENT: Medium DISCUSSION: A local user can trigger an integer overflow in 'pgpwded.sys' to execute arbitrary code on the target system [CVE-2012-4351]. On Windows XP and Windows Sever 2003, a local user can trigger a buffer

380

T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption  

Broader source: Energy.gov (indexed) [DOE]

7:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users 7:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions T-727:Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions September 27, 2011 - 8:00am Addthis PROBLEM: Microsoft Windows SSL/TLS Protocol Flaw Lets Remote Users Decryption Sessions. PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

V-139: Cisco Network Admission Control Input Validation Flaw Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

9: Cisco Network Admission Control Input Validation Flaw Lets 9: Cisco Network Admission Control Input Validation Flaw Lets Remote Users Inject SQL Commands V-139: Cisco Network Admission Control Input Validation Flaw Lets Remote Users Inject SQL Commands April 21, 2013 - 11:50pm Addthis PROBLEM: Cisco Network Admission Control Input Validation Flaw Lets Remote Users Inject SQL Commands PLATFORM: Cisco NAC Manager versions prior to 4.8.3.1 and 4.9.2 ABSTRACT: A vulnerability was reported in Cisco Network Admission Control. REFERENCE LINKS: SecurityTracker Alert ID: 1028451 Cisco Advisory ID: cisco-sa-20130417-nac CVE-2013-1177 IMPACT ASSESSMENT: High DISCUSSION: The Cisco Network Admission Control (NAC) Manager does not properly validate user-supplied input. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database.

382

V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local  

Broader source: Energy.gov (indexed) [DOE]

4: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets 4: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges V-134: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges April 15, 2013 - 1:30am Addthis PROBLEM: Cisco AnyConnect Secure Mobility Client Heap Overflow Lets Local Users Gain Elevated Privileges PLATFORM: Cisco AnyConnect Secure Mobility Client Cisco Secure Desktop ABSTRACT: Some vulnerabilities were reported in Cisco AnyConnect Secure Mobility Client. REFERENCE LINKS: Cisco Security Notice CVE-2013-1172 Cisco Security Notice CVE-2013-1173 SecurityTracker Alert ID: 1028425 CVE-2013-1172 CVE-2013-1173 IMPACT ASSESSMENT: Medium DISCUSSION: A local user can trigger a heap overflow in the Cisco Host Scan component to execute arbitrary code on the target system with System privileges

383

T-606: Sun Java System Access Manager Lets Remote Users Partially Modify  

Broader source: Energy.gov (indexed) [DOE]

06: Sun Java System Access Manager Lets Remote Users Partially 06: Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data T-606: Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data April 20, 2011 - 3:58am Addthis PROBLEM: Two vulnerabilities were reported in Sun Java System Access Manager. A remote authenticated user can partially access data on the target system. A remote user can partially modify data on the target system. PLATFORM: Sun Java versions 7.1, 8.0 ABSTRACT: Sun Java System Access Manager Lets Remote Users Partially Modify Data and Remote Authenticated Users Partially Access Data. reference LINKS: SecurityTracker Alert ID: 1025408 CVE-2011-0844 CVE-2011-0847 Oracle Critical Patch Update Advisory

384

U-134: Apache Traffic Server Host Header Processing Flaw Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

4: Apache Traffic Server Host Header Processing Flaw Lets 4: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service U-134: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service March 27, 2012 - 7:00am Addthis PROBLEM: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service PLATFORM: Versions prior to 3.0.4 and 3.1.3 ABSTRACT: A vulnerability was reported in Apache Traffic Server. A remote user can cause denial of service conditions. reference LINKS: SecurityTracker Alert ID: 1026847 CVE-2012-0256 Secunia Advisory SA48509 IMPACT ASSESSMENT: High Discussion: A remote user can send a request with a specially crafted 'Host' header value to trigger a heap allocation error and cause the target service to crash. Impact: A remote user can cause the target service to crash.

385

U-166: Adobe Shockwave Player Memory Corruption Flaws Let Remote Users  

Broader source: Energy.gov (indexed) [DOE]

6: Adobe Shockwave Player Memory Corruption Flaws Let Remote 6: Adobe Shockwave Player Memory Corruption Flaws Let Remote Users Execute Arbitrary Code U-166: Adobe Shockwave Player Memory Corruption Flaws Let Remote Users Execute Arbitrary Code May 10, 2012 - 7:00am Addthis PROBLEM: Adobe Shockwave Player Memory Corruption Flaws Let Remote Users Execute Arbitrary Code PLATFORM: 11.6.4.634 and prior ABSTRACT: Multiple vulnerabilities were reported in Adobe Shockwave Player. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: SecurityTracker Alert ID: 1027037 CVE-2012-2029 CVE-2012-2030 CVE-2012-2031 CVE-2012-2032 CVE-2012-2033 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted Shockwave content that, when loaded by the target user, will trigger a memory corruption error and

386

V-075: EMC AlphaStor Command Injection and Format String Flaws Let Remote  

Broader source: Energy.gov (indexed) [DOE]

5: EMC AlphaStor Command Injection and Format String Flaws Let 5: EMC AlphaStor Command Injection and Format String Flaws Let Remote Users Execute Arbitrary Code V-075: EMC AlphaStor Command Injection and Format String Flaws Let Remote Users Execute Arbitrary Code January 23, 2013 - 12:26am Addthis PROBLEM: EMC AlphaStor Command Injection and Format String Flaws Let Remote Users Execute Arbitrary Code PLATFORM: EMC AlphaStor 4.0 prior to build 800 (All platforms) ABSTRACT: Two vulnerabilities were reported in EMC AlphaStor. REFERENCE LINKS: ESA-2013-008: SecurityTracker Alert ID: 1028020 Secunia Advisory SA51930 CVE-2013-0928 CVE-2013-0929 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can send a specially crafted DCP run command to inject commands and cause the Device Manager (rrobotd.exe) to execute arbitrary code on the target system [CVE-2013-0928].

387

V-065: Adobe Flash Player Buffer Overflow Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

5: Adobe Flash Player Buffer Overflow Lets Remote Users Execute 5: Adobe Flash Player Buffer Overflow Lets Remote Users Execute Arbitrary Code V-065: Adobe Flash Player Buffer Overflow Lets Remote Users Execute Arbitrary Code January 9, 2013 - 12:10am Addthis PROBLEM: Adobe Flash Player Buffer Overflow Lets Remote Users Execute Arbitrary Code PLATFORM: Adobe Flash Player 11.5.502.135 and earlier versions for Windows Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh Adobe Flash Player 11.2.202.258 and earlier versions for Linux Adobe Flash Player 11.1.115.34 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x. ABSTRACT: Security updates available for Adobe Flash Player REFERENCE LINKS: Adobe Security Bulletin APSB13-01 SecurityTracker Alert ID: 1027950

388

Low-Dose/Dose-Rate Low-LET Radiation Protects Us from Cancer  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

Dose/Dose-Rate Low-LET Radiation Protects Us from Cancer Dose/Dose-Rate Low-LET Radiation Protects Us from Cancer Bobby R. Scott, Ph.D. and Jennifer D. Di Palma Lovelace Respiratory Research Institute, 2425 Ridgecrest Drive SE Albuquerque, NM 87108 USA Life on earth evolved in a low-level ionizing radiation environment comprised of terrestrial radiation and cosmic rays. Today we all reside in an ionizing radiation environment comprised of both natural background radiation and radiation from human activities (e.g., Chernobyl accident). An evolutionary benefit of the interaction of low-level, low linear-energy-transfer (LET) ionizing radiation with mammalian life forms on earth is adapted protection. Adapted protection involves low-dose/dose-rate, low-LET radiation induced high-fidelity DNA repair in cooperation with normal apoptosis (presumed p53

389

U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain  

Broader source: Energy.gov (indexed) [DOE]

0:HP Onboard Administrator Unspecified Flaw Lets Remote Users 0:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access U-010:HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access October 13, 2011 - 8:15am Addthis PROBLEM: HP Onboard Administrator Unspecified Flaw Lets Remote Users Gain Access PLATFORM: Onboard Administrator (OA) 3.21 through 3.31 ABSTRACT: A remote user can gain access to the target system reference LINKS: HP Support document ID: c03048779 SecurityTracker Alert ID: 1026158 CVE-2011-3155 IMPACT ASSESSMENT: Medium Discussion: A potential security vulnerability has been identified with HP Onboard Administrator (OA). The vulnerability could be exploited remotely to gain unauthorized access. Impact: A remote user can gain access to the target system. Solution: Onboard Administrator (OA) v3.32 is available.

390

V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

2: Oracle Java Reflection API Flaw Lets Remote Users Execute 2: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code V-142: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code April 25, 2013 - 12:14am Addthis PROBLEM: Oracle Java Reflection API Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: Version(s): 7 Update 21; possibly other versions (1.7.0_21-b11) Java Server JRE is also affected. ABSTRACT: A vulnerability was reported in Oracle Java. REFERENCE LINKS: SecurityTracker Alert ID: 1028466 Oracle IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create a specially crafted Java application that, when loaded and approved by the target user, will trigger a flaw in the Reflection API to bypass the security sandbox. IMPACT: A remote user can create a Java file that, when loaded by the target user,

391

U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote  

Broader source: Energy.gov (indexed) [DOE]

14: Oracle Java Runtime Environment (JRE) Multiple Flaws Let 14: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service October 19, 2011 - 6:00pm Addthis PROBLEM: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service. PLATFORM: Oracle JDK and JRE 7; JDK and JRE 6 Update 27 and prior; JDK and JRE 5.0 Update 31 and prior; SDK and JRE 1.4.2_33 and prior ABSTRACT: A remote user can create a Java applet or Java Web Start application that, when loaded by the target user, will access or modify data or execute arbitrary code on the target user's system. reference LINKS: Oracle Critical Patch Updates and Security Alerts

392

U-059: Blackberry PlayBook File Sharing Option Lets Local Users Gain  

Broader source: Energy.gov (indexed) [DOE]

9: Blackberry PlayBook File Sharing Option Lets Local Users 9: Blackberry PlayBook File Sharing Option Lets Local Users Gain Elevated Privileges U-059: Blackberry PlayBook File Sharing Option Lets Local Users Gain Elevated Privileges December 13, 2011 - 6:00am Addthis PROBLEM: Blackberry PlayBook File Sharing Option Lets Local Users Gain Elevated Privileges. PLATFORM: BlackBerry PlayBook tablet software version 1.0.8.4985 and earlier ABSTRACT: A local user can obtain root privileges on the target tablet system. reference LINKS: SecurityTracker Alert ID:1026386 Vulnerability Summary for CVE-2011-0291 BlackBerry Technical Solution Center IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Blackberry PlayBook. A local user can obtain elevated privileges on the target system. On a tablet with File Sharing enabled and connected via USB to a system running BlackBerry

393

U-095: HP Data Protector Media Operations Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

5: HP Data Protector Media Operations Lets Remote Users Execute 5: HP Data Protector Media Operations Lets Remote Users Execute Arbitrary Code U-095: HP Data Protector Media Operations Lets Remote Users Execute Arbitrary Code February 3, 2012 - 1:33am Addthis PROBLEM: HP Data Protector Media Operations Lets Remote Users Execute Arbitrary Code PLATFORM: Windows (2003, XP, 2008), HP Data Protector Media Operations version 6.11 and earlier ABSTRACT: Remote execution of arbitrary code reference LINKS: SecurityTracker Alert ID: 1026626 HP Support Center Document ID: c03179046 CVE-2011-4791 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in HP Data Protector Media Operations. A remote user can execute arbitrary code on the target system. Information on CVSS is documented in HP Customer Notice: HPSN-2008-002. Impact:

394

U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain  

Broader source: Energy.gov (indexed) [DOE]

0: Apple Remote Desktop Encryption Failure Lets Remote Users 0: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information August 21, 2012 - 7:00am Addthis PROBLEM: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information PLATFORM: Apple Remote Desktop after 3.5.1 and prior to 3.6.1 ABSTRACT: A remote user can monitor potentially sensitive information. reference LINKS: Apple.com Apple Article: HT5433 SecurityTracker Alert ID: 1027420 CVE-2012-0681 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Apple Remote Desktop. When a user connects to a third-party VNC server with the 'Encrypt all network data' setting enabled, network data is not encrypted. A remote user monitoring the

395

U-134: Apache Traffic Server Host Header Processing Flaw Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

34: Apache Traffic Server Host Header Processing Flaw Lets 34: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service U-134: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service March 27, 2012 - 7:00am Addthis PROBLEM: Apache Traffic Server Host Header Processing Flaw Lets Remote Users Deny Service PLATFORM: Versions prior to 3.0.4 and 3.1.3 ABSTRACT: A vulnerability was reported in Apache Traffic Server. A remote user can cause denial of service conditions. reference LINKS: SecurityTracker Alert ID: 1026847 CVE-2012-0256 Secunia Advisory SA48509 IMPACT ASSESSMENT: High Discussion: A remote user can send a request with a specially crafted 'Host' header value to trigger a heap allocation error and cause the target service to crash. Impact: A remote user can cause the target service to crash.

396

V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated Users  

Broader source: Energy.gov (indexed) [DOE]

0: Apache VCL Input Validation Flaw Lets Remote Authenticated 0: Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges May 7, 2013 - 12:01am Addthis PROBLEM: Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges PLATFORM: Apache VCL Versions: 2.1, 2.2, 2.2.1, 2.3, 2.3.1 ABSTRACT: A vulnerability was reported in Apache VCL. REFERENCE LINKS: Apache Securelist SecurityTracker Alert ID: 1028515 CVE-2013-0267 IMPACT ASSESSMENT: Medium DISCUSSION: A remote authenticated administrative user with minimal administrative privileges (i.e., nodeAdmin, manageGroup, resourceGrant, or userGrant) can send specially crafted data via the web interface or XMLRPC API to gain additional administrative privileges.

397

U-133: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

33: Google Chrome Multiple Flaws Let Remote Users Execute 33: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-133: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code March 26, 2012 - 3:35am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Google Chrome prior to 17.0.963.83 ABSTRACT: Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026841 CVE-2011-3049 Secunia Advisory SA48512 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. A use-after-free may occur

398

U-219: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject  

Broader source: Energy.gov (indexed) [DOE]

19: Symantec Web Gateway Input Validation Flaws Lets Remote 19: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords U-219: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords July 24, 2012 - 7:00am Addthis PROBLEM: Symantec Web Gateway Input Validation Flaws Lets Remote Users Inject SQL Commands, Execute Arbitrary Commands, and Change User Passwords PLATFORM: Symantec Web Gateway 5.0.x.x ABSTRACT: Several vulnerabilities were reported in Symantec Web Gateway. REFERENCE LINKS: Security Advisories Relating to Symantec Products SecurityTracker Alert ID: 1027289 Bugtraq ID: 54424 Bugtraq ID: 54425 Bugtraq ID: 54426 Bugtraq ID: 54427 Bugtraq ID: 54429 Bugtraq ID: 54430

399

V-006: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and  

Broader source: Energy.gov (indexed) [DOE]

6: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary 6: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service V-006: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service October 19, 2012 - 6:00am Addthis PROBLEM: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service PLATFORM: CA ARCserve Backup for Windows r12.5, r15, r16 ABSTRACT: Two vulnerabilities were reported in CA ARCserve Backup. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions. REFERENCE LINKS: SecurityTracker Alert ID: 1027683 CA Technologies Support CVE-2012-2971 CVE-2012-2972 IMPACT ASSESSMENT: High DISCUSSION: A remote user can send specially crafted RPC requests to execute arbitrary code on the target system [CVE-2012-2971]. The code will run with the

400

U-143: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

3: Google Chrome Multiple Flaws Let Remote Users Execute 3: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-143: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code April 9, 2012 - 7:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 18.0.1025.151 ABSTRACT: Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026892 CVE-2011-3066 Secunia Advisory SA48732 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. An out-of-bounds memory

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

T-683:Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

83:Google Chrome Multiple Flaws Let Remote Users Execute 83:Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code T-683:Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code August 3, 2011 - 3:45pm Addthis PROBLEM: Multiple vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: Google Chrome prior to 13.0.782.107 ABSTRACT: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code. reference LINKS: Google Chrome advisory Update Chromium Security SecurityTracker Alert ID: 1025882 CVE-2011-2819 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a specially crafted HTML that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

402

U-136: Adobe Flash Player Lets Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

136: Adobe Flash Player Lets Remote Users Execute Arbitrary Code 136: Adobe Flash Player Lets Remote Users Execute Arbitrary Code U-136: Adobe Flash Player Lets Remote Users Execute Arbitrary Code March 29, 2012 - 7:00am Addthis PROBLEM: Adobe Flash Player Lets Remote Users Execute Arbitrary Code PLATFORM: 11.1.102.63 and prior versions ABSTRACT: Two vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. rEFERENCE LINKS: SecurityTracker Alert ID: 1026859 CVE-2012-0772 Security update available for Adobe Flash Player IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted Flash content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. A memory corruption

403

V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

6: Adobe Flash Player Memory Corruption Flaw Lets Remote Users 6: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code V-176: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code June 12, 2013 - 12:15am Addthis PROBLEM: Adobe Flash Player Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: Adobe Flash Player 11.7.700.202 and earlier versions for Windows Adobe Flash Player 11.7.700.203 and earlier versions for Macintosh Adobe Flash Player 11.2.202.285 and earlier versions for Linux Adobe Flash Player 11.1.115.58 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.54 and earlier versions for Android 3.x and 2.x Adobe AIR 3.7.0.1860 and earlier versions for Windows and Macintosh Adobe AIR 3.7.0.1860 and earlier versions for Android

404

T-684: Apple QuickTime Buffer Overflows Let Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

4: Apple QuickTime Buffer Overflows Let Remote Users Execute 4: Apple QuickTime Buffer Overflows Let Remote Users Execute Arbitrary Code T-684: Apple QuickTime Buffer Overflows Let Remote Users Execute Arbitrary Code August 4, 2011 - 3:33pm Addthis PROBLEM: Multiple vulnerabilities were reported in QuickTime. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: Apple Quick Time prior to 7.7 ABSTRACT: Apple QuickTime Buffer Overflows Let Remote Users Execute Arbitrary Code. reference LINKS: Apple security updates SecurityTracker Alert ID: 1025884 Mac OS X: Updating your software Support Downloads QuickTime 7.7 IMPACT ASSESSMENT: High Discussion: A specially crafted PICT file can trigger a buffer overflow [CVE-2011-0245]. Mac OS X version 10.7 is not affected. A specially crafted GIF image can trigger a heap overflow [CVE-2011-0246].

405

T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users  

Broader source: Energy.gov (indexed) [DOE]

7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local 7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges March 1, 2011 - 6:44pm Addthis PROBLEM: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges . PLATFORM: Linux Kernel 2.4.x, 2.6.x ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user may be able to obtain elevated privileges on the target system. A physically local user can connect a storage device with a specially crafted LDM partition table to trigger a buffer overflow in the ldm_frag_add() function in 'fs/partitions/ldm.c' and potentially execute arbitrary code with elevated privileges. reference LINKS: Security Tracker - Alert ID: 1025128

406

V-194: Citrix XenServer Memory Management Error Lets Local Administrative  

Broader source: Energy.gov (indexed) [DOE]

4: Citrix XenServer Memory Management Error Lets Local 4: Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host V-194: Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host July 8, 2013 - 12:24am Addthis PROBLEM: Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host PLATFORM: Citrix XenServer 5.0 - 6.2 ABSTRACT: A vulnerability was reported in Citrix XenServer. REFERENCE LINKS: CTX138134 SecurityTracker Alert ID: 1028740 CVE-2013-1432 IMPACT ASSESSMENT: Medium DISCUSSION: A local administrative user on a PV guest can exploit a memory management page reference counting error to gain access on the target host server. IMPACT: A local user on the guest operating system can obtain access on the target

407

U-258: Adobe Flash Player Flaw Lets Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

8: Adobe Flash Player Flaw Lets Remote Users Execute Arbitrary 8: Adobe Flash Player Flaw Lets Remote Users Execute Arbitrary Code U-258: Adobe Flash Player Flaw Lets Remote Users Execute Arbitrary Code September 12, 2012 - 1:07pm Addthis PROBLEM: Adobe Flash Player Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: 11.3.300.270 and prior (Windows, OS X); 11.2.202.236 and prior (Linux); 11.3.300.270 and prior (Chrome) ABSTRACT: A remote user can cause arbitrary code to be executed on the target user's system. Reference LINKS: CVE-2012-1535 AdobeSecurity/bulletins SecurityTracker IMPACT ASSESSMENT: High Discussion: Vulnerability was reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted file that, when loaded by the target user,

408

U-017: HP MFP Digital Sending Software Lets Local Users Obtain Potentially  

Broader source: Energy.gov (indexed) [DOE]

7: HP MFP Digital Sending Software Lets Local Users Obtain 7: HP MFP Digital Sending Software Lets Local Users Obtain Potentially Sensitive Information U-017: HP MFP Digital Sending Software Lets Local Users Obtain Potentially Sensitive Information October 24, 2011 - 12:30pm Addthis PROBLEM: HP MFP Digital Sending Software Lets Local Users Obtain Potentially Sensitive Information . PLATFORM: HP MFP Digital Sending Software v4.91.21 and all previous 4.9x versions ABSTRACT: A vulnerability was reported in HP MFP Digital Sending Software. A local user can obtain potentially sensitive information. reference LINKS: HP Advisory ID: c03052686 SecurityTracker Alert ID: 1026228 CVE-2011-3163 IMPACT ASSESSMENT: Medium Discussion: A potential security vulnerability has been identified with HP MFP Digital Sending Software running on Windows. The vulnerability could result in

409

U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source  

Broader source: Energy.gov (indexed) [DOE]

39: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS 39: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses U-239: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses August 20, 2012 - 7:00am Addthis PROBLEM: Apple iPhone SMS Processing Flaw Lets Remote Users Spoof SMS Source Addresses PLATFORM: Version(s): 6 beta 4 and prior versions ABSTRACT: A remote user can spoof SMS source addresses. Reference LINKS: SecurityTracker Alert ID: 1027410 Apple.com PCMag.com The original advisory IMPACT ASSESSMENT: Medum Discussion: A vulnerability was reported in Apple iPhone. A remote user can send an SMS message with a specially crafted User Data Header (UDH) value that specifies an alternate reply address. The recipient's iPhone will display the reply address as the source of the SMS.

410

U-236: Microsoft JScript and VBScript Engine Integer Overflow Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

36: Microsoft JScript and VBScript Engine Integer Overflow Lets 36: Microsoft JScript and VBScript Engine Integer Overflow Lets Remote Users Execute Arbitrary Code U-236: Microsoft JScript and VBScript Engine Integer Overflow Lets Remote Users Execute Arbitrary Code August 15, 2012 - 7:00am Addthis PROBLEM: Microsoft JScript and VBScript Engine Integer Overflow Lets Remote Users Execute Arbitrary Code PLATFORM: Version(s): 5.8 ABSTRACT: Execution of arbitrary code via network A remote user can cause arbitrary code to be executed on the target REFERENCE LINKS: technet.microsoft.com/en-us/security/bulletin/ms12-056 http://www.securitytracker.com/id/1027392 CVE-2012-2523 Impact assessment: Medium Discussion: Vulnerability was reported in Microsoft JScript and VBScript. A remote user can cause arbitrary code to be executed on the target user's system. A

411

V-035: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

5: Google Chrome Multiple Flaws Let Remote Users Execute 5: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code V-035: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code November 28, 2012 - 1:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 23.0.1271.91 ABSTRACT: Several vulnerabilities were reported in Google Chrome. REFERENCE LINKS: Release updates from the Chrome team SecurityTracker Alert ID: 1027815 Secunia Advisory SA51437 CVE-2012-5130 CVE-2012-5131 CVE-2012-5132 CVE-2012-5133 CVE-2012-5134 CVE-2012-5135 CVE-2012-5136 IMPACT ASSESSMENT: High DISCUSSION: Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted content that, when loaded by the

412

U-041: Google Chrome Out-of-Bounds Write Error Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

1: Google Chrome Out-of-Bounds Write Error Lets Remote Users 1: Google Chrome Out-of-Bounds Write Error Lets Remote Users Execute Arbitrary Code U-041: Google Chrome Out-of-Bounds Write Error Lets Remote Users Execute Arbitrary Code November 18, 2011 - 9:00am Addthis PROBLEM: Google Chrome Out-of-Bounds Write Error Lets Remote Users Execute Arbitrary Code. PLATFORM: Version(s) prior to 15.0.874.121 ABSTRACT: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: Stable Channel Update CVE-2011-3900 SecurityTracker Alert ID: 1026338 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user,

413

V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking  

Broader source: Energy.gov (indexed) [DOE]

4: Google Chrome Flash Plug-in Lets Remote Users Conduct 4: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks June 24, 2013 - 12:56am Addthis PROBLEM: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks PLATFORM: Google Chrome prior to 27.0.1453.116 ABSTRACT: A vulnerability was reported in Google Chrome. REFERENCE LINKS: Stable Channel Update SecurityTracker Alert ID: 1028694 CVE-2013-2866 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create specially crafted Flash content that, when loaded by the target user, will display the Flash settings in a transparent manner, which may allow the remote user to cause the target user to modify their Flash settings. This may allow the remote user to obtain potentially

414

V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session  

Broader source: Energy.gov (indexed) [DOE]

5: Apache Tomcat FORM Authenticator Lets Remote Users Conduct 5: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks V-155: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks May 14, 2013 - 12:08am Addthis PROBLEM: Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks PLATFORM: Tomcat 6.0.21 to 6.0.36, 7.0.0 to 7.0.32 ABSTRACT: A vulnerability was reported in Apache Tomcat. REFERENCE LINKS: Apache Tomcat SecurityTracker Alert ID: 1028534 CVE-2013-2067 IMPACT ASSESSMENT: High DISCUSSION: A remote user can repeatedly send a specially crafted request for a resource requiring authentication while the target user is completing the login form to cause the FORM authentication process to execute the remote user's request with the privileges of the target user.

415

U-220: Google Android DNS Resolver Randomization Flaw Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

0: Google Android DNS Resolver Randomization Flaw Lets Remote 0: Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache U-220: Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache July 25, 2012 - 7:00am Addthis PROBLEM: Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache PLATFORM: Version(s): 4.0.4 and prior versions ABSTRACT: A remote user can poison the DNS cache. reference LINKS: IBM Application Security Research Group SecurityTracker Alert ID: 1027291 Bugtraq ID: 523624 CVE-2012-2808 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Google Android. The res_randomid() function, which bases a return value on the process ID and the current time, is called twice in quick succession. As a result, the effective

416

T-601: Windows Kernel win32k.sys Lets Local Users Gain Elevated Privileges  

Broader source: Energy.gov (indexed) [DOE]

01: Windows Kernel win32k.sys Lets Local Users Gain Elevated 01: Windows Kernel win32k.sys Lets Local Users Gain Elevated Privileges T-601: Windows Kernel win32k.sys Lets Local Users Gain Elevated Privileges April 13, 2011 - 5:12am Addthis PROBLEM: Windows Kernel win32k.sys Lets Local Users Gain Elevated Privileges PLATFORM: Windows XP Service Pack 3, Windows XP Professional x64 Edition Service Pack 2, Windows Server 2003 Service Pack 2, Windows Server 2003 x64 Edition Service Pack 2, Windows Server 2003 with SP2 for Itanium-based Systems, Windows Vista Service Pack 1 and Windows Vista Service Pack 2, Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2, Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2*, Windows Server 2008 for x64-based Systems

417

U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

2: Microsoft Internet Explorer Flaw Lets Remote Users Execute 2: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code U-262: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code September 18, 2012 - 6:00am Addthis PROBLEM: Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: Internet Explorer 6, 7, 8, 9 ABSTRACT: A vulnerability was reported in Microsoft Internet Explorer. reference LINKS: Bugtraq ID: 55562 Security Database KB2757760 Microsoft Security Advisory (2757760) SecurityTracker Alert ID: 1027538 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary code on the target system. The code will run with the privileges of the

418

V-067: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

7: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code 7: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code V-067: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code January 11, 2013 - 12:01am Addthis PROBLEM: Oracle Java Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: Oracle Java Runtime Environment (JRE) 1.7 in Java 7 Update 10 and earlier ABSTRACT: A vulnerability was reported in Oracle Java. REFERENCE LINKS: Seclist.org Vulnerability Note VU#625617 SecurityTracker Alert ID: 1027972 Malware.dontneedcoffee.com CVE-2013-0422 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted Java content that, when loaded by the target user, will execute arbitrary code on the target user's system. The code will run with the privileges of the target user. This vulnerability is being actively exploited.

419

T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated  

Broader source: Energy.gov (indexed) [DOE]

704: RSA enVision Lets Remote Users View Files and Remote 704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password August 29, 2011 - 3:45am Addthis PROBLEM: Allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox. PLATFORM: RSA enVision Version(s): 3.x, 4.x ABSTRACT: RSA enVision lets remote users view files and remote authenticated users obtain password. reference LINKS: SecurityTracker Alert ID: 1025979 CVE-2011-2736 CVE-2011-2737 RSA enVision Product Security IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in RSA enVision. A remote user can view files on the target system. A remote authenticated user can obtain

420

V-002: EMC NetWorker Module for Microsoft Applications Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

2: EMC NetWorker Module for Microsoft Applications Lets Remote 2: EMC NetWorker Module for Microsoft Applications Lets Remote Users Execute Arbitrary Code and Local Users Obtain Passwords V-002: EMC NetWorker Module for Microsoft Applications Lets Remote Users Execute Arbitrary Code and Local Users Obtain Passwords October 15, 2012 - 6:00am Addthis PROBLEM: EMC NetWorker Module for Microsoft Applications Lets Remote Users Execute Arbitrary Code and Local Users Obtain Passwords PLATFORM: EMC NetWorker Module for Microsoft Applications 2.2.1, 2.3 prior to build 122, 2.4 prior to build 375 ABSTRACT: EMC NetWorker Module for Microsoft Applications Two Vulnerabilities REFERENCE LINKS: EMC Identifier: ESA-2012-025 Secunia Advisory SA50957 SecurityTracker Alert ID: 1027647 CVE-2012-2284 CVE-2012-2290 IMPACT ASSESSMENT: Medium DISCUSSION:

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain  

Broader source: Energy.gov (indexed) [DOE]

6: Linux Kernel Array Bounds Checking Flaw Lets Local Users 6: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges May 15, 2013 - 12:19am Addthis PROBLEM: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges PLATFORM: Version(s): 2.6.37 to 3.8.9 ABSTRACT: A vulnerability was reported in the Linux Kernel. REFERENCE LINKS: Linux Kernel SecurityTracker Alert ID: 1028565 CVE-2013-2094 IMPACT ASSESSMENT: Medium DISCUSSION: On systems compiled with PERF_EVENTS support, a local user can supply a specially crafted perf_event_open() call to execute arbitrary code on the target system with root privileges. The vulnerability resides in the perf_swevent_init() function in 'kernel/events/core.c'.

422

U-213: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

3: Google Chrome Multiple Flaws Let Remote Users Execute 3: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-213: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code July 16, 2012 - 7:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 20.0.1132.57 ABSTRACT: Several vulnerabilities were reported in Google Chrome. reference LINKS: Stable Channel Update SecurityTracker Alert ID: 1027249 IMPACT ASSESSMENT: High Discussion: Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

423

V-006: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and  

Broader source: Energy.gov (indexed) [DOE]

6: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary 6: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service V-006: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service October 19, 2012 - 6:00am Addthis PROBLEM: CA ARCserve Backup Flaws Let Remote Users Execute Arbitrary Code and Deny Service PLATFORM: CA ARCserve Backup for Windows r12.5, r15, r16 ABSTRACT: Two vulnerabilities were reported in CA ARCserve Backup. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions. REFERENCE LINKS: SecurityTracker Alert ID: 1027683 CA Technologies Support CVE-2012-2971 CVE-2012-2972 IMPACT ASSESSMENT: High DISCUSSION: A remote user can send specially crafted RPC requests to execute arbitrary code on the target system [CVE-2012-2971]. The code will run with the

424

T-691: Adobe Flash Player Multiple Flaws Let Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

1: Adobe Flash Player Multiple Flaws Let Remote Users Execute 1: Adobe Flash Player Multiple Flaws Let Remote Users Execute Arbitrary Code T-691: Adobe Flash Player Multiple Flaws Let Remote Users Execute Arbitrary Code August 11, 2011 - 3:00pm Addthis PROBLEM: Multiple vulnerabilities were reported in Adobe Flash Player. A remote user can cause arbitrary code to be executed on the target user's system. PLATFORM: Version(s): 10.3.181.36 and prior; 10.3.185.25 and prior for Android. ABSTRACT: Adobe Flash Player Multiple Flaws Let Remote Users Execute Arbitrary Code. reference LINKS: Security Bulletin: APSB11-21 SecurityTracker Alert ID: 1025907 CVE-2011-2425 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted Flash content that, when loaded by the target user, will execute arbitrary code on the target system. The

425

V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions |  

Broader source: Energy.gov (indexed) [DOE]

5: Adobe ColdFusion Lets Local Users Bypass Sandbox 5: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions V-045: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions December 12, 2012 - 2:00am Addthis PROBLEM: Adobe ColdFusion Lets Local Users Bypass Sandbox Restrictions PLATFORM: ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX ABSTRACT: A vulnerability was reported in Adobe ColdFusion. REFERENCE LINKS: SecurityTracker Alert ID: 1027853 Adobe Vulnerability identifier: APSB12-26 CVE 2012-5675 IMPACT ASSESSMENT: High DISCUSSION: Adobe has released a security hotfix for ColdFusion 10 and earlier versions for Windows, Macintosh and UNIX. This hotfix resolves a vulnerability which could result in a sandbox permissions violation in a shared hosting environment. Adobe recommends users update their product installation using

426

T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated  

Broader source: Energy.gov (indexed) [DOE]

4: RSA enVision Lets Remote Users View Files and Remote 4: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password T-704: RSA enVision Lets Remote Users View Files and Remote Authenticated Users Obtain Password August 29, 2011 - 3:45am Addthis PROBLEM: Allows remote attackers to obtain sensitive information by sniffing the network or leveraging access to a recipient mailbox. PLATFORM: RSA enVision Version(s): 3.x, 4.x ABSTRACT: RSA enVision lets remote users view files and remote authenticated users obtain password. reference LINKS: SecurityTracker Alert ID: 1025979 CVE-2011-2736 CVE-2011-2737 RSA enVision Product Security IMPACT ASSESSMENT: Medium Discussion: Two vulnerabilities were reported in RSA enVision. A remote user can view files on the target system. A remote authenticated user can obtain

427

V-010: 3Com, HP, and H3C Switches SNMP Configuration Lets Remote Users Take  

Broader source: Energy.gov (indexed) [DOE]

10: 3Com, HP, and H3C Switches SNMP Configuration Lets Remote 10: 3Com, HP, and H3C Switches SNMP Configuration Lets Remote Users Take Administrative Actions V-010: 3Com, HP, and H3C Switches SNMP Configuration Lets Remote Users Take Administrative Actions October 25, 2012 - 6:00am Addthis PROBLEM: 3Com, HP, and H3C Switches SNMP Configuration Lets Remote Users Take Administrative Actions PLATFORM: 3COM, and H3C Routers & Switches Specific products and model numbers is provided in the vendor's advisory. ABSTRACT: A vulnerability was reported in 3Com, HP, and H3C Switches. REFERENCE LINKS: HP Support document ID: c03515685 SecurityTracker Alert ID: 1027694 CVE-2012-3268 IMPACT ASSESSMENT: High DISCUSSION: A remote user with knowledge of the SNMP public community string can access potentially sensitive data (e.g., user names, passwords) in the

428

T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code,  

Broader source: Energy.gov (indexed) [DOE]

3: Apple Safari Multiple Flaws Let Remote Users Execute 3: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks T-673: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code, Conduct Cross-Site Scripting Attacks July 21, 2011 - 1:27am Addthis PROBLEM: Multiple vulnerabilities were reported in Apple Safari. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can conduct cross-site scripting attacks. A remote user can obtain potentially sensitive information. A remote user can bypass a certificate validation control. PLATFORM: Safari 5.1 and Safari 5.0.6 Products Affected: Safari 5 (Mac OS X 10.6), Safari 5 (Mac OS X 10.5), Product Security, Safari 5.1 (OS X Lion) ABSTRACT: Apple Safari Multiple Flaws Let Remote Users Execute Arbitrary Code,

429

V-095: Oracle Java Flaws Let Remote Users Execute Arbitrary Code |  

Broader source: Energy.gov (indexed) [DOE]

5: Oracle Java Flaws Let Remote Users Execute Arbitrary Code 5: Oracle Java Flaws Let Remote Users Execute Arbitrary Code V-095: Oracle Java Flaws Let Remote Users Execute Arbitrary Code February 20, 2013 - 12:38am Addthis PROBLEM: Oracle Java Flaws Let Remote Users Execute Arbitrary Code PLATFORM: JDK and JRE 7 Update 13 and earlier JDK and JRE 6 Update 39 and earlier JDK and JRE 5.0 Update 39 and earlier SDK and JRE 1.4.2_41 and earlier ABSTRACT: Several vulnerabilities were reported in Oracle Java. REFERENCE LINKS: Updated Release of the February 2013 Oracle Java SE Critical Patch Update SecurityTracker Alert ID: 1028155 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create a specially crafted Java Web Start application or Java applet that, when loaded by the target user, will execute arbitrary

430

U-043: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

3: Attachmate Reflection Buffer Overflow in FTP Client Lets 3: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote Servers Execute Arbitrary Code U-043: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote Servers Execute Arbitrary Code November 22, 2011 - 8:00am Addthis PROBLEM: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote Servers Execute Arbitrary Code. PLATFORM: 14.1.1173 and prior versions The following product versions are affected: Reflection for HP version 14.x Reflection for UNIX and OpenVMS version 14.x Reflection for ReGIS Graphics version 14.x Reflection for IBM version 14.x Reflection X version 14.x ABSTRACT: A remote server can execute arbitrary code on the connected target system. reference LINKS: Security Updates and Reflection Attachmate Support Lifecycle Attachmate Downloads

431

V-101: McAfee VirusScan Enterprise Lets Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

1: McAfee VirusScan Enterprise Lets Local Users Gain Elevated 1: McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges V-101: McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges February 28, 2013 - 12:05am Addthis PROBLEM: McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges PLATFORM: VSE 8.8 Patch 2 with Access Protection, including Self Protection, turned off ABSTRACT: A vulnerability was reported in McAfee VirusScan Enterprise. REFERENCE LINKS: McAfee Security Bulletins ID: SB10038 SecurityTracker Alert ID: 1028209 IMPACT ASSESSMENT: Medium DISCUSSION: When Access Protection has been disabled, a local user can gain full control of the target application IMPACT: A local user can obtain elevated privileges on the target system. SOLUTION: The vendor has issued a fix (8.8 Patch 2 with HF778101, 8.8 Patch 3)

432

U-037: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

7: Linux Kernel NFSv4 ACL Attribute Processing Error Lets 7: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users Execute Arbitrary Code U-037: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users Execute Arbitrary Code November 16, 2011 - 7:43am Addthis PROBLEM: Linux Kernel NFSv4 ACL Attribute Processing Error Lets Remote Users Execute Arbitrary Code. PLATFORM: Kernel version 2.6.x ABSTRACT: A remote server can cause the target connected client to crash. reference LINKS: The Linux Kernel Archives CVE-2011-4131 SecurityTracker Alert ID: 1026324 Linux Kernel [PATCH 1/1] NFSv4 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in the Linux Kernel. A remote user can cause denial of service conditions. Impact: A remote server can return specially crafted data to the connected target

433

V-075: EMC AlphaStor Command Injection and Format String Flaws Let Remote  

Broader source: Energy.gov (indexed) [DOE]

5: EMC AlphaStor Command Injection and Format String Flaws Let 5: EMC AlphaStor Command Injection and Format String Flaws Let Remote Users Execute Arbitrary Code V-075: EMC AlphaStor Command Injection and Format String Flaws Let Remote Users Execute Arbitrary Code January 23, 2013 - 12:26am Addthis PROBLEM: EMC AlphaStor Command Injection and Format String Flaws Let Remote Users Execute Arbitrary Code PLATFORM: EMC AlphaStor 4.0 prior to build 800 (All platforms) ABSTRACT: Two vulnerabilities were reported in EMC AlphaStor. REFERENCE LINKS: ESA-2013-008: SecurityTracker Alert ID: 1028020 Secunia Advisory SA51930 CVE-2013-0928 CVE-2013-0929 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can send a specially crafted DCP run command to inject commands and cause the Device Manager (rrobotd.exe) to execute arbitrary code on the target system [CVE-2013-0928].

434

V-027: Adobe InDesign Server SOAP Interface Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

27: Adobe InDesign Server SOAP Interface Lets Remote Users 27: Adobe InDesign Server SOAP Interface Lets Remote Users Execute Arbitrary Commands V-027: Adobe InDesign Server SOAP Interface Lets Remote Users Execute Arbitrary Commands November 19, 2012 - 2:30am Addthis PROBLEM: Adobe InDesign Server SOAP Interface Lets Remote Users Execute Arbitrary Commands PLATFORM: CS5.5 7.5.0.142; possibly other versions ABSTRACT: Adobe InDesign Server "RunScript" SOAP Message Command Execution Vulnerability REFERENCE LINKS: Secunia Advisory SA48572 SecurityTracker Alert ID: 1027783 Adobe IMPACT ASSESSMENT: Medium DISCUSSION: A vulnerability was reported in Adobe InDesign Server. A remote user can execute arbitrary commands on the target system. A remote user can send a specially crafted "RunScript" SOAP message to

435

U-277: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

7: Google Chrome Multiple Flaws Let Remote Users Execute 7: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-277: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code October 9, 2012 - 6:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 22.0.1229.92 ABSTRACT: Several vulnerabilities were reported in Google Chrome. reference LINKS: SecurityTracker Alert ID: 1027617 Stable Channel Update CVE-2012-2900 CVE-2012-5108 CVE-2012-5109 CVE-2012-5110 CVE-2012-5111 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. A crash may occur in Skia text rendering [CVE-2012-2900].

436

U-160: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

60: Google Chrome Multiple Flaws Let Remote Users Execute 60: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-160: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code May 2, 2012 - 7:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Prior to 18.0.1025.168 ABSTRACT: Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system reference LINKS: SecurityTracker Alert ID: 1027001 CVE-2011-3078 CVE-2011-3079 CVE-2011-3080 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will trigger a use-after-free, validation error, or race condition and execute arbitrary code on the target system. The code will

437

U-089:Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

9:Apache Struts ParameterInterceptor() Flaw Lets Remote Users 9:Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands U-089:Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands January 26, 2012 - 6:45am Addthis PROBLEM: Apache Struts ParameterInterceptor() Flaw Lets Remote Users Execute Arbitrary Commands PLATFORM: Struts 2.0.0 - Struts 2.3.1.1 ABSTRACT: A remote user can execute arbitrary code on the target system. reference LINKS: CVE-2011-3923 SecurityTracker Alert ID: 1026575 Apache Struts 2 Documentation S2-009 blog.o0o.nu IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Apache Struts. The vulnerability allows a malicious user to bypass all the protections (regex pattern, deny method invocation) built into the ParametersInterceptor, thus being able to inject

438

T-721:Mac OS X Directory Services Lets Local Users View User Password  

Broader source: Energy.gov (indexed) [DOE]

21:Mac OS X Directory Services Lets Local Users View User 21:Mac OS X Directory Services Lets Local Users View User Password Hashes T-721:Mac OS X Directory Services Lets Local Users View User Password Hashes September 20, 2011 - 8:45am Addthis PROBLEM: Mac OS X Directory Services Lets Local Users View User Password Hashes. PLATFORM: Mac OS X Lion (10.7) ABSTRACT: A local user can view user password hashes. reference LINKS: SecurityTracker Alert ID: 1026067 Apple Support Downloads Apple Security Updates Apple OS X Lion v10.7.1 Update IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Mac OS X. A local user can view user password hashes. A local user can invoke the following Directory Services command line command to view the password hash for the target user: dscl localhost -read /Search/Users/[target user] A local user can change their

439

T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users  

Broader source: Energy.gov (indexed) [DOE]

7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local 7: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges T-567: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges March 1, 2011 - 6:44pm Addthis PROBLEM: Linux Kernel Buffer Overflow in ldm_frag_add() May Let Local Users Gain Elevated Privileges . PLATFORM: Linux Kernel 2.4.x, 2.6.x ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user may be able to obtain elevated privileges on the target system. A physically local user can connect a storage device with a specially crafted LDM partition table to trigger a buffer overflow in the ldm_frag_add() function in 'fs/partitions/ldm.c' and potentially execute arbitrary code with elevated privileges. reference LINKS: Security Tracker - Alert ID: 1025128

440

U-170: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

70: Apple QuickTime Multiple Flaws Let Remote Users Execute 70: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code U-170: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code May 16, 2012 - 7:00am Addthis PROBLEM: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: prior to 7.7.2 ABSTRACT: Multiple vulnerabilities were reported in Apple QuickTime. A remote user can cause arbitrary code to be executed on the target user's system. Reference LINKS: SecurityTracker Alert ID: 1027065 CVE-2012-0265 CVE-2012-0663 CVE-2012-0664 CVE-2012-0665 CVE-2012-0666 IMPACT ASSESSMENT: High Discussion: A remote user can create a specially crafted file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. Only Windows-based systems

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

V-009: Adobe Shockwave Player Buffer Overflows and Array Error Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

09: Adobe Shockwave Player Buffer Overflows and Array Error Lets 09: Adobe Shockwave Player Buffer Overflows and Array Error Lets Remote Users Execute Arbitrary Code V-009: Adobe Shockwave Player Buffer Overflows and Array Error Lets Remote Users Execute Arbitrary Code October 24, 2012 - 6:00am Addthis PROBLEM: Adobe Shockwave Player Buffer Overflows and Array Error Lets Remote Users Execute Arbitrary Code PLATFORM: Adobe Shockwave Player 11.6.7.637 and earlier versions for Windows and Macintosh ABSTRACT: Several vulnerabilities were reported in Adobe Shockwave. REFERENCE LINKS: Adobe Security bulletin SecurityTracker Alert ID: 1027692 CVE-2012-4172 CVE-2012-4173 CVE-2012-4174 CVE-2012-4175 CVE-2012-4176 CVE-2012-5273 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted content that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on

442

V-109: Google Chrome WebKit Type Confusion Error Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

09: Google Chrome WebKit Type Confusion Error Lets Remote Users 09: Google Chrome WebKit Type Confusion Error Lets Remote Users Execute Arbitrary Code V-109: Google Chrome WebKit Type Confusion Error Lets Remote Users Execute Arbitrary Code March 12, 2013 - 12:11am Addthis PROBLEM: Google Chrome WebKit Type Confusion Error Lets Remote Users Execute Arbitrary Code PLATFORM: Google Chrome prior to 25.0.1364.160 ABSTRACT: A vulnerability was reported in Google Chrome. REFERENCE LINKS: Stable Channel Update SecurityTracker Alert ID: 1028266 CVE-2013-0912 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a type confusion error in WebKit and execute arbitrary code on the target system. The code will run with the privileges

443

U-194: Symantec LiveUpdate Administrator Lets Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

4: Symantec LiveUpdate Administrator Lets Local Users Gain 4: Symantec LiveUpdate Administrator Lets Local Users Gain Elevated Privledges U-194: Symantec LiveUpdate Administrator Lets Local Users Gain Elevated Privledges June 19, 2012 - 7:00am Addthis PROBLEM: Symantec LiveUpdate Administrator Lets Local Users Gain Elevated Privileges . PLATFORM: Version(s): 2.3 and prior versions Abstract: Users Gain Elevated Privileges reference LINKS: Vendor Advisory SecurityTracker Alert ID: 1027182 CVE-2012-0304 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Symantec LiveUpdate Administrator. A local user can obtain elevated privileges on the target system.The default installation of Symantec LiveUpdate Administrator installs files with full control privileges granted to the 'Everyone' group.A local user can exploit

444

V-179: Blackberry Z10 Flaw Lets Physically Local Users Access the Device |  

Broader source: Energy.gov (indexed) [DOE]

9: Blackberry Z10 Flaw Lets Physically Local Users Access the 9: Blackberry Z10 Flaw Lets Physically Local Users Access the Device V-179: Blackberry Z10 Flaw Lets Physically Local Users Access the Device June 17, 2013 - 1:09am Addthis PROBLEM: Blackberry Z10 Flaw Lets Physically Local Users Access the Device PLATFORM: BlackBerry 10 OS version 10.0.10.261 and earlier, except version 10.0.9.2743 ABSTRACT: A vulnerability was reported in Blackberry Z10 Smartphones. REFERENCE LINKS: BlackBerry Security Advisory KB34458 SecurityTracker Alert ID: 1028669 CVE-2013-3692 IMPACT ASSESSMENT: Medium DISCUSSION: On systems with BlackBerry Protect enabled, if the user resets the device password via BlackBerry Protect and downloads a specifically crafted applications, then a physically local user can access or modify data on the device. The vulnerability is due to unsafe permissions on a BlackBerry Protect

445

T-671: Red Hat system-config-firewall Lets Local Users Gain Root Privileges  

Broader source: Energy.gov (indexed) [DOE]

1: Red Hat system-config-firewall Lets Local Users Gain Root 1: Red Hat system-config-firewall Lets Local Users Gain Root Privileges T-671: Red Hat system-config-firewall Lets Local Users Gain Root Privileges July 19, 2011 - 2:42pm Addthis PROBLEM: A vulnerability was reported in Red Hat system-config-firewall. A local user can obtain root privileges on the target system. PLATFORM Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Server EUS (v. 6.1.z) Red Hat Enterprise Linux Workstation (v. 6) ABSTRACT: Red Hat system-config-firewall Lets Local Users Gain Root Privileges reference LINKS: RHSA-2011:0953-1 SecurityTracker Alert ID: 1025793 CVE-2011-2520 Red hat Article ID: 11259 IMPACT ASSESSMENT: Medium Discussion: The system-config-firewall utility uses the Python pickle module in an

446

U-160: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

0: Google Chrome Multiple Flaws Let Remote Users Execute 0: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-160: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code May 2, 2012 - 7:00am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Prior to 18.0.1025.168 ABSTRACT: Several vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system reference LINKS: SecurityTracker Alert ID: 1027001 CVE-2011-3078 CVE-2011-3079 CVE-2011-3080 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will trigger a use-after-free, validation error, or race condition and execute arbitrary code on the target system. The code will

447

V-020: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

20: Apple QuickTime Multiple Flaws Let Remote Users Execute 20: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code V-020: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code November 9, 2012 - 6:00am Addthis PROBLEM: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Versions prior to QuickTime 7.7.3 are vulnerable on Windows 7, Vista and XP. ABSTRACT: Multiple vulnerabilities were reported in Apple QuickTime. REFERENCE LINKS: Apple Security Article: HT5581 SecurityTracker Alert ID: 1027737 Bugtraq ID: 56438 Secunia Advisory SA51226 CVE-2011-1374 CVE-2012-3751 CVE-2012-3752 CVE-2012-3753 CVE-2012-3754 CVE-2012-3755 CVE-2012-3756 CVE-2012-3757 CVE-2012-3758 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Apple QuickTime, which can

448

T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

36: Cisco ASA Multiple Flaws Let Remote Users Deny Service and 36: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls T-536: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls January 18, 2011 - 2:30pm Addthis PROBLEM: Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls. PLATFORM: Cisco 5500 Series Adaptive Security Appliances (ASA) ABSTRACT: Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple vulnerabilities. Affected versions of Cisco ASA Software vary depending on the specific vulnerability. Cisco ASA 5500 Series Adaptive Security Appliances may experience a TCP connection exhaustion condition (no new TCP connections are accepted) that can be triggered through the receipt of specific TCP segments during the

449

U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass  

Broader source: Energy.gov (indexed) [DOE]

7: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass 7: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass Authentication and Gain Administrative Access U-247: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass Authentication and Gain Administrative Access August 29, 2012 - 6:00am Addthis PROBLEM: EMC Cloud Tiering Appliance Flaw Lets Remote Users Bypass Authentication and Gain Administrative Access PLATFORM: EMC Cloud Tiering Appliance (CTA) 7.4 and prior EMC Cloud Tiering Appliance Virtual Edition (CTA/VE) 7.4 and prior EMC Cloud Tiering Appliance (CTA) 9.0 and prior EMC Cloud Tiering Appliance Virtual Edition (CTA/VE) 9.0 and prior ABSTRACT: A vulnerability was reported in EMC Cloud Tiering Appliance. reference LINKS: SecurityTracker Alert ID: 1027448 Bugtraq ID: 55250 EMC.com CVE-2012-2285 IMPACT ASSESSMENT:

450

Stochastic modeling of the cell killing effect for low- and high-LET radiation  

E-Print Network [OSTI]

length distribution, with deterministic RMR models. For low LET radiation and at high dose rates the stochastic survival results agree well with the deterministic survival results. Also the stochastic model allows for non-linearity at low doses due...

Partouche, Julien

2005-02-17T23:59:59.000Z

451

V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote...  

Broader source: Energy.gov (indexed) [DOE]

IMPACT: Denial of service via network SOLUTION: The vendor has issued a fix (7.5 Patch 1). Addthis Related Articles U-244: McAfee Email Gateway Lets Remote Users Bypass...

452

V-101: McAfee VirusScan Enterprise Lets Local Users Gain Elevated...  

Broader source: Energy.gov (indexed) [DOE]

McAfee VirusScan Enterprise Lets Local Users Gain Elevated Privileges PLATFORM: VSE 8.8 Patch 2 with Access Protection, including Self Protection, turned off ABSTRACT: A...

453

U-040: HP-UX System Administration Manager Lets Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

0: HP-UX System Administration Manager Lets Local Users Gain 0: HP-UX System Administration Manager Lets Local Users Gain Elevated Privileges U-040: HP-UX System Administration Manager Lets Local Users Gain Elevated Privileges November 17, 2011 - 8:00am Addthis PROBLEM: HP-UX System Administration Manager Lets Local Users Gain Elevated Privileges. PLATFORM: HP-UX B.11.11, B.11.23, B.11.31; running Enterprise Mobility Suite (EMS) prior to A.04.20.11.04_01 ABSTRACT: A local user can obtain elevated privileges on the target system. reference LINKS: HP Support Center Document ID: c03089106 CVE-2011-4159 SecurityTracker Alert ID: 1026331 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP-UX System Administration Manager. A local user can obtain elevated privileges on the target system. A local user can gain full control of the target system.

454

V-194: Citrix XenServer Memory Management Error Lets Local Administrative  

Broader source: Energy.gov (indexed) [DOE]

4: Citrix XenServer Memory Management Error Lets Local 4: Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host V-194: Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host July 8, 2013 - 12:24am Addthis PROBLEM: Citrix XenServer Memory Management Error Lets Local Administrative Users on the Guest Gain Access on the Host PLATFORM: Citrix XenServer 5.0 - 6.2 ABSTRACT: A vulnerability was reported in Citrix XenServer. REFERENCE LINKS: CTX138134 SecurityTracker Alert ID: 1028740 CVE-2013-1432 IMPACT ASSESSMENT: Medium DISCUSSION: A local administrative user on a PV guest can exploit a memory management page reference counting error to gain access on the target host server. IMPACT: A local user on the guest operating system can obtain access on the target

455

U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote  

Broader source: Energy.gov (indexed) [DOE]

4: Oracle Java Runtime Environment (JRE) Multiple Flaws Let 4: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service U-014: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service October 19, 2011 - 6:00pm Addthis PROBLEM: Oracle Java Runtime Environment (JRE) Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service. PLATFORM: Oracle JDK and JRE 7; JDK and JRE 6 Update 27 and prior; JDK and JRE 5.0 Update 31 and prior; SDK and JRE 1.4.2_33 and prior ABSTRACT: A remote user can create a Java applet or Java Web Start application that, when loaded by the target user, will access or modify data or execute arbitrary code on the target user's system. reference LINKS: Oracle Critical Patch Updates and Security Alerts

456

U-077: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code  

Broader source: Energy.gov (indexed) [DOE]

7: Google Chrome Multiple Flaws Let Remote Users Execute 7: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code U-077: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code January 9, 2012 - 9:15am Addthis PROBLEM: Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code PLATFORM: Version(s): prior to 16.0.912.75 ABSTRACT: A remote user may be able to execute arbitrary code on the target system. reference LINKS: Google Chrome Releases Chromium Security SecurityTracker Alert ID:1026487 IMPACT ASSESSMENT: High Discussion: A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. Specially crafted animation frames can trigger a use-after-free memory

457

U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

1: Microsoft Active Directory CRL Validation Flaw Lets Remote 1: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass Authentication U-031: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass Authentication November 9, 2011 - 8:30am Addthis PROBLEM: Microsoft Active Directory CRL Validation Flaw Lets Remote Users Bypass Authentication. PLATFORM: Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Active Directory Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows 7 for 32-bit Systems Windows 7 for 32-bit Systems Service Pack 1

458

V-055: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny  

Broader source: Energy.gov (indexed) [DOE]

5: Firefly Media Server Null Pointer Dereference Lets Remote 5: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny Service V-055: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny Service December 26, 2012 - 9:00am Addthis PROBLEM: Firefly Media Server Null Pointer Dereference Lets Remote Users Deny Service PLATFORM: Version(s): 1.0.0.1359 and prior ABSTRACT: A vulnerability was reported in Firefly Media Server REFERENCE LINKS: SecurityTracker Alert ID: 1027917 HTB Advisory ID: HTB23129 CVE-2012-5875 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can send specially crafted data to trigger a null pointer dereference and cause the target service to crash. IMPACT: A remote user can cause denial of service conditions. SOLUTION: No solution was available at the time of this entry. Addthis

459

U-064: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

4: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote 4: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code U-064: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code December 19, 2011 - 9:15am Addthis PROBLEM: Adobe Acrobat/Reader PRC Memory Corruption Error Lets Remote Users Execute Arbitrary Code. PLATFORM: Adobe Acrobat Reader Version(s): 10.1.1 and prior versions ABSTRACT: A vulnerability was reported in Adobe Acrobat/Reader, this vulnerability is being actively exploited against Windows-based systems. reference LINKS: SecurityTracker Alert ID: 1026432 APSB11-30 CVE-2011-4369 JC3-CIRC Tech Bulletin U-054 APSA11-04 IMPACT ASSESSMENT: High Discussion: A remote user can create a specially crafted PDF file that, when loaded by the target user, will trigger a memory corruption error in the PRC

460

U-094: EMC Documentum Content Server Lets Local Administrative Users Gain  

Broader source: Energy.gov (indexed) [DOE]

4: EMC Documentum Content Server Lets Local Administrative 4: EMC Documentum Content Server Lets Local Administrative Users Gain Elevated Privileges U-094: EMC Documentum Content Server Lets Local Administrative Users Gain Elevated Privileges February 2, 2012 - 9:15am Addthis PROBLEM: EMC Documentum Content Server Lets Local Administrative Users Gain Elevated Privileges PLATFORM: EMC Documentum Content Server 6.0, 6.5, 6.6 ABSTRACT: EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system. reference LINKS: SecurityTracker Alert ID: 1026624 EMC Resource Library CVE-2011-4144 bugtraq ESA-2012-009 IMPACT ASSESSMENT: Medium Discussion: EMC Documentum Content Server contains a security vulnerability that may allow a system administrator to elevate their or other users privileges to

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

9: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let 9: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code December 18, 2012 - 1:30am Addthis PROBLEM: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code PLATFORM: Windows RealPlayer 15.0.6.14 and prior. ABSTRACT: Two vulnerabilities were reported in RealPlayer. REFERENCE LINKS: RealPlayer Security Vulnerabilities Secunia Advisory SA51589 SecurityTracker Alert ID: 1027893 CVE-2012-5690 CVE-2012-5691 IMPACT ASSESSMENT: Medium DISCUSSION: Two vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. A remote user can create a specially crafted RealAudio file that, when

462

U-043: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

3: Attachmate Reflection Buffer Overflow in FTP Client Lets 3: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote Servers Execute Arbitrary Code U-043: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote Servers Execute Arbitrary Code November 22, 2011 - 8:00am Addthis PROBLEM: Attachmate Reflection Buffer Overflow in FTP Client Lets Remote Servers Execute Arbitrary Code. PLATFORM: 14.1.1173 and prior versions The following product versions are affected: Reflection for HP version 14.x Reflection for UNIX and OpenVMS version 14.x Reflection for ReGIS Graphics version 14.x Reflection for IBM version 14.x Reflection X version 14.x ABSTRACT: A remote server can execute arbitrary code on the connected target system. reference LINKS: Security Updates and Reflection Attachmate Support Lifecycle Attachmate Downloads

463

U-040: HP-UX System Administration Manager Lets Local Users Gain Elevated  

Broader source: Energy.gov (indexed) [DOE]

40: HP-UX System Administration Manager Lets Local Users Gain 40: HP-UX System Administration Manager Lets Local Users Gain Elevated Privileges U-040: HP-UX System Administration Manager Lets Local Users Gain Elevated Privileges November 17, 2011 - 8:00am Addthis PROBLEM: HP-UX System Administration Manager Lets Local Users Gain Elevated Privileges. PLATFORM: HP-UX B.11.11, B.11.23, B.11.31; running Enterprise Mobility Suite (EMS) prior to A.04.20.11.04_01 ABSTRACT: A local user can obtain elevated privileges on the target system. reference LINKS: HP Support Center Document ID: c03089106 CVE-2011-4159 SecurityTracker Alert ID: 1026331 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in HP-UX System Administration Manager. A local user can obtain elevated privileges on the target system. A local user can gain full control of the target system.

464

T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

45: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets 45: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code T-545: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code January 28, 2011 - 7:21am Addthis PROBLEM: RealPlayer Heap Corruption Error in 'vidplin.dll' Lets Remote Users Execute Arbitrary Code. PLATFORM: RealPlayer 14.0.1 and prior versions ABSTRACT: A vulnerability was reported in RealPlayer. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: Security Tracker Alert CVE-2010-4393 IMPACT ASSESSMENT: Medium Discussion: A remote user can create a specially crafted AVI file that, when loaded by the target user, will trigger a heap corruption error in 'vidplin.dll' and execute arbitrary code on the target system. The code will run with the

465

V-195: RSA Authentication Manager Lets Local Users View the Administrative  

Broader source: Energy.gov (indexed) [DOE]

95: RSA Authentication Manager Lets Local Users View the 95: RSA Authentication Manager Lets Local Users View the Administrative Account Password V-195: RSA Authentication Manager Lets Local Users View the Administrative Account Password July 9, 2013 - 12:51am Addthis PROBLEM: RSA Authentication Manager Lets Local Users View the Administrative Account Password PLATFORM: RSA Authentication Manager 7.1, 8.0 ABSTRACT: A vulnerability was reported in RSA Authentication Manager. REFERENCE LINKS: SecurityTracker Alert ID: 1028742 CVE-2013-3273 RSA IMPACT ASSESSMENT: Medium DISCUSSION: When the RSA Authentication Manager Software Development Kit (SDK) is used to develop a custom application that connects with RSA Authentication Manager and the trace logging is set to verbose, the administrative account password used by the custom application is written in clear text to trace

466

V-066: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute  

Broader source: Energy.gov (indexed) [DOE]

66: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users 66: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges V-066: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges January 10, 2013 - 2:00am Addthis PROBLEM: Adobe Acrobat/Reader Multiple Flaws Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges PLATFORM: *Adobe Reader XI (11.0.0) for Windows and Macintosh *Adobe Reader X (10.1.4) and earlier 10.x versions for Windows and Macintosh *Adobe Reader 9.5.2 and earlier 9.x versions for Windows and Macintosh *Adobe Reader 9.5.1 and earlier 9.x versions for Linux *Adobe Acrobat XI (11.0.0) for Windows and Macintosh *Adobe Acrobat X (10.1.4) and earlier 10.x versions for Windows and

467

U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local  

Broader source: Energy.gov (indexed) [DOE]

2: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets 2: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges August 23, 2012 - 7:00am Addthis PROBLEM: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges PLATFORM: Linux Kernel 3.2.x Linux Kernel 3.4.x Linux Kernel 3.5.x ABSTRACT: A vulnerability was reported in the Linux Kernel. reference LINKS: The Linux Kernel Archives SecurityTracker Alert ID: 1027434 Secunia Advisory SA50323 CVE-2012-3520 IMPACT ASSESSMENT: Medium Discussion: A local user can obtain elevated privileges on the target system. A local user may be able to send specially crafted Netlink messages to spoof SCM_CREDENTIALS and perform actions with elevated privileges.

468

Genomic instability and bystander effects induced by high-LET radiation Eric J Hall*,1  

E-Print Network [OSTI]

Genomic instability and bystander effects induced by high-LET radiation Eric J Hall*,1 and Tom K. There is a progressive increase in genomic instability, determined either by gene amplification or allelic imbalance

469

V-049: RealPlayer Buffer Overflow and Invalid Pointer Flaw Let...  

Broader source: Energy.gov (indexed) [DOE]

a fix (16.0.0.282). Addthis Related Articles V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code V-114: RealPlayer MP4...

470

U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic 259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code U-259: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code September 13, 2012 - 6:00am Addthis PROBLEM: RSA BSAFE SSL-C Lets Remote Users Decrypt SSL/TLS Traffic and SSL Buffer Overflow Lets Remote Users Execute Arbitrary Code PLATFORM: RSA BSAFE SSL-C prior to 2.8.6 ABSTRACT: RSA BSAFE SSL-C Multiple Vulnerabilities reference LINKS: Secunia Advisory SA50601 SecurityTracker Alert ID: 1027514 SecurityTracker Alert ID: 1027513 CVE-2011-3389 CVE-2012-2110 CVE-2012-2131 IMPACT ASSESSMENT: High Discussion: EMC has acknowledged a weakness and a vulnerability in RSA BSAFE, which can

471

Large Cryogenic Infrastructure for LHC Superconducting Magnet and Cryogenic Component Tests: Layout, Commissioning and Operational Experience  

SciTech Connect (OSTI)

The largest cryogenic test facility at CERN, located at Zone 18, is used to validate and to test all main components working at cryogenic temperature in the LHC (Large Hadron Collider) before final installation in the machine tunnel. In total about 1300 main dipoles, 400 main quadrupoles, 5 RF-modules, eight 1.8 K refrigeration units will be tested in the coming years.The test facility has been improved and upgraded over the last few years and the first 18 kW refrigerator for the LHC machine has been added to boost the cryogenic capacity for the area via a 25,000 liter liquid helium dewar. The existing 6 kW refrigerator, used for the LHC Test String experiments, will also be employed to commission LHC cryogenic components.We report on the design and layout of the test facility as well as the commissioning and the first 10,000 hours operational experience of the test facility and the 18 kW LHC refrigerator.

Calzas, C.; Chanat, D.; Knoops, S.; Sanmarti, M.; Serio, L. [Accelerator Technology Division, CERN, 1211 Geneva 23 (Switzerland)

2004-06-23T23:59:59.000Z

472

SharedCanvas: A Collaborative Model for Medieval Manuscript Layout Dissemination  

SciTech Connect (OSTI)

In this paper we present a model based on the principles of Linked Data that can be used to describe the interrelationships of images, texts and other resources to facilitate the interoperability of repositories of medieval manuscripts or other culturally important handwritten documents. The model is designed from a set of requirements derived from the real world use cases of some of the largest digitized medieval content holders, and instantiations of the model are intended as the input to collection-independent page turning and scholarly presentation interfaces. A canvas painting paradigm, such as in PDF and SVG, was selected based on the lack of a one to one correlation between image and page, and to fulfill complex requirements such as when the full text of a page is known, but only fragments of the physical object remain. The model is implemented using technologies such as OAI-ORE Aggregations and OAC Annotations, as the fundamental building blocks of emerging Linked Digital Libraries. The model and implementation are evaluated through prototypes of both content providing and consuming applications. Although the system was designed from requirements drawn from the medieval manuscript domain, it is applicable to any layout-oriented presentation of images of text.

Sanderson, Robert D. [Los Alamos National Laboratory; Albritton, Benjamin [Stanford University; Schwemmer, Rafael [e-codices; Van De Sompel, Herbert [Los Alamos National Laboratory

2011-01-01T23:59:59.000Z

473

A system-level cost-of-energy wind farm layout optimization with landowner modeling  

SciTech Connect (OSTI)

This work applies an enhanced levelized wind farm cost model, including landowner remittance fees, to determine optimal turbine placements under three landowner participation scenarios and two land-plot shapes. Instead of assuming a continuous piece of land is available for the wind farm construction, as in most layout optimizations, the problem formulation represents landowner participation scenarios as a binary string variable, along with the number of turbines. The cost parameters and model are a combination of models from the National Renewable Energy Laboratory (NREL), Lawrence Berkeley National Laboratory, and Windustiy. The system-level cost-of-energy (COE) optimization model is also tested under two land-plot shapes: equally-sized square land plots and unequal rectangle land plots. The optimal COEs results are compared to actual COE data and found to be realistic. The results show that landowner remittances account for approximately 10% of farm operating costs across all cases. Irregular land-plot shapes are easily handled by the model. We find that larger land plots do not necessarily receive higher remittance fees. The model can help site developers identify the most crucial land plots for project success and the optimal positions of turbines, with realistic estimates of costs and profitability. (C) 2013 Elsevier Ltd. All rights reserved.

Chen, Le [Ames Laboratory; MacDonald, Erin [Ames Laboratory

2013-10-01T23:59:59.000Z

474

A comparative study on substation types and network layouts in connection with low-energy district heating systems  

Science Journals Connector (OSTI)

The study deals with low-energy District Heating (DH) networks operating in low temperatures such as 55 °C in terms of supply and 25 °C in terms of return. The network layout, additional booster pumps, and different substation types such as storage tanks either equipped or not equipped in domestic hot water production site were examined. Effects of booster pumps on pipe dimensions in the latter case were investigated. Temperature drops during the summer months due to low heat demands of consumers were explored. Use of approaches such as looped networks and branched network layouts with bypasses for end-consumers were also studied, heat loss from these networks and the drop in temperature in the heat-carrier-supply medium being compared.

Hakan ?brahim Tol; Svend Svendsen

2012-01-01T23:59:59.000Z

475

ADORE-GA: Genetic algorithm variant of the ADORE algorithm for ROP detector layout optimization in CANDU reactors  

Science Journals Connector (OSTI)

The regional overpower protection (ROP) systems protect CANDU® reactors against overpower in the fuel that could reduce the safety margin-to-dryout. The overpower could originate from a localized power peaking within the core or a general increase in the global core power level. The design of the detector layout for ROP systems is a challenging discrete optimization problem. In recent years, two algorithms have been developed to find a quasi optimal solution to this detector layout optimization problem. Both of these algorithms utilize the simulated annealing (SA) algorithm as their optimization engine. In the present paper, an alternative optimization algorithm, namely the genetic algorithm (GA), has been implemented as the optimization engine. The implementation is done within the ADORE algorithm. Results from evaluating the effects of using various mutation rates and crossover parameters are presented in this paper. It has been demonstrated that the algorithm is sufficiently robust in producing similar quality solutions.

Doddy Kastanya

2012-01-01T23:59:59.000Z

476

U-264: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users  

Broader source: Energy.gov (indexed) [DOE]

4: Apple OS X Lets Remote Users Execute Arbitrary Code and 4: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges U-264: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges September 20, 2012 - 6:00am Addthis U-264: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges September 20, 2012 - 6:00am PROBLEM: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges PLATFORM: Apple OS X ABSTRACT: Several vulnerabilities were reported in Apple OS X. reference LINKS: Apple Security Article: HT5501 SecurityTracker Alert ID: 1027551 CVE-2012-0650 CVE-2012-3716 CVE-2012-3718 CVE-2012-3719 CVE-2012-3720 CVE-2012-3721 CVE-2012-3722 CVE-2012-3723 IMPACT ASSESSMENT: Medium Discussion: If the DirectoryService Proxy is used, a remote user can trigger a buffer

477

U-264: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users  

Broader source: Energy.gov (indexed) [DOE]

4: Apple OS X Lets Remote Users Execute Arbitrary Code and 4: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges U-264: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges September 20, 2012 - 6:00am Addthis U-264: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges September 20, 2012 - 6:00am PROBLEM: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges PLATFORM: Apple OS X ABSTRACT: Several vulnerabilities were reported in Apple OS X. reference LINKS: Apple Security Article: HT5501 SecurityTracker Alert ID: 1027551 CVE-2012-0650 CVE-2012-3716 CVE-2012-3718 CVE-2012-3719 CVE-2012-3720 CVE-2012-3721 CVE-2012-3722 CVE-2012-3723 IMPACT ASSESSMENT: Medium Discussion: If the DirectoryService Proxy is used, a remote user can trigger a buffer

478

U-063: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

3: RSA SecurID Software Token for Windows DLL Loading Error 3: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote Users Execute Arbitrary Code U-063: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote Users Execute Arbitrary Code December 16, 2011 - 8:00am Addthis PROBLEM: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote Users Execute Arbitrary Code. PLATFORM: RSA SecurID Software Token 4.1 for Microsoft Windows ABSTRACT: A remote user can cause the target application to execute arbitrary code on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026426 ESA-2011-039 Secunia Advisory: SA45665 Securityfocus Advisory CVE-2011-4141 RSA Online Fraud Resource Center IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in RSA SecurID Software Token. A remote user

479

U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service  

Broader source: Energy.gov (indexed) [DOE]

07: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny 07: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service U-107: Cisco NX-OS IP Packet Processing Flaw Lets Remote Users Deny Service February 21, 2012 - 6:00am Addthis PROBLEM: A vulnerability was reported in Cisco NX-OS. A remote user can cause denial of service conditions. PLATFORM: Nexus 1000v, 5000, and 7000 Series Switches ABSTRACT: A remote user can send a specially crafted IP packet to cause the target device to reload. reference LINKS: Cisco Advisory SecurityTracker Alert ID:1026692 CVE-2012-0352 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Cisco NX-OS. A remote user can cause denial of service conditions. A remote user can send a specially crafted IP packet to cause the target device to reload. The vulnerability occurs when the device attepts to obtain Layer 4 (e.g.,

480

U-063: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

63: RSA SecurID Software Token for Windows DLL Loading Error 63: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote Users Execute Arbitrary Code U-063: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote Users Execute Arbitrary Code December 16, 2011 - 8:00am Addthis PROBLEM: RSA SecurID Software Token for Windows DLL Loading Error Lets Remote Users Execute Arbitrary Code. PLATFORM: RSA SecurID Software Token 4.1 for Microsoft Windows ABSTRACT: A remote user can cause the target application to execute arbitrary code on the target user's system. reference LINKS: SecurityTracker Alert ID: 1026426 ESA-2011-039 Secunia Advisory: SA45665 Securityfocus Advisory CVE-2011-4141 RSA Online Fraud Resource Center IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in RSA SecurID Software Token. A remote user

Note: This page contains sample records for the topic "layout bug lets" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

T-591: VMware vmrun Utility Lets Local Users Gain Elevated Privileges |  

Broader source: Energy.gov (indexed) [DOE]

1: VMware vmrun Utility Lets Local Users Gain Elevated 1: VMware vmrun Utility Lets Local Users Gain Elevated Privileges T-591: VMware vmrun Utility Lets Local Users Gain Elevated Privileges March 30, 2011 - 3:05pm Addthis PROBLEM: A vulnerability was reported in VMware. A local user can obtain elevated privileges on the target system. PLATFORM: VMware Workstation 6.5.5 and 7.1.3 and prior; VIX API for Linux 1.10.2 and prior ABSTRACT: The VMware vmrun utility is susceptible to a local privilege escalation in non-standard configurations. reference LINKS: VM Advisory ID:VMSA-2011-0006 Secunia Advisory: SA43885 SecurityTracker Alert ID: 1025270 CVE-2011-1126 VM Post IMPACT ASSESSMENT: Medium Discussion: A security issue has been reported in VMware Workstation, which can be exploited by malicious, local users to gain potentially escalated

482

LET is a Critical Factor in Accelerating Development of Lymphoma in  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

is a Critical Factor in Accelerating Development of Lymphoma in is a Critical Factor in Accelerating Development of Lymphoma in Irradiated Bax Transgenic C57/B6 Mice James Jacobus University of Iowa Abstract A major risk during exposure to both low and high linear energy transfer (LET) radiation is the development of lymphoma. Both occupationally and therapeutically exposed individuals are at risk for lymphoma development induced by low LET radiation, while deeply penetrating high LET radiation is a significant concern for those planning and undertaking long duration missions in space where a high degree of uncertainty on actual risk exists due to the lack of epidemiologically-based datasets. The C57/B6 transgenic mice used in this study have been genetically engineered to possess either one (Bax 1) or two (Bax 38/1) extra copies of

483

T-573: Windows Remote Desktop Client DLL Loading Error Lets Remote Users  

Broader source: Energy.gov (indexed) [DOE]

3: Windows Remote Desktop Client DLL Loading Error Lets Remote 3: Windows Remote Desktop Client DLL Loading Error Lets Remote Users Execute Arbitrary Code T-573: Windows Remote Desktop Client DLL Loading Error Lets Remote Users Execute Arbitrary Code March 9, 2011 - 3:05pm Addthis PROBLEM: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution. PLATFORM: Remote Desktop Connection Client Version(s): 5.2, 6.0, 6.1, 7.0 ABSTRACT: A vulnerability was reported in Windows Remote Desktop Client. A remote user can cause arbitrary code to be executed on the target user's system. reference LINKS: Microsoft Security Bulletin MS11-017 SecurityTracker Alert ID:1025172 CVE-2011-0029 IMPACT ASSESSMENT: Moderate Discussion: A remote user can create a specially crafted DLL file on a remote share (e.g., WebDAV, SMB share). When the target user opens a valid Remote

484

INFOGRAPHIC: Let's Get to Work on Solar Soft Costs | Department of Energy  

Broader source: Energy.gov (indexed) [DOE]

INFOGRAPHIC: Let's Get to Work on Solar Soft Costs INFOGRAPHIC: Let's Get to Work on Solar Soft Costs INFOGRAPHIC: Let's Get to Work on Solar Soft Costs December 2, 2013 - 1:00pm Addthis Learn how soft costs are contributing to the price of solar energy systems in the United States. Learn more about what the Energy Department is doing to lower soft costs and increase deployment of solar energy systems. | Infographic by SunShot Learn how soft costs are contributing to the price of solar energy systems in the United States. Learn more about what the Energy Department is doing to lower soft costs and increase deployment of solar energy systems. | Infographic by SunShot Addthis Related Articles Soft costs now account for more than 60% of the total price of installing residential solar energy systems. View the full infographic to learn more.

485

V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets |  

Broader source: Energy.gov (indexed) [DOE]

7: IBM Lotus Notes Mail Client Lets Remote Users Execute Java 7: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets May 2, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in IBM Lotus Notes PLATFORM: IBM Notes 8.0.x, 8.5.x, 9.0 ABSTRACT: A remote user can cause Java applets to be executed on the target user's system REFERENCE LINKS: Security Tracker Alert ID 1028504 IBM Security Bulletin 1633819 CVE-2013-0127 CVE-2013-0538 IMPACT ASSESSMENT: Medium DISCUSSION: The mail client does not filter 'applet' and 'javascript' tags in HTML-based email messages. A remote user can send a specially crafted email message that, when loaded by the target user, will execute arbitrary Java code on the target system. The code will run with the privileges of the

486

V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

5: Cisco Mobility Services Engine Configuration Error Lets 5: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously V-235: Cisco Mobility Services Engine Configuration Error Lets Remote Users Login Anonymously September 5, 2013 - 12:33am Addthis PROBLEM: A vulnerability was reported in Cisco Mobility Services Engine. A remote user can login anonymously. PLATFORM: Cisco Mobility Services Engine ABSTRACT: A vulnerability in Cisco Mobility Services Engine could allow an unauthenticated, remote attacker to connect to a database replication port anonymously via Secure Sockets Layer (SSL). REFERENCE LINKS: SecurityTracker Alert ID: 1028972 CVE-2013-3469 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is due to the misconfiguration of the Oracle SSL service. An attacker could exploit this vulnerability by connecting to an

487

V-058: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets  

Broader source: Energy.gov (indexed) [DOE]

8: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw 8: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets Remote Users Execute Arbitrary Code V-058: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets Remote Users Execute Arbitrary Code December 31, 2012 - 6:58am Addthis PROBLEM: Microsoft Internet Explorer CDwnBindInfo Object Reuse Flaw Lets Remote Users Execute Arbitrary Code PLATFORM: Version(s): 6, 7, 8 ABSTRACT: A vulnerability was reported in Microsoft Internet Explorer. A remote user can cause arbitrary code to be executed on the target user's system. REFERENCE LINKS: SecurityTracker Alert ID: 1027930 Secunia Advisory SA51695 CVE-2012-4792 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory corruption error and execute arbitrary

488

U-140: HP-UX Unspecified Flaw in DCE Lets Remote Users Execute Arbitrary  

Broader source: Energy.gov (indexed) [DOE]

U-140: HP-UX Unspecified Flaw in DCE Lets Remote Users Execute U-140: HP-UX Unspecified Flaw in DCE Lets Remote Users Execute Arbitrary Code U-140: HP-UX Unspecified Flaw in DCE Lets Remote Users Execute Arbitrary Code April 4, 2012 - 7:15am Addthis PROBLEM: A vulnerability was reported in HP-UX PLATFORM: Version(s): 11.11, 11.23; running DCE ABSTRACT: A remote user can execute arbitrary code on the target system. A remote user can send specially crafted data to execute arbitrary code on the target system. The code will run with the privileges of the target service. Reference LINKS: Vendor Advisory Security Tracker ID 1026885 CVE-2012-0131 IMPACT ASSESSMENT: High Discussion: A potential security vulnerability has been identified in HP-UX running DCE. The vulnerability could be exploited remotely to create a Denial of Service (DoS).

489

V-011: IBM Tivoli Monitoring Web Server HTTP TRACE/TRACK Support Lets  

Broader source: Energy.gov (indexed) [DOE]

1: IBM Tivoli Monitoring Web Server HTTP TRACE/TRACK Support 1: IBM Tivoli Monitoring Web Server HTTP TRACE/TRACK Support Lets Remote Users Obtain Potentially Sensitive Information V-011: IBM Tivoli Monitoring Web Server HTTP TRACE/TRACK Support Lets Remote Users Obtain Potentially Sensitive Information October 26, 2012 - 6:00am Addthis PROBLEM: IBM Tivoli Monitoring Web Server HTTP TRACE/TRACK Support Lets Remote Users Obtain Potentially Sensitive Information PLATFORM: Software version: 6.2.3, 6.2.3.1 ABSTRACT: A vulnerability was reported in IBM Tivoli Monitoring. REFERENCE LINKS: IBM Support Document: 1614003 IBM Support Portal SecurityTracker Alert ID: 1027692 IMPACT ASSESSMENT: High DISCUSSION: A remote user may be able to conduct HTTP TRACE and HTTP TRACK attacks to access sensitive information from the HTTP headers.

490

V-060: VLC Media Player Buffer Overflow in HTML Subtitle Parser Lets Remote  

Broader source: Energy.gov (indexed) [DOE]

0: VLC Media Player Buffer Overflow in HTML Subtitle Parser 0: VLC Media Player Buffer Overflow in HTML Subtitle Parser Lets Remote Users Execute Arbitrary Code V-060: VLC Media Player Buffer Overflow in HTML Subtitle Parser Lets Remote Users Execute Arbitrary Code January 2, 2013 - 1:00am Addthis PROBLEM: VLC Media Player Buffer Overflow in HTML Subtitle Parser Lets Remote Users Execute Arbitrary Code PLATFORM: VLC Media Player 2.0.4, possibly earlier versions ABSTRACT: Some vulnerabilities have been reported in VLC Media Player REFERENCE LINKS: SecurityTracker Alert ID: 1027929 Secunia Advisory SA51692 IMPACT ASSESSMENT: Medium DISCUSSION: Some vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to errors when parsing HTML subtitles in

491

U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic | Department of  

Broader source: Energy.gov (indexed) [DOE]

91: cURL Lets Remote Users Decrypt SSL/TLS Traffic 91: cURL Lets Remote Users Decrypt SSL/TLS Traffic U-091: cURL Lets Remote Users Decrypt SSL/TLS Traffic January 30, 2012 - 6:45am Addthis PROBLEM: A vulnerability was reported in cURL. PLATFORM: Linux (Any), UNIX (Any), Windows (Any) : Version(s): 7.10.6 through 7.23.1 ABSTRACT: A remote user can decrypt SSL/TLS sessions in certain cases. reference LINKS: CVE-2011-3389 SecurityTracker Alert ID: 1026587 Vendor Advisory IMPACT ASSESSMENT: Moderate Discussion: A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions. The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows

492

T-648: Avaya IP Office Manager TFTP Server Lets Remote Users Traverse the  

Broader source: Energy.gov (indexed) [DOE]

48: Avaya IP Office Manager TFTP Server Lets Remote Users 48: Avaya IP Office Manager TFTP Server Lets Remote Users Traverse the Directory T-648: Avaya IP Office Manager TFTP Server Lets Remote Users Traverse the Directory June 16, 2011 - 3:45pm Addthis PROBLEM: A vulnerability was reported in Avaya IP Office Manager. A remote user can view files on the target system. PLATFORM: Versions 5.0.x - 6.1.x ABSTRACT: The software does not properly validate user-supplied input. A remote user can supply a specially crafted request to view files on target system running the IP Office Manager software. reference LINKS: ASA-2011-156 SecurityTracker Alert ID: 1025664 Secunia Advisory: SA43884 Avaya Support IMPACT ASSESSMENT: Medium Discussion: Avaya IP Office Manager is an application for viewing and editing an IP Office system's configuration. It can be used to securely connect to and

493

V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain  

Broader source: Energy.gov (indexed) [DOE]

8: HP Service Manager Unspecified Flaw Lets Remote Users Gain 8: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access August 15, 2013 - 1:30am Addthis PROBLEM: A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. PLATFORM: HP Service Manager v9.31, v9.30, v9.21, v7.11, v6.2.8 ABSTRACT: The vulnerabilities are reported in versions 9.31 and prior. REFERENCE LINKS: SecurityTracker Alert ID: 1028912 CVE-2013-4808 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in HP Service Manager. A remote user can gain unauthorized access on the target system. IMPACT: User access via network

494

V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain  

Broader source: Energy.gov (indexed) [DOE]

8: HP Service Manager Unspecified Flaw Lets Remote Users Gain 8: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access V-218: HP Service Manager Unspecified Flaw Lets Remote Users Gain Unauthorized Access August 15, 2013 - 1:30am Addthis PROBLEM: A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. PLATFORM: HP Service Manager v9.31, v9.30, v9.21, v7.11, v6.2.8 ABSTRACT: The vulnerabilities are reported in versions 9.31 and prior. REFERENCE LINKS: SecurityTracker Alert ID: 1028912 CVE-2013-4808 IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in HP Service Manager. A remote user can gain unauthorized access on the target system. IMPACT: User access via network

495

T-617: BIND RPZ Processing Flaw Lets Remote Users Deny Service | Department  

Broader source: Energy.gov (indexed) [DOE]

7: BIND RPZ Processing Flaw Lets Remote Users Deny Service 7: BIND RPZ Processing Flaw Lets Remote Users Deny Service T-617: BIND RPZ Processing Flaw Lets Remote Users Deny Service May 6, 2011 - 7:00am Addthis PROBLEM: A vulnerability has been reported in BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: ISC BIND version 9.8.0. ABSTRACT: When a name server is configured with a response policy zone (RPZ), queries for type RRSIG can trigger a server crash. REFERENCE LINKS: ISC Advisory: CVE-2011-1907 Secunia Advisory: SA44416 Vulnerability Report: ISC BIND CVE-2011-1907 SecurityTracker Alert ID: 1025503 IMPACT ASSESSMENT: High Discussion: This advisory only affects BIND users who are using the RPZ feature configured for RRset replacement. BIND 9.8.0 introduced Response Policy Zones (RPZ), a mechanism for modifying DNS responses returned by a

496

V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets |  

Broader source: Energy.gov (indexed) [DOE]

7: IBM Lotus Notes Mail Client Lets Remote Users Execute Java 7: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets May 2, 2013 - 6:00am Addthis PROBLEM: A vulnerability was reported in IBM Lotus Notes PLATFORM: IBM Notes 8.0.x, 8.5.x, 9.0 ABSTRACT: A remote user can cause Java applets to be executed on the target user's system REFERENCE LINKS: Security Tracker Alert ID 1028504 IBM Security Bulletin 1633819 CVE-2013-0127 CVE-2013-0538 IMPACT ASSESSMENT: Medium DISCUSSION: The mail client does not filter 'applet' and 'javascript' tags in HTML-based email messages. A remote user can send a specially crafted email message that, when loaded by the target user, will execute arbitrary Java code on the target system. The code will run with the privileges of the

497

V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users Deny  

Broader source: Energy.gov (indexed) [DOE]

5: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users 5: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users Deny Service V-225: McAfee Email Gateway SMTP Processing Flaw Lets Remote Users Deny Service August 23, 2013 - 1:26am Addthis PROBLEM: A vulnerability was reported in McAfee Email Gateway. A remote user can cause denial of service conditions. PLATFORM: McAfee Email Gateway (MEG) 7.5 ABSTRACT: A remote user can cause the SMTP proxy to stop responding. REFERENCE LINKS: SecurityTracker Alert ID: 1028941 GENERIC-MAP-NOMATCH IMPACT ASSESSMENT: High DISCUSSION: A vulnerability was reported in McAfee Email Gateway. A remote user can cause denial of service conditions.A remote user can send a specially crafted e-mail to cause the ws_inv-smtp process to enter an infinite loop and cause the target SMTP proxy to stop responding.

498

U-243: libvirt virTypedParameterArrayClear() Memory Access Error Lets  

Broader source: Energy.gov (indexed) [DOE]

3: libvirt virTypedParameterArrayClear() Memory Access Error 3: libvirt virTypedParameterArrayClear() Memory Access Error Lets Remote Users Deny Service U-243: libvirt virTypedParameterArrayClear() Memory Access Error Lets Remote Users Deny Service August 24, 2012 - 7:00am Addthis PROBLEM: libvirt virTypedParameterArrayClear() Memory Access Error Lets Remote Users Deny Service PLATFORM: Version(s): 0.9.13 and prior ABSTRACT: A vulnerability was reported in libvirt. reference LINKS: libvirt SecurityTracker Alert ID: 1027437 Secunia Advisory SA50118 Bugtraq ID: 54748 CVE-2012-3445 IMPACT ASSESSMENT: Medium Discussion A remote user can send a specially crafted RPC call with the number of parameters set to zero to libvirtd to trigger a memory access error in virTypedParameterArrayClear() and cause the target service to crash. Impact:

499

LET and gender are critical factors in accelerating development of lymphoma  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

and gender are critical factors in accelerating development of lymphoma and gender are critical factors in accelerating development of lymphoma in irradiated Bax transgenic C57Bl/6 mice James A. Jacobus The University of Iowa Abstract Humans are exposed to sparsely ionizing (low LET) radiation from environmental sources and radiotherapy as well as densely ionizing (high LET) radiation during radiotherapy and from cosmic radiations, particularly during space travel. To test the hypothesis that defects in mitochondrial metabolism leading to increased ROS levels could alter responses to radiation, lymphoma-prone C57Bl/6 mice over expressing the mitochondrial-acting Bax protein in thymocytes (which demonstrate increased steady-state levels of superoxide; FRBM 44: 1677-1686, 2008) were irradiated with both low and high LET radiations and the onset of tumor

500

V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote  

Broader source: All U.S. Department of Energy (DOE) Office Webpages (Extended Search)

8: RealPlayer Buffer Overflow and Memory Corruption Error Let 8: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code August 27, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities were reported in RealPlayer PLATFORM: RealPlayer 16.0.2.32 and prior ABSTRACT: A remote user can cause arbitrary code to be executed on the target user's system REFERENCE LINKS: Security Tracker Alert ID 1028953 RealNetworks Security Bulletin CVE-2013-4973 CVE-2013-4974 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can create a specially crafted RMP file that, when loaded by the target user, will trigger a stack overflow and execute arbitrary code on the target system. A remote user can create a specially crafted RealMedia file that, when