Powered by Deep Web Technologies
Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


1

U-098: ISC BIND Deleted Domain Name Resolving Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

098: ISC BIND Deleted Domain Name Resolving Vulnerability 098: ISC BIND Deleted Domain Name Resolving Vulnerability U-098: ISC BIND Deleted Domain Name Resolving Vulnerability February 8, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: ISC BIND 9.2.x ISC BIND 9.3.x ISC BIND 9.4.x ISC BIND 9.5.x ISC BIND 9.6.x ISC BIND 9.7.x ISC BIND 9.8.x ABSTRACT: The vulnerability is caused due to an error within the cache update policy. reference LINKS: Original Advisory Secunia Advisory SA47884 CVE-2012-1033 IMPACT ASSESSMENT: High Discussion: Researchers discovered a vulnerability affecting the large majority of popular DNS implementations which allows a malicious domain name to stay resolvable long after it has been removed from the upper level servers. The

2

Argonne's Vulnerability  

NLE Websites -- All DOE Office Websites (Extended Search)

finding finding and fixing security flaws Argonne's Vulnerability assessment Team VAT researchers spend their workdays devising and demonstrating ways to defeat a wide variety of security devices, systems, and programs, ranging from electronic voting machines and global positioning systems (GPS) to nuclear safeguards programs and biometrics-based access control. This involves analyzing the security features, reverse-engineering the technology or

3

V-131: Adobe Shockwave Player Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Adobe Shockwave Player Multiple Vulnerabilities 1: Adobe Shockwave Player Multiple Vulnerabilities V-131: Adobe Shockwave Player Multiple Vulnerabilities April 11, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Adobe Shockwave Player PLATFORM: The vulnerabilities are reported in versions 12.0.0.112 and prior ABSTRACT: This update addresses vulnerabilities that could allow an attacker to run malicious code on the affected system REFERENCE LINKS: Secunia Advisory: SA52981 Adobe Security Bulletin CVE-2013-1383 CVE-2013-1384 CVE-2013-1385 CVE-2013-1386 IMPACT ASSESSMENT: High DISCUSSION: This update resolves : 1) A buffer overflow vulnerability that could lead to code execution 2) Memory corruption vulnerabilities that could lead to code execution 3) Memory leakage vulnerability that could be exploited to reduce the

4

NSTB Summarizes Vulnerable Areas  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

NSTB Summarizes Vulnerable Areas NSTB Summarizes Vulnerable Areas Commonly Found in Energy Control Systems Experts at the National SCADA Test Bed (NSTB) discovered some common areas of vulnerability in the energy control systems assessed between late 2004 and early 2006. These vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. The paper "Lessons Learned from Cyber Security Assessments of SCADA and Energy Management Systems" describes the vulnerabilities and recommended strategies for mitigating them. It should be of use to asset owners and operators, control system vendors, system integrators, and third-party vendors interested in enhancing the security characteristics of current and future products.

5

V-123: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability 3: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability V-123: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability April 1, 2013 - 1:26am Addthis PROBLEM: VMware ESX / ESXi libxml2 Buffer Underflow Vulnerability PLATFORM: VMware ESX Server 4.x VMware ESXi 4.x VMware ESXi 5.x ABSTRACT: A vulnerability has been reported in VMware ESX and ESXi REFERENCE LINKS: VMware ESXi security update Secunia Advisory SA52844 CVE-2012-5134 IMPACT ASSESSMENT: High DISCUSSION: The ESXi userworld libxml2 library has been updated to resolve a security issue IMPACT: VMware ESX and ESXi can be exploited by malicious people to compromise a vulnerable system SOLUTION: The vendor has issued a fix, VMware ESXi 5.0, Patch Release ESXi500-201303001 (2044373) Addthis Related Articles U-128: VMware ESX/ESXi Buffer Overflow and Null Pointer Dereference Lets

6

Philosophy on Vulnerability Assessments  

NLE Websites -- All DOE Office Websites (Extended Search)

capabilities/vat/assess/ capabilities/vat/assess/ ARGONNE NATIONAL LABORATORY, Nuclear Engineering Division, 9700 South Cass Ave., Argonne, IL Philosophy on Vulnerability Assessments Argonne Vulnerability Assessment Team Roger G. Johnston, Ph.D., CPP , 630-252-6168 1. There are a number of conventional tools for finding security vulnerabilities. These include security surveys, risk management, design basis threat, CARVER Method, Delphi Method, software vulnerability assessment tools, infrastructure modeling, etc. 2. These tools have some value, and indeed we have used them all. 3. Experience has shown, however, that these methods do not usually result in dramatic improvements to security, nor do they reliably predict catastrophic security incidents that

7

The Laws of Vulnerabilities: Which security vulnerabilities really matter?  

Science Journals Connector (OSTI)

New security vulnerabilities are discovered on a daily basis. With each new announcement, the same questions arise. How significant is this vulnerability? How prevalent? How easy is it to exploit? Due to a lack of global vulnerability data, answers are ...

Gerhard Eschelbeck

2005-01-01T23:59:59.000Z

8

Ecosystem Vulnerability Assessment - Patterns of Climate Change...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Ecosystem Vulnerability Assessment - Patterns of Climate Change Vulnerability in the Southwest Ecosystem Vulnerability Assessment - Patterns of Climate Change Vulnerability in the...

9

Are markets for vulnerabilities effective?  

Science Journals Connector (OSTI)

Current reward structures in security vulnerability disclosure may be skewed toward benefitting nefarious usage of vulnerability information rather than responsible disclosure. Recently suggested market-based mechanisms offer incentives to responsible ... Keywords: information security, information technology policy, vulnerability disclosure

Sam Ransbotham; Sabyaschi Mitra; Jon Ramsey

2012-03-01T23:59:59.000Z

10

Analyses Of Two End-User Software Vulnerability Exposure Metrics  

SciTech Connect

The risk due to software vulnerabilities will not be completely resolved in the near future. Instead, putting reliable vulnerability measures into the hands of end-users so that informed decisions can be made regarding the relative security exposure incurred by choosing one software package over another is of importance. To that end, we propose two new security metrics, average active vulnerabilities (AAV) and vulnerability free days (VFD). These metrics capture both the speed with which new vulnerabilities are reported to vendors and the rate at which software vendors fix them. We then examine how the metrics are computed using currently available datasets and demonstrate their estimation in a simulation experiment using four different browsers as a case study. Finally, we discuss how the metrics may be used by the various stakeholders of software and to software usage decisions.

Jason L. Wright; Miles McQueen; Lawrence Wellman

2012-08-01T23:59:59.000Z

11

Energy vulnerability relationships  

SciTech Connect

The US consumption of crude oil resources has been a steadily growing indicator of the vitality and strength of the US economy. At the same time import diversity has also been a rapidly developing dimension of the import picture. In the early 1970`s, embargoes of crude oil from Organization of Producing and Exporting Countries (OPEC) created economic and political havoc due to a significant lack of diversity and a unique set of economic, political and domestic regulatory circumstances. The continued rise of imports has again led to concerns over the security of our crude oil resource but threats to this system must be considered in light of the diversity and current setting of imported oil. This report develops several important issues concerning vulnerability to the disruption of oil imports: (1) The Middle East is not the major supplier of oil to the United States, (2) The US is not vulnerable to having its entire import stream disrupted, (3) Even in stable countries, there exist vulnerabilities to disruption of the export stream of oil, (4) Vulnerability reduction requires a focus on international solutions, and (5) DOE program and policy development must reflect the requirements of the diverse supply. Does this increasing proportion of imported oil create a {open_quotes}dependence{close_quotes}? Does this increasing proportion of imported oil present a vulnerability to {open_quotes}price shocks{close_quotes} and the tremendous dislocations experienced during the 1970`s? Finally, what is the vulnerability of supply disruptions from the current sources of imported oil? If oil is considered to be a finite, rapidly depleting resource, then the answers to these questions must be {open_quotes}yes.{close_quotes} However, if the supply of oil is expanding, and not limited, then dependence is relative to regional supply sources.

Shaw, B.R.; Boesen, J.L.

1998-02-01T23:59:59.000Z

12

Plutonium Vulnerability Management Plan  

SciTech Connect

This Plutonium Vulnerability Management Plan describes the Department of Energy`s response to the vulnerabilities identified in the Plutonium Working Group Report which are a result of the cessation of nuclear weapons production. The responses contained in this document are only part of an overall, coordinated approach designed to enable the Department to accelerate conversion of all nuclear materials, including plutonium, to forms suitable for safe, interim storage. The overall actions being taken are discussed in detail in the Department`s Implementation Plan in response to the Defense Nuclear Facilities Safety Board (DNFSB) Recommendation 94-1. This is included as Attachment B.

NONE

1995-03-01T23:59:59.000Z

13

V-197: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability |  

NLE Websites -- All DOE Office Websites (Extended Search)

7: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability 7: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability V-197: Adobe ColdFusion 10 WebSockets Security Bypass Vulnerability July 11, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Adobe ColdFusion PLATFORM: The vulnerability is reported in version 10 for Windows, Macintosh, and Linux ABSTRACT: The vulnerability is caused due to an unspecified error and can be exploited to invoke public methods on ColdFusion Components (CFC) using WebSockets REFERENCE LINKS: Secunia Advisory SA54024 Adobe Security Bulletin APSB13-19 Stackoverflow.com CVE-2013-3350 IMPACT ASSESSMENT: High DISCUSSION: The hotfix resolves a vulnerability that could permit an attacker to invoke public methods on ColdFusion Components (CFC) using WebSockets IMPACT: Security Bypass

14

Vulnerability Analysis of Energy Delivery Control Systems  

Energy Savers (EERE)

services and applications * Known vulnerabilities are mitigated through effective patch management and removal of unneeded applications and services. New vulnerabilities in...

15

MAPPING CLIMATE CHANGE EXPOSURES, VULNERABILITIES,  

E-Print Network (OSTI)

MAPPING CLIMATE CHANGE EXPOSURES, VULNERABILITIES, AND ADAPTATION TO PUBLIC HEALTH RISKS's California Climate Change Center JULY 2012 CEC5002012041 Prepared for: California Energy Commission of California. #12; ii ABSTRACT This study reviewed first available frameworks for climate change adaptation

16

Handbook of the Vulnerable Plaque  

Science Journals Connector (OSTI)

...predominantly a secondary phenomenon; the true culprit in unstable ischemic heart disease is rupture of the underlying vulnerable atherosclerotic plaque. Handbook of the Vulnerable Plaque was edited by two distinguished leaders in interventional cardiology, Patrick Serruys and Ron Waksman. They assembled a who's... Angiographic observations in the early 1980s confirmed that acute coronary thrombosis was the proximate cause of acute myocardial infarction — seminal studies that led to revolutionary treatments for the recanalization of occluded vessels. However, during ...

Goldstein J.

2005-06-02T23:59:59.000Z

17

Are Vulnerability Disclosure Deadlines Justified?  

SciTech Connect

Vulnerability research organizations Rapid7, Google Security team, and Zero Day Initiative recently imposed grace periods for public disclosure of vulnerabilities. The grace periods ranged from 45 to 182 days, after which disclosure might occur with or without an effective mitigation from the affected software vendor. At this time there is indirect evidence that the shorter grace periods of 45 and 60 days may not be practical. However, there is strong evidence that the recently announced Zero Day Initiative grace period of 182 days yields benefit in speeding up the patch creation process, and may be practical for many software products. Unfortunately, there is also evidence that the 182 day grace period results in more vulnerability announcements without an available patch.

Miles McQueen; Jason L. Wright; Lawrence Wellman

2011-09-01T23:59:59.000Z

18

CLIMATE CHANGE IMPACTS, VULNERABILITIES, AND  

E-Print Network (OSTI)

CLIMATE CHANGE IMPACTS, VULNERABILITIES, AND ADAPTATION IN THE SAN FRANCISCO BAY AREA Commission's California Climate Change Center JULY 2012 CEC5002012071 Prepared for: California Energy, as well as projections of future changes in climate based on modeling studies using various plausible

19

Threat Insight Quarterly Vulnerability Management  

E-Print Network (OSTI)

X-Force ® Threat Insight Quarterly Vulnerability Management July 2006 #12;X - F O R C E T H R E.................. 7 X-Force Catastrophic Risk Index.............................. 10 Future X-Force Threat Insight Introduction There is a wide range of threats that can exist in any network. The presence of unpatched

20

Safeguarding Children and Vulnerable Adults Introduction  

E-Print Network (OSTI)

Safeguarding Children and Vulnerable Adults Introduction The University is expected and has a responsibility to take appropriate steps to safeguard children and vulnerable adults who are on University · Safeguarding:"Institutionshaveanenhanceddutytowardschildren,andsafeguardingispartofthatcommon-lawdutyof care

Aickelin, Uwe

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


21

Vulnerability Assessment Team (VAT) - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Vulnerability Assessment Team Vulnerability Assessment Team VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

22

V-211: IBM iNotes Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

IBM iNotes has two cross-site scripting vulnerabilities and an ActiveX Integer overflow vulnerability

23

Economic vulnerability to Peak Oil  

Science Journals Connector (OSTI)

Abstract Peak Oil, which refers to the maximum possible global oil production rate, is increasingly gaining attention in both science and policy discourses. However, little is known about how this phenomenon will impact economies, despite its apparent imminence and potential dangers. In this paper, we construct a vulnerability map of the U.S. economy, combining two approaches for analyzing economic systems, i.e. input–output analysis and social network analysis (applied to economic data). Our approach reveals the relative importance of individual economic sectors, and how vulnerable they are to oil price shocks. As such, our dual-analysis helps identify which sectors, due to their strategic position, could put the entire U.S. economy at risk from Peak Oil. For the U.S., such sectors would include Iron Mills, Fertilizer Production and Transport by Air. Our findings thus provide early warnings to downstream companies about potential ‘trouble’ in their supply chain, and inform policy action for Peak Oil. Although our analysis is embedded in a Peak Oil narrative, it is just as valid and useful in the context of developing a climate roadmap toward a low carbon economy.

Christian Kerschner; Christina Prell; Kuishuang Feng; Klaus Hubacek

2013-01-01T23:59:59.000Z

24

Assessing Climate Change Impacts, Vulnerability and Adaptation...  

Open Energy Info (EERE)

The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan...

25

U-198: IBM Lotus Expeditor Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

The vulnerabilities can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system..

26

Time-Resolved  

NLE Websites -- All DOE Office Websites (Extended Search)

Time-Resolved Time-Resolved Time-Resolved Print Of the four fundamental parameters that we use to perceive the physical world (energy, momentum, position, and time) three correspond to the three broad categories of synchrotron experimental measurement techniques: spectroscopy (energy), scattering (momentum), and imaging (position). The fourth parameter-time-can in principle be applied to all the techniques. At the ALS, many experiments can be carried out in real time, with data being recorded from the same sample as it changes over time. Some time-resolved experiments take advantage of the pulsed nature of the ALS's synchrotron radiation, which, like a strobe light, can capture a series of "snapshots" of a process that, when viewed sequentially, show us how a given process evolves over time. Other experiments simply require two pulses: one to "pump" energy into the sample system and a second to probe the system's excited state.

27

Resolving Water's Electrical Properties | EMSL  

NLE Websites -- All DOE Office Websites (Extended Search)

Resolving Water's Electrical Properties Resolving Water's Electrical Properties Team ends long-standing confusion about modeling water's electrons The team's work appears on the...

28

Detecting Network Vulnerabilities Through Graph Theoretical Methods  

E-Print Network (OSTI)

benchmark power networks. 1 Introduction The electric power grid network is susceptible to power outages of our work is power networks, our techniques are applicable to other systems such as the transportation vulnerabilities in power networks is an important prob- lem, as even a small number of vulnerable connections can

Geddes, Cameron Guy Robinson

29

Vulnerability Take Grant (VTG): An efficient approach to analyze network vulnerabilities  

Science Journals Connector (OSTI)

Modeling and analyzing information system vulnerabilities help predict possible attacks to computer networks using vulnerabilities information and the network configuration. In this paper, we propose a comprehensive approach to analyze network vulnerabilities in order to answer the safety problem focusing on vulnerabilities. The approach which is called Vulnerability Take Grant (VTG) is a graph-based model consists of subject/objects as nodes and rights/relations as edges to represent the system protection state. Each node may have properties including single vulnerabilities such as buffer overflow. We use the new concept of vulnerability rewriting rule to specify the requirements and consequences of exploiting vulnerabilities. Analysis of the model is achieved using our bounded polynomial algorithm, which generates the most permissive graph in order to verify whether a subject can obtain an access right over an object. The algorithm also finds the likely attack scenarios. Applicability of the approach is investigated by modeling widespread vulnerabilities in their general patterns. A real network is modeled as a case study in order to examine how an attacker can gain unauthorized access via exploiting the chain of vulnerabilities. Our experience shows the efficiency, applicability, and expressiveness in modeling a broader range of vulnerabilities in our approach in comparison to the previous approaches.

Hamid Reza Shahriari; Rasool Jalili

2007-01-01T23:59:59.000Z

30

Using vulnerability assessments to design facility safeguards and security systems  

SciTech Connect

The Weapons Complex Reconfiguration (WCR) Program is meant to prepare the Department of Energy (DOE) weapons complex to meet the needs of the next century through construction of now facilities or upgrades-in-place at existing facilities. This paper describes how a vulnerability (VA) was used to identify potential S&S features for the conceptual design for a plutonium storage facility as part of the WCR Program. We distinguish those features of the design that need to be investigated at the conceptual stage from those that can be evaluated later. We also examined what protection features may allow reduced S&S operating costs, with the main focus on protective force costs. While some of these concepts hold the promise for significantly reducing life-cycle protective force costs, their use depends on resolving long-standing tradeoffs between S&S and safety, which are discussed in the study.

Snell, M.; Jaeger, C.

1994-08-01T23:59:59.000Z

31

T-730: Vulnerability in Citrix Provisioning Services could result...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution T-730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code...

32

T-565: Vulnerability in Microsoft Malware Protection Engine Could...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of...

33

Common Cyber Security Vulnerabilities Observed in Control System...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Common Cyber Security Vulnerabilities Observed in Control System Assessments by the INL NSTB Program Common Cyber Security Vulnerabilities Observed in Control System Assessments by...

34

Locating Climate Insecurity: Where Are the Most Vulnerable Places...  

Open Energy Info (EERE)

Insecurity: Where Are the Most Vulnerable Places in Africa? Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Locating Climate Insecurity: Where Are the Most Vulnerable...

35

Useful Resources- Vulnerability Assessment Team - Nuclear Engineering  

NLE Websites -- All DOE Office Websites (Extended Search)

Selected Publications Selected Publications VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

36

Definitions, Seals - Vulnerability Assessment Team - Nuclear Engineering  

NLE Websites -- All DOE Office Websites (Extended Search)

Definitions Definitions VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

37

Safety - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Safety Safety VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

38

Safeguarding Children and Vulnerable Adults 1. Introduction  

E-Print Network (OSTI)

1 Safeguarding Children and Vulnerable Adults 1. Introduction 2. Definition & Legislation 3. Scope 4. Roles & Responsibilities 5. Action Appendix 1 ­ Handling a Safeguarding Case & Contacts as best practice for all safeguarding activity; however, this policy reflects the different practices

Anderson, Jim

39

CDKN-Colombia-Cartagena Vulnerability Assessment | Open Energy Information  

Open Energy Info (EERE)

Cartagena Vulnerability Assessment Cartagena Vulnerability Assessment Jump to: navigation, search Name CDKN-Colombia-Cartagena Vulnerability Assessment Agency/Company /Organization Climate and Development Knowledge Network (CDKN), United Kingdom Department for International Development Sector Climate Topics Background analysis, Low emission development planning, Pathways analysis Website http://resilient-cities.iclei. Country Colombia UN Region South America References CDKN-Colombia-Cartagena Vulnerability Assessment[1] CDKN-Colombia-Cartagena Vulnerability Assessment Screenshot This article is a stub. You can help OpenEI by expanding it. References ↑ "CDKN-Colombia-Cartagena Vulnerability Assessment" Retrieved from "http://en.openei.org/w/index.php?title=CDKN-Colombia-Cartagena_Vulnerability_Assessment&oldid=407543

40

T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow  

NLE Websites -- All DOE Office Websites (Extended Search)

65: Vulnerability in Microsoft Malware Protection Engine Could 65: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability February 25, 2011 - 7:40am Addthis PROBLEM: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability. PLATFORM: Microsoft Malware Protection Engine Last version of the Microsoft Malware Protection Engine affected by this vulnerability: Version 1.1.6502.0 This version is the last version of the Microsoft Malware Protection Engine that is affected by the vulnerability. First version of the Microsoft Malware Protection Engine with this vulnerability addressed:Version 1.1.6603.0 If the version of the Microsoft Malware Protection Engine is equal to or

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


41

T-571: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Linux Kernel dns_resolver Key Processing Error Lets Local 1: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services T-571: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services March 7, 2011 - 3:05pm Addthis PROBLEM: Linux Kernel dns_resolver Key Processing Error Lets Local Users Deny Services. PLATFORM: Linux Kernel 2.6.37 and prior versions ABSTRACT: A vulnerability was reported in the Linux Kernel. A local user can cause denial of service conditions. reference LINKS: SecurityTracker Alert ID:1025162 Latest Stable Kernel CVE-2011-1076 IMPACT ASSESSMENT: High Discussion: When a DNS resolver key is instantiated with an error indication, a local user can attempt to read the key to trigger a null pointer dereference and cause a kernel crash. A local user can cause the target system to crash.

42

Enhancing Energy Infrastructure Resiliency and Addressing Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

Quadrennial Energy Review Task Force Secretariat and Energy Policy and Systems Analysis Staff, U. S. Department of Energy (DOE) Public Meeting on “Enhancing Resilience in Energy Infrastructure and Addressing Vulnerabilities” On Friday, April 11, 2014, at 10 a.m. in room HVC-215 of the U.S. Capitol, the Department of Energy (DOE), acting as the Secretariat for the Quadrennial Energy Review Task Force, will hold a public meeting to discuss and receive comments on issues related to the Quadrennial Energy Review (QER). The meeting will focus on infrastructure vulnerabilities related to the electricity, natural gas and petroleum transmission, storage and distribution systems (TS&D). The meeting will consist of two facilitated panels of experts on identifying and addressing vulnerabilities within the nation’s energy TS&D infrastructure. Following the panels, an opportunity will be provided for public comment via an open microphone session. The meeting will be livestreamed at energy.gov/live

43

Analysis of vulnerability to facebook users  

Science Journals Connector (OSTI)

Facebook, the largest social network nowadays currently has 901 million active users, with 526 million of them accessing the system daily. With a very rapid growth, Facebook has become a potential site for the collection of personal information by unauthorized ... Keywords: exposure, facebook, social networks, vulnerability

Michelle Hanne; Cristiano Silva; Jussara Almeida; Marcos Gonçalves

2012-10-01T23:59:59.000Z

44

WATER AND ENERGY SECTOR VULNERABILITY TO CLIMATE  

E-Print Network (OSTI)

WATER AND ENERGY SECTOR VULNERABILITY TO CLIMATE WARMING IN THE SIERRA NEVADA: Water Year explores the sensitivity of water indexing methods to climate change scenarios to better understand how water management decisions and allocations will be affected by climate change. Many water management

45

Fragile Networks: Identifying Vulnerabilities and Synergies  

E-Print Network (OSTI)

, Efficiency Measurement, and Vulnerability Analysis · Part II: Applications and Extensions · Part III: Mergers the foundations for transportation and logistics, for communication, energy provision, social interactions that underlie our societies and economies are large-scale and complex in nature, they are liable to be faced

Nagurney, Anna

46

T-566: Citrix Secure Gateway Unspecified Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Citrix Secure Gateway Unspecified Vulnerability 6: Citrix Secure Gateway Unspecified Vulnerability T-566: Citrix Secure Gateway Unspecified Vulnerability February 28, 2011 - 11:22pm Addthis PROBLEM: Citrix Secure Gateway Unspecified Vulnerability. PLATFORM: Citrix Secure Gateway version 3.1.4 ABSTRACT: A vulnerability has been reported in Citrix Secure Gateway, which can be exploited by malicious people to compromise a vulnerable system. reference LINKS: Citrix ID:CTX128168 Secunia Advisory SA43497 Citrix Support IMPACT ASSESSMENT: High Discussion: This vulnerability only affects Secure Gateway version 3.1.4. Secure Gateway version 3.2.0 is not affected by this vulnerability, but Citrix recommends that customers currently using this version upgrade their deployments to version 3.2.1 in line with the guidance provided in

47

V-038: Google Chrome Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Google Chrome Two Vulnerabilities 8: Google Chrome Two Vulnerabilities V-038: Google Chrome Two Vulnerabilities December 3, 2012 - 1:00am Addthis PROBLEM: Google Chrome Two Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 23.0.1271.95. ABSTRACT: Two vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Stable Channel Update Secunia Advisory SA51447 CVE-2012-5137 CVE-2012-5138 IMPACT ASSESSMENT: High DISCUSSION: Two vulnerabilities have been reported in Google Chrome, where one has an unknown impact and the other can be exploited by malicious people to compromise a user's system. 1) An error exists when handling file paths. 2) A use-after-free error exists when handling media sources. The vulnerabilities are reported in versions prior to 23.0.1271.95. IMPACT:

48

T-597: WordPress Multiple Security Vulnerabilities | Department...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

7: WordPress Multiple Security Vulnerabilities T-597: WordPress Multiple Security Vulnerabilities April 7, 2011 - 5:42am Addthis PROBLEM: WordPress is prone to multiple security...

49

V-041: Red Hat CloudForms Multiple Vulnerabilities | Department...  

Energy Savers (EERE)

V-041: Red Hat CloudForms Multiple Vulnerabilities V-041: Red Hat CloudForms Multiple Vulnerabilities December 6, 2012 - 4:01am Addthis PROBLEM: Red Hat CloudForms Multiple...

50

IVF: characterizing the vulnerability of microprocessor structures to intermittent faults  

Science Journals Connector (OSTI)

With the advancement of CMOS manufacturing process to nano-scale, future shipped microprocessors will be increasingly vulnerable to intermittent faults. Quantitatively characterizing the vulnerability of microprocessor structures to intermittent faults ...

Songjun Pan; Yu Hu; Xiaowei Li

2010-03-01T23:59:59.000Z

51

U-186: IBM WebSphere Sensor Events Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

Some vulnerabilities have unknown impacts and others can be exploited by malicious people to conduct cross-site scripting attacks.

52

U-220: Google Android DNS Resolver Randomization Flaw Lets Remote Users  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Google Android DNS Resolver Randomization Flaw Lets Remote 0: Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache U-220: Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache July 25, 2012 - 7:00am Addthis PROBLEM: Google Android DNS Resolver Randomization Flaw Lets Remote Users Poison the DNS Cache PLATFORM: Version(s): 4.0.4 and prior versions ABSTRACT: A remote user can poison the DNS cache. reference LINKS: IBM Application Security Research Group SecurityTracker Alert ID: 1027291 Bugtraq ID: 523624 CVE-2012-2808 IMPACT ASSESSMENT: Medium Discussion: A vulnerability was reported in Google Android. The res_randomid() function, which bases a return value on the process ID and the current time, is called twice in quick succession. As a result, the effective

53

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June 2012)

54

Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Guide to Critical Infrastructure Protection Cyber Vulnerability Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment This document describes a customized process for cyber vulnerability assessment in compliance with the Critical Infrastructure Protection standards adopted by the North American Electric Reliability Corporation in 2006. This guide covers the planning, execution, and reporting process. Guide to Critical Infrastructure Protection Cyber Vulnerability Assessment More Documents & Publications Wireless System Considerations When Implementing NERC Critical Infrastructure Protection Standards New No-Cost ANTFARM Tool Maps Control System Networks to Help Implement Cyber Security Standards "Cybersecurity for State Regulators" - NARUC Primer (June

55

V-050: IBM InfoSphere Information Server Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: IBM InfoSphere Information Server Multiple Vulnerabilities 0: IBM InfoSphere Information Server Multiple Vulnerabilities V-050: IBM InfoSphere Information Server Multiple Vulnerabilities December 19, 2012 - 1:00am Addthis PROBLEM: IBM InfoSphere Information Server Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 9.1. ABSTRACT: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server REFERENCE LINKS: Secunia Advisory SA51605 IBM Support home IBM InfoSphere Information Server, Version 9.1 fix list IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions. 1) An unspecified error exists in the InfoCenter component.

56

U-162: Drupal Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

162: Drupal Multiple Vulnerabilities 162: Drupal Multiple Vulnerabilities U-162: Drupal Multiple Vulnerabilities May 4, 2012 - 7:00am Addthis PROBLEM: Drupal Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in 7.x versions prior to 7.13. ABSTRACT: Several vulnerabilities were reported in Drupal: Denial of Service, Access bypass, and Unvalidated form redirect reference LINKS: Security Advisory: DRUPAL-SA-CORE-2012-002 Bugtraq ID: 53359 Secunia Advisory SA49012 CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591 CVE-2012-2153 MPACT ASSESSMENT: High Discussion: A weakness, a security issue, and multiple vulnerabilities have been reported in Drupal, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

57

T-616: PHP Stream Component Remote Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: PHP Stream Component Remote Denial of Service Vulnerability 6: PHP Stream Component Remote Denial of Service Vulnerability T-616: PHP Stream Component Remote Denial of Service Vulnerability May 5, 2011 - 12:59am Addthis PROBLEM: PHP Stream Component Remote Denial of Service Vulnerability PLATFORM: Ubuntu Linux PHP MandrakeSoft Corporate Server MandrakeSoft Enterprise Server MandrakeSoft Linux Mandrake ABSTRACT: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Versions prior to PHP 5.3.6 are vulnerable. reference LINKS: SecurityFocus IMPACT ASSESSMENT: Medium Discussion: PHP is prone to a remote denial-of-service vulnerability because the proxy server fails to handle certain FTP requests. An attacker can exploit this

58

T-540: Sybase EAServer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

40: Sybase EAServer Multiple Vulnerabilities 40: Sybase EAServer Multiple Vulnerabilities T-540: Sybase EAServer Multiple Vulnerabilities January 24, 2011 - 6:16am Addthis PROBLEM: Sybase EAServer Multiple Vulnerabilities PLATFORM: Sybase EAServer versions 6.3 and prior ABSTRACT: Sybase EAServer is prone to a security-bypass vulnerability and a directory-traversal vulnerability. Attackers may exploit these issues to execute arbitrary code within the context of the application or to disclose sensitive information. Sybase EAServer versions 6.3 and prior are affected. reference LINKS: Bugtraq ID: 45809 SyBase Advisory IMPACT ASSESSMENT: Medium Discussion: Remote exploitation of a design vulnerability in Sybase EAServer could allow an attacker to install arbitrary web services, this condition can result in arbitrary code execution allowing attacker to gain control over

59

Colombia-Cartagena Vulnerability Assessment | Open Energy Information  

Open Energy Info (EERE)

Colombia-Cartagena Vulnerability Assessment Colombia-Cartagena Vulnerability Assessment Jump to: navigation, search Name Colombia-CDKN-Cartagena Vulnerability Assessment Agency/Company /Organization Climate and Development Knowledge Network (CDKN), United Kingdom Department for International Development Sector Climate Topics Background analysis, Low emission development planning, Pathways analysis Website http://resilient-cities.iclei. Country Colombia UN Region South America References CDKN-Colombia-Cartagena Vulnerability Assessment[1] Colombia-CDKN-Cartagena Vulnerability Assessment Screenshot This article is a stub. You can help OpenEI by expanding it. References ↑ "CDKN-Colombia-Cartagena Vulnerability Assessment" Retrieved from "http://en.openei.org/w/index.php?title=Colombia-Cartagena_Vulnerability_Assessment&oldid=699760"

60

T-564: Vulnerabilities in Citrix Licensing administration components |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Vulnerabilities in Citrix Licensing administration 4: Vulnerabilities in Citrix Licensing administration components T-564: Vulnerabilities in Citrix Licensing administration components February 24, 2011 - 7:00am Addthis PROBLEM: Vulnerabilities in Citrix Licensing administration components. PLATFORM: Citrix Licensing Administration Console, formerly known as the License Management Console. ABSTRACT: The vulnerabilities impact all current versions of the Citrix Licensing Administration Console, formerly known as the License Management Console. reference LINKS: Citrix ID:CTX128167 SecurityTracker Alert ID:1025123 Citrix Support IMPACT ASSESSMENT: Medium Discussion: Citrix has been made aware of a number of vulnerabilities in a third-party component that is used by the Citrix Licensing administration console. These vulnerabilities could potentially allow an unauthorized user to gain

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


61

V-050: IBM InfoSphere Information Server Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: IBM InfoSphere Information Server Multiple Vulnerabilities 0: IBM InfoSphere Information Server Multiple Vulnerabilities V-050: IBM InfoSphere Information Server Multiple Vulnerabilities December 19, 2012 - 1:00am Addthis PROBLEM: IBM InfoSphere Information Server Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 9.1. ABSTRACT: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server REFERENCE LINKS: Secunia Advisory SA51605 IBM Support home IBM InfoSphere Information Server, Version 9.1 fix list IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions. 1) An unspecified error exists in the InfoCenter component.

62

U-013: HP Data Protector Multiple Unspecified Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: HP Data Protector Multiple Unspecified Vulnerabilities 3: HP Data Protector Multiple Unspecified Vulnerabilities U-013: HP Data Protector Multiple Unspecified Vulnerabilities October 18, 2011 - 9:00am Addthis PROBLEM: HP Data Protector Multiple Unspecified Vulnerabilities. PLATFORM: HP Data Protector Notebook Extension 6.20; HP Data Protector for Personal Computers 7.0 ABSTRACT: Multiple vulnerabilities were reported in HP Data Protector. A remote user can execute arbitrary code on the target system. reference LINKS: HP Security Document ID: c03054543 SecurityTracker Alert ID: 1026195 Secunia Advisory: SA46468 CVE-2011-3156 CVE-2011-3157 CVE-2011-3158 CVE-2011-3159 CVE-2011-3160 CVE-2011-3161 CVE-2011-3162 IMPACT ASSESSMENT: High Discussion: Potential security vulnerabilities has been identified with HP Data Protector Notebook Extension. These vulnerabilities could be remotely

63

U-162: Drupal Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

62: Drupal Multiple Vulnerabilities 62: Drupal Multiple Vulnerabilities U-162: Drupal Multiple Vulnerabilities May 4, 2012 - 7:00am Addthis PROBLEM: Drupal Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in 7.x versions prior to 7.13. ABSTRACT: Several vulnerabilities were reported in Drupal: Denial of Service, Access bypass, and Unvalidated form redirect reference LINKS: Security Advisory: DRUPAL-SA-CORE-2012-002 Bugtraq ID: 53359 Secunia Advisory SA49012 CVE-2012-1588 CVE-2012-1589 CVE-2012-1590 CVE-2012-1591 CVE-2012-2153 MPACT ASSESSMENT: High Discussion: A weakness, a security issue, and multiple vulnerabilities have been reported in Drupal, which can be exploited by malicious users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

64

T-576: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities 6: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities T-576: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities March 14, 2011 - 3:05pm Addthis PROBLEM: Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to compromise a user's system. PLATFORM: Sun Solaris 10 ABSTRACT: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities. reference LINKS: Secunia Advisory: SA43747 Oracle Sun Advisory: CVE Multiple Vulnerabilities in Adobe Flash Player Secure List: SA43747 Oracle Sun Support Adobe Flash Player for Linux and Solaris IMPACT ASSESSMENT: High Discussion: Oracle has acknowledged multiple vulnerabilities in Solaris, which can be exploited by malicious people to disclose sensitive information, bypass

65

Power grid vulnerability: A complex network approach  

Science Journals Connector (OSTI)

Power grids exhibit patterns of reaction to outages similar to complex networks. Blackout sequences follow power laws as complex systems operating near a critical point. Here the tolerance of electric power grids to both accidental and malicious outages is analyzed in the framework of complex network theory. In particular the quantity known as efficiency is modified by introducing a new concept of distance between nodes. As a result a new parameter called net-ability is proposed to evaluate the performance of power grids. A comparison between efficiency and net-ability is provided by estimating the vulnerability of sample networks in terms of both the metrics.

S. Arianos; E. Bompard; A. Carbone; F. Xue

2009-01-01T23:59:59.000Z

66

Social vulnerability indicators as a sustainable planning tool  

SciTech Connect

In the face of global warming and environmental change, the conventional strategy of resource centralization will not be able to cope with a future of increasingly extreme climate events and related disasters. It may even contribute to inter-regional disparities as a result of these events. To promote sustainable development, this study offers a case study of developmental planning in Chiayi, Taiwan and a review of the relevant literature to propose a framework of social vulnerability indicators at the township level. The proposed framework can not only be used to measure the social vulnerability of individual townships in Chiayi, but also be used to capture the spatial developmental of Chiayi. Seventeen social vulnerability indicators provide information in five dimensions. Owing to limited access to relevant data, the values of only 13 indicators were calculated. By simply summarizing indicators without using weightings and by using zero-mean normalization to standardize the indicators, this study calculates social vulnerability scores for each township. To make social vulnerability indicators more useful, this study performs an overlay analysis of social vulnerability and patterns of risk associated with national disasters. The social vulnerability analysis draws on secondary data for 2012 from Taiwan's National Geographic Information System. The second layer of analysis consists of the flood potential ratings of the Taiwan Water Resources Agency as an index of biophysical vulnerability. The third layer consists of township-level administrative boundaries. Analytical results reveal that four out of the 18 townships in Chiayi not only are vulnerable to large-scale flooding during serious flood events, but also have the highest degree of social vulnerability. Administrative boundaries, on which social vulnerability is based, do not correspond precisely to “cross-administrative boundaries,” which are characteristics of the natural environment. This study adopts an exploratory approach that provides Chiayi and other government agencies with a foundation for sustainable strategic planning for environmental change. The final section offers four suggestions concerning the implications of social vulnerability for local development planning. -- Highlights: • This study proposes a framework of social vulnerability indicators at the township level in Chiayi County, Taiwan. • Seventeen social vulnerability indicators are categorized into four dimensions. • This study performs a three-layer overlay analysis of social vulnerability and natural disaster risk patterns. • 4 out of the 18 townships not only have potential for large-scale flooding, but also high degree of social vulnerability. • This study provides a foundation for sustainable strategic planning to deal with environmental change. • Four suggestions are proposed regarding the implications of social vulnerability for local development planning.

Lee, Yung-Jaan, E-mail: yungjaanlee@gmail.com

2014-01-15T23:59:59.000Z

67

V-090: Adobe Flash Player / AIR Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Adobe Flash Player / AIR Multiple Vulnerabilities 0: Adobe Flash Player / AIR Multiple Vulnerabilities V-090: Adobe Flash Player / AIR Multiple Vulnerabilities February 13, 2013 - 12:14am Addthis PROBLEM: Adobe Flash Player / AIR Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions 11.5.502.149 and prior for Windows and Macintosh Adobe Flash Player versions 11.2.202.262 and prior for Linux Adobe Flash Player versions 11.1.115.37 and prior for Android 4.x Adobe Flash Player versions 11.1.111.32 and prior for Android 3.x and 2.x Adobe AIR versions 3.5.0.1060 and prior Adobe AIR versions 3.5.0.1060 SDK and prior ABSTRACT: Multiple vulnerabilities have been reported in Adobe Flash Player and AIR. REFERENCE LINKS: Vulnerability identifier: APSB13-05 Secunia Advisory SA52166 CVE-2013-0637 CVE-2013-0638 CVE-2013-0639

68

V-059: MoinMoin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: MoinMoin Multiple Vulnerabilities 9: MoinMoin Multiple Vulnerabilities V-059: MoinMoin Multiple Vulnerabilities January 1, 2013 - 5:57am Addthis PROBLEM: MoinMoin Multiple Vulnerabilities PLATFORM: Version(s): MoinMoin 1.x ABSTRACT: Multiple vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to manipulate certain data. REFERENCE LINKS: Secunia Advisory SA51663 CVE-2012-6080 CVE-2012-6081 CVE-2012-6082 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input when handling the AttachFile action is not properly verified before being used to write files. This can be exploited to overwrite arbitrary files via directory traversal sequences. 2) The application allows the upload of files with arbitrary extensions to

69

U-122 Google Chrome Two Code Execution Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2 Google Chrome Two Code Execution Vulnerabilities 2 Google Chrome Two Code Execution Vulnerabilities U-122 Google Chrome Two Code Execution Vulnerabilities March 12, 2012 - 7:00am Addthis PROBLEM: Google Chrome Two Code Execution Vulnerabilities PLATFORM: Google Chrome 17.x ABSTRACT: Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory SA48321 SecurityTracker Alert ID: 1026776 CVE-2011-3046 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted HTML that, when loaded by the target user, will trigger an unspecified flaw and execute arbitrary code (outside of the

70

V-087: Adobe Flash Player Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Adobe Flash Player Two Vulnerabilities 7: Adobe Flash Player Two Vulnerabilities V-087: Adobe Flash Player Two Vulnerabilities February 8, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been reported in Adobe Flash Player PLATFORM: Vulnerabilities are reported in the following versions: Adobe Flash Player versions 11.5.502.146 and earlier for Windows and Macintosh Adobe Flash Player versions 11.2.202.261 and earlier for Linux Adobe Flash Player versions 11.1.115.36 and earlier for Android 4.x Adobe Flash Player versions 11.1.111.31 and earlier for Android 3.x Adobe Flash Player versions 11.5.31.137 and earlier for Chrome users Adobe Flash Player versions 11.3.378.5 and earlier for Internet Explorer 10 users on Windows 8 ABSTRACT: Two vulnerabilities are reported as 0-day which can be exploited by

71

V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities 6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities February 21, 2013 - 6:00am Addthis PROBLEM: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey PLATFORM: The vulnerabilities are reported in Thunderbird versions prior to 17.0.3 and SeaMonkey versions prior to 2.16. ABSTRACT: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52280 Mozilla Security Advisory 2013-21 CVE-2013-0765 CVE-2013-0772

72

U-251: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Bugzilla LDAP Injection and Information Disclosure 1: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities U-251: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities September 5, 2012 - 6:00am Addthis PROBLEM: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities PLATFORM: Bugzilla 2.x Bugzilla 3.x Bugzilla 4.x ABSTRACT: Bugzilla is prone to an LDAP-injection vulnerability and an information-disclosure vulnerability reference LINKS: Bugzilla Homepage Bugzilla Security Advisory Bugtraq ID: 55349 Secunia Advisory SA50433 CVE-2012-3981 CVE-2012-4747 IMPACT ASSESSMENT: Medium Discussion: A vulnerability and a security issue have been reported, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data. 1) Input passed via the username is not properly escaped before being used

73

V-062: Asterisk Two Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Asterisk Two Denial of Service Vulnerabilities 2: Asterisk Two Denial of Service Vulnerabilities V-062: Asterisk Two Denial of Service Vulnerabilities January 4, 2013 - 6:00am Addthis PROBLEM: Asterisk Two Denial of Service Vulnerabilities PLATFORM: The vulnerabilities are reported in versions 1.8.x, 10.x, and 11.x. ABSTRACT: Two vulnerabilities have been reported in Asterisk, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA51689 Asterisk Project Security Advisories CVE-2012-5976 CVE-2012-5977 IMPACT ASSESSMENT: Medium DISCUSSION: A remote user can send specially crafted data to consume excessive resources on the target system. Systems configured to allow anonymous calls are affected. A remote authenticated user can also exploit this via

74

T-578: Vulnerability in MHTML Could Allow Information Disclosure |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Vulnerability in MHTML Could Allow Information Disclosure 8: Vulnerability in MHTML Could Allow Information Disclosure T-578: Vulnerability in MHTML Could Allow Information Disclosure March 15, 2011 - 3:05pm Addthis PROBLEM: Microsoft Windows is prone to a vulnerability that may allow attackers to inject arbitrary script code into the current browser session. PLATFORM: Windows 2003 SP2, Vista SP2, 2008 SP2, XP SP3, 7; and prior service packs ABSTRACT: A vulnerability was reported in Microsoft MHTML. A remote user can conduct cross-site scripting attacks. reference LINKS: Microsoft Security Advisory (2501696) CVE-2011-0096 SecurityTracker Alert ID: 1025003 Bugtraq ID: 46055 IMPACT ASSESSMENT: Moderate Discussion: The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain

75

U-066: Mozilla Firefox / Thunderbird Multiple Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Firefox / Thunderbird Multiple Vulnerabilities 6: Mozilla Firefox / Thunderbird Multiple Vulnerabilities U-066: Mozilla Firefox / Thunderbird Multiple Vulnerabilities December 22, 2011 - 6:30am Addthis PROBLEM: Mozilla Firefox / Thunderbird Multiple Vulnerabilities . PLATFORM: Mozilla Firefox 8.x and Mozilla Thunderbird 8.x ABSTRACT: Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird. reference LINKS: Advisory 2011-53 Advisory 2011-54 Advisory 2011-55 Advisory 2011-56 Advisory 2011-57 Advisory 2011-58 Secunia Advisory: SA47302 IMPACT ASSESSMENT: High Discussion: Vulnerabilities have been reported in Mozilla Firefox and Thunderbird, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system. 1) Some unspecified errors can be exploited to corrupt memory. No further

76

V-126: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Firefox Multiple Vulnerabilities 6: Mozilla Firefox Multiple Vulnerabilities V-126: Mozilla Firefox Multiple Vulnerabilities April 4, 2013 - 6:00am Addthis PROBLEM: Mozilla Firefox Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 20.0 ABSTRACT: Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct spoofing and cross-site scripting attacks and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52770 Secunia Advisory SA52293 Mozilla Security Announcement mfsa2013-30 Mozilla Security Announcement mfsa2013-31 Mozilla Security Announcement mfsa2013-32 Mozilla Security Announcement mfsa2013-34 Mozilla Security Announcement mfsa2013-35

77

U-104: Adobe Flash Player Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Adobe Flash Player Multiple Vulnerabilities 4: Adobe Flash Player Multiple Vulnerabilities U-104: Adobe Flash Player Multiple Vulnerabilities February 16, 2012 - 6:30am Addthis PROBLEM: Adobe Flash Player Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions 11.1.102.55 and prior for Windows, Macintosh, Linux, and Solaris Adobe Flash Player versions 11.1.112.61 and prior for Android 4.x Adobe Flash Player versions 11.1.111.5 and prior for Android 3.x and prior ABSTRACT: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. reference LINKS: Adobe Security Bulletin Secunia Advisory 48033 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Adobe Flash Player, which

78

U-246: Tigase XMPP Dialback Protection Bypass Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Tigase XMPP Dialback Protection Bypass Vulnerability 6: Tigase XMPP Dialback Protection Bypass Vulnerability U-246: Tigase XMPP Dialback Protection Bypass Vulnerability August 28, 2012 - 7:00am Addthis PROBLEM: Tigase XMPP Dialback Protection Bypass Vulnerability PLATFORM: Tigase 5.x ABSTRACT: A vulnerability has been reported in Tigase, which can be exploited by malicious people to bypass certain security restrictions. reference LINKS: XMPP Standards Foundation Secunia Advisory SA50362 tigase.org CVE-2012-4670 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to an error within the XMPP protocol implementation, which does not properly verify the "Verify Response" and "Authorization Response" messages. This can be exploited to spoof a domain and bypass the Dialback protection.

79

V-224: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Google Chrome Multiple Vulnerabilities 4: Google Chrome Multiple Vulnerabilities V-224: Google Chrome Multiple Vulnerabilities August 22, 2013 - 1:05am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to compromise a user's system. PLATFORM: Google Chrome 28.x ABSTRACT: The vulnerabilities are reported in versions prior to 29.0.1547.57 REFERENCE LINKS: Secunia Advisory ID: 1028921 CVE-2013-2887 CVE-2013-2900 CVE-2013-2901 CVE-2013-2902 CVE-2013-2903 CVE-2013-2904 CVE-2013-2905 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious, local users to disclose

80

V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities 6: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities V-096: Mozilla Thunderbird / SeaMonkey Multiple Vulnerabilities February 21, 2013 - 6:00am Addthis PROBLEM: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey PLATFORM: The vulnerabilities are reported in Thunderbird versions prior to 17.0.3 and SeaMonkey versions prior to 2.16. ABSTRACT: A weakness and multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52280 Mozilla Security Advisory 2013-21 CVE-2013-0765 CVE-2013-0772

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


81

T-730: Vulnerability in Citrix Provisioning Services could result in  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

730: Vulnerability in Citrix Provisioning Services could result 730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution T-730: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution September 29, 2011 - 8:30am Addthis PROBLEM: Vulnerability in Citrix Provisioning Services could result in Arbitrary Code Execution. PLATFORM: This vulnerability is present in all supported versions of Citrix Provisioning Services up to and including version 5.6 Service Pack 1. ABSTRACT: Citrix Provisioning Services is prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the application. reference LINKS: Citrix Document ID: CTX130846 Security Focus: Bugtraq ID 49803 IMPACT ASSESSMENT:

82

V-208: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Google Chrome Multiple Vulnerabilities 8: Google Chrome Multiple Vulnerabilities V-208: Google Chrome Multiple Vulnerabilities August 1, 2013 - 2:32am Addthis PROBLEM: Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. PLATFORM: Google Chrome 28.x ABSTRACT: Some vulnerabilities have been reported in Google Chrome which allows attackers to access and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA54325 CVE-2013-2881 CVE-2013-2882 CVE-2013-2883 CVE-2013-2884 CVE-2013-2885 CVE-2013-2886 IMPACT ASSESSMENT: High DISCUSSION: Several vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to

83

T-542: SAP Crystal Reports Server Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: SAP Crystal Reports Server Multiple Vulnerabilities 2: SAP Crystal Reports Server Multiple Vulnerabilities T-542: SAP Crystal Reports Server Multiple Vulnerabilities January 25, 2011 - 2:30pm Addthis PROBLEM: SAP Crystal Reports Server Multiple Vulnerabilities. PLATFORM: Crystal Reports Server 2008 ABSTRACT: Multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system. reference LINKS: Secunia Advisory SA43060 Vulnerability Report: Crystal Reports Server 2008 IMPACT ASSESSMENT: High Discussion: 1) Input passed to the "actId" parameter in InfoViewApp/jsp/common/actionNav.jsp, "backUrl" parameter in

84

U-249: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

49: Google Chrome Multiple Vulnerabilities 49: Google Chrome Multiple Vulnerabilities U-249: Google Chrome Multiple Vulnerabilities August 31, 2012 - 6:00am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: Google Chrome 21.x ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome. reference LINKS: Secunia Advisory SA50447 Stable Channel Update CVE-2012-2865 CVE-2012-2866 CVE-2012-2867 CVE-2012-2868 CVE-2012-2869 CVE-2012-2870 CVE-2012-2871 CVE-2012-2872 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system. 1) An out-of-bounds read error exists when handling line breaks. 2) A bad cast error exists within run-ins.

85

V-092: Pidgin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Pidgin Multiple Vulnerabilities 2: Pidgin Multiple Vulnerabilities V-092: Pidgin Multiple Vulnerabilities February 15, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Pidgin PLATFORM: Vulnerabilities are reported in version 2.10.6. Prior versions may also be affected. ABSTRACT: Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52178 Pidgin CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 IMPACT ASSESSMENT: High DISCUSSION: 1) An error within the MXit protocol plugin when saving images can be exploited to overwrite certain files. 2) A boundary error within the "mxit_cb_http_read()" function

86

V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Citrix Access Gateway Unspecified Security Bypass 6: Citrix Access Gateway Unspecified Security Bypass Vulnerability V-106: Citrix Access Gateway Unspecified Security Bypass Vulnerability March 7, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Citrix Access Gateway PLATFORM: Standard Edition 5.0.x prior to 5.0.4.223524. Versions 4.5.x and 4.6.x are not affected by this vulnerability ABSTRACT: A vulnerability has been reported in Citrix Access Gateway, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA52479 Security Tracker Alert ID 1028255 com/id/1028255 CVE-2013-2263 Citrix Knowledge Center IMPACT ASSESSMENT: High DISCUSSION: The vulnerability could allow an unauthenticated user to gain access to network resources. IMPACT:

87

V-214: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Mozilla Firefox Multiple Vulnerabilities 4: Mozilla Firefox Multiple Vulnerabilities V-214: Mozilla Firefox Multiple Vulnerabilities August 8, 2013 - 2:16am Addthis PROBLEM: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. PLATFORM: Mozilla Firefox 22.x ABSTRACT: The vulnerabilities are reported in versions prior to 23.0. REFERENCE LINKS: Secunia Advisory SA54418 CVE-2013-1701 CVE-2013-1702 CVE-2013-1704 CVE-2013-1705 CVE-2013-1706 CVE-2013-1707 CVE-2013-1709 CVE-2013-1710 CVE-2013-1711 CVE-2013-1713 CVE-2013-1714 CVE-2013-1717 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Mozilla Firefox, which can

88

T-542: SAP Crystal Reports Server Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: SAP Crystal Reports Server Multiple Vulnerabilities 2: SAP Crystal Reports Server Multiple Vulnerabilities T-542: SAP Crystal Reports Server Multiple Vulnerabilities January 25, 2011 - 2:30pm Addthis PROBLEM: SAP Crystal Reports Server Multiple Vulnerabilities. PLATFORM: Crystal Reports Server 2008 ABSTRACT: Multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system. reference LINKS: Secunia Advisory SA43060 Vulnerability Report: Crystal Reports Server 2008 IMPACT ASSESSMENT: High Discussion: 1) Input passed to the "actId" parameter in InfoViewApp/jsp/common/actionNav.jsp, "backUrl" parameter in

89

U-179: IBM Java 7 Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Java 7 Multiple Vulnerabilities 9: IBM Java 7 Multiple Vulnerabilities U-179: IBM Java 7 Multiple Vulnerabilities May 30, 2012 - 7:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Java PLATFORM: IBM Java 7.x ABSTRACT: Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference Links: Secunia Advisory 49333 CVE-2011-3389 Vendor Advisory IMPACT ASSESSMENT: High Discussion: IBM released a patch to address vulerabilities in IBM Java 7. IBM 7 SR1 is available for download. Impact: Hijacking Manipulation of data Exposure of sensitive information

90

V-059: MoinMoin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: MoinMoin Multiple Vulnerabilities 9: MoinMoin Multiple Vulnerabilities V-059: MoinMoin Multiple Vulnerabilities January 1, 2013 - 5:57am Addthis PROBLEM: MoinMoin Multiple Vulnerabilities PLATFORM: Version(s): MoinMoin 1.x ABSTRACT: Multiple vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to manipulate certain data. REFERENCE LINKS: Secunia Advisory SA51663 CVE-2012-6080 CVE-2012-6081 CVE-2012-6082 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input when handling the AttachFile action is not properly verified before being used to write files. This can be exploited to overwrite arbitrary files via directory traversal sequences. 2) The application allows the upload of files with arbitrary extensions to

91

V-087: Adobe Flash Player Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Adobe Flash Player Two Vulnerabilities 7: Adobe Flash Player Two Vulnerabilities V-087: Adobe Flash Player Two Vulnerabilities February 8, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been reported in Adobe Flash Player PLATFORM: Vulnerabilities are reported in the following versions: Adobe Flash Player versions 11.5.502.146 and earlier for Windows and Macintosh Adobe Flash Player versions 11.2.202.261 and earlier for Linux Adobe Flash Player versions 11.1.115.36 and earlier for Android 4.x Adobe Flash Player versions 11.1.111.31 and earlier for Android 3.x Adobe Flash Player versions 11.5.31.137 and earlier for Chrome users Adobe Flash Player versions 11.3.378.5 and earlier for Internet Explorer 10 users on Windows 8 ABSTRACT: Two vulnerabilities are reported as 0-day which can be exploited by

92

V-121: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Google Chrome Multiple Vulnerabilities 1: Google Chrome Multiple Vulnerabilities V-121: Google Chrome Multiple Vulnerabilities March 28, 2013 - 12:29am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: versions prior to 26.0.1410.43. ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Secunia Advisory SA52761 CVE-2013-0916 CVE-2013-0917 CVE-2013-0918 CVE-2013-0919 CVE-2013-0920 CVE-2013-0921 CVE-2013-0922 CVE-2013-0923 CVE-2013-0924 CVE-2013-0925 CVE-2013-0926 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities have been reported in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. IMPACT: 1) A use-after-free error exists in Web Audio.

93

V-105: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Google Chrome Multiple Vulnerabilities 5: Google Chrome Multiple Vulnerabilities V-105: Google Chrome Multiple Vulnerabilities March 6, 2013 - 12:09am Addthis PROBLEM: Google Chrome Multiple Vulnerabilities PLATFORM: Google Chrome prior to 25.0.1364.152. ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome REFERENCE LINKS: Stable Channel Update Secunia Advisory SA52454 CVE-2013-0902 CVE-2013-0903 CVE-2013-0904 CVE-2013-0905 CVE-2013-0906 CVE-2013-0907 CVE-2013-0908 CVE-2013-0909 CVE-2013-0910 CVE-2013-0911 IMPACT ASSESSMENT: High DISCUSSION: Multiple vulnerabilities in Google Chrome may have an unknown impact and others can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists in frame loader. 2) A use-after-free error exists in browser navigation handling.

94

V-081: Wireshark Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Wireshark Multiple Vulnerabilities 1: Wireshark Multiple Vulnerabilities V-081: Wireshark Multiple Vulnerabilities January 31, 2013 - 12:21am Addthis PROBLEM: Wireshark Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.8.5 and 1.6.13. ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark 1.8.5 Release Notes Secunia Advisory SA51968 IMPACT ASSESSMENT: High DISCUSSION: 1) Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets. 2) An error in the CLNP dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

95

V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Cisco Unified Customer Voice Portal (CVP) Multiple 2: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities May 9, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Cisco Unified Customer Voice Portal (CVP) PLATFORM: The vulnerabilities are reported in versions prior to 9.0.1 ES 11 ABSTRACT: Various components of Cisco Unified CVP are affected. These vulnerabilities can be exploited independently; however, more than one vulnerability could be exploited on the same device. REFERENCE LINKS: Secunia Advisory SA53306 Cisco Advisory ID cisco-sa-20130508-cvp Cisco Applied Mitigation Bulletin CVE-2013-1220 CVE-2013-1221 CVE-2013-1222 CVE-2013-1223 CVE-2013-1224 CVE-2013-1225 IMPACT ASSESSMENT: Medium DISCUSSION:

96

V-097: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Google Chrome Multiple Vulnerabilities 7: Google Chrome Multiple Vulnerabilities V-097: Google Chrome Multiple Vulnerabilities February 22, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome PLATFORM: The vulnerabilities are reported in versions prior to Google Chrome 24.x ABSTRACT: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52320 Chrome Stable Channel Update CVE-2013-0879 CVE-2013-0880 CVE-2013-0881 CVE-2013-0882 CVE-2013-0883 CVE-2013-0884 CVE-2013-0885 CVE-2013-0886 CVE-2013-0887 CVE-2013-0888 CVE-2013-0889 CVE-2013-0890 CVE-2013-0891 CVE-2013-0892 CVE-2013-0893

97

V-081: Wireshark Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Wireshark Multiple Vulnerabilities 1: Wireshark Multiple Vulnerabilities V-081: Wireshark Multiple Vulnerabilities January 31, 2013 - 12:21am Addthis PROBLEM: Wireshark Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.8.5 and 1.6.13. ABSTRACT: Multiple vulnerabilities have been reported in Wireshark REFERENCE LINKS: Wireshark 1.8.5 Release Notes Secunia Advisory SA51968 IMPACT ASSESSMENT: High DISCUSSION: 1) Errors in the Bluetooth HCI, CSN.1, DCP-ETSI DOCSIS CM-STAUS, IEEE 802.3 Slow Protocols, MPLS, R3, RTPS, SDP, and SIP dissectors can be exploited to trigger infinite loops and consume CPU resources via specially crafted packets. 2) An error in the CLNP dissector when processing certain packets can be exploited to cause a crash via a specially crafted packet.

98

U-179: IBM Java 7 Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Java 7 Multiple Vulnerabilities 9: IBM Java 7 Multiple Vulnerabilities U-179: IBM Java 7 Multiple Vulnerabilities May 30, 2012 - 7:00am Addthis PROBLEM: IBM has acknowledged multiple vulnerabilities in IBM Java PLATFORM: IBM Java 7.x ABSTRACT: Vulnerabilities can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference Links: Secunia Advisory 49333 CVE-2011-3389 Vendor Advisory IMPACT ASSESSMENT: High Discussion: IBM released a patch to address vulerabilities in IBM Java 7. IBM 7 SR1 is available for download. Impact: Hijacking Manipulation of data Exposure of sensitive information

99

V-178: IBM Data Studio Web Console Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: IBM Data Studio Web Console Java Multiple Vulnerabilities 8: IBM Data Studio Web Console Java Multiple Vulnerabilities V-178: IBM Data Studio Web Console Java Multiple Vulnerabilities June 14, 2013 - 6:00am Addthis PROBLEM: IBM has acknowledged a weakness and two vulnerabilities in IBM Data Studio PLATFORM: IBM Data Studio 3.x ABSTRACT: IBM Data Studio Web Console uses the IBM Java Runtime Environment (JRE) and might be affected by vulnerabilities in the IBM JRE REFERENCE LINKS: Secunia Advisory SA53778 IBM Flash Alert 1640533 CVE-2013-0169 CVE-2013-0440 CVE-2013-0443 IMPACT ASSESSMENT: High DISCUSSION: An unspecified vulnerability within the JSSE component could allow: 1) A remote attacker to cause a denial of service 2) To statistically observe the time necessary to generate/receive error messages and deduce the plaintext after a relatively small number of

100

V-074: IBM Informix Genero libpng Integer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: IBM Informix Genero libpng Integer Overflow Vulnerability 4: IBM Informix Genero libpng Integer Overflow Vulnerability V-074: IBM Informix Genero libpng Integer Overflow Vulnerability January 22, 2013 - 12:11am Addthis PROBLEM: IBM Informix Genero libpng Integer Overflow Vulnerability PLATFORM: IBM Informix Genero releases prior to 2.41 - all platforms ABSTRACT: A vulnerability has been reported in libpng. REFERENCE LINKS: IBM Security Bulletin: 1620982 Secunia Advisory SA51905 Secunia Advisory SA48026 CVE-2011-3026 IMPACT ASSESSMENT: Medium DISCUSSION: The libpng library used by IBM Informix Genero contains an integer overflow vulnerability. If you use IBM Informix Genero to handle PNG (Portable Network Graphics) image files and an attacker causes your IBM Informix Genero program to open or display a malicious PNG file, your IBM Informix

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


101

V-092: Pidgin Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Pidgin Multiple Vulnerabilities 2: Pidgin Multiple Vulnerabilities V-092: Pidgin Multiple Vulnerabilities February 15, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Pidgin PLATFORM: Vulnerabilities are reported in version 2.10.6. Prior versions may also be affected. ABSTRACT: Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52178 Pidgin CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 IMPACT ASSESSMENT: High DISCUSSION: 1) An error within the MXit protocol plugin when saving images can be exploited to overwrite certain files. 2) A boundary error within the "mxit_cb_http_read()" function

102

V-001: Mozilla Security vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Mozilla Security vulnerabilities 1: Mozilla Security vulnerabilities V-001: Mozilla Security vulnerabilities October 12, 2012 - 6:00am Addthis PROBLEM: Mozilla Security vulnerabilities PLATFORM: Vulnerabilities are reported in Firefox and Thunderbird versions prior to 16.0.1 and SeaMonkey versions prior to 2.13.1. ABSTRACT: Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities REFERENCE LINKS: Secunia Advisory SA50932 Mozilla Security Blog Mozilla Foundation Security Advisory 2012-88 Mozilla Foundation Security Advisory 2012-89 SecurityTracker Alert ID: 1027653 SecurityTracker Alert ID: 1027652 SecurityTracker Alert ID: 1027651 CVE-2012-4190 CVE-2012-4191 CVE-2012-4192 CVE-2012-4193 IMPACT ASSESSMENT: High DISCUSSION: 1) The protected "location" object is accessible by other domain objects,

103

V-116: Google Picasa BMP and TIFF Images Processing Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Google Picasa BMP and TIFF Images Processing Vulnerabilities 6: Google Picasa BMP and TIFF Images Processing Vulnerabilities V-116: Google Picasa BMP and TIFF Images Processing Vulnerabilities March 21, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been discovered in Google Picasa PLATFORM: Google Picasa Version 3.9.0 build 136.09 for Windows/3.9.14.34 for Mac ABSTRACT: Two vulnerabilities have been discovered in Google Picasa, which can be exploited by malicious people to compromise a user's system. REFERENCE LINKS: Secunia Advisory SA51652 Picasa Release Notes IMPACT ASSESSMENT: High DISCUSSION: 1) A sign extension error when processing the color table of a BMP image can be exploited to cause a heap-based buffer overflow via a BMP image with a specially crafted "biBitCount" field. 2) The application bundles a vulnerable version of LibTIFF.

104

T-550: Apache Denial of Service Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

550: Apache Denial of Service Vulnerability 550: Apache Denial of Service Vulnerability T-550: Apache Denial of Service Vulnerability February 4, 2011 - 3:03am Addthis PROBLEM: Apache 'APR-util' is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. PLATFORM: Versions prior to 'APR-util' 1.3.10 are vulnerable. ABSTRACT: Apache 'APR-util' is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, may allow remote users to cause a Denial of Service (DoS - memory consumption). reference LINKS: Securityfocus

105

Cyber Security Vulnerability Impact on I&C Reliability  

SciTech Connect

We present a discussion of the cyber security vulnerability impact on instrument and control reliability. In the discussion we demonstrate the likely vector of attack and vulnerabilities associated with commodity hardware, protocols and communication media. The current fleet of nuclear power plants in the United States utilizes aging analog instrument and control systems which are more frequently suffering from obsolescence and failure. The commodity equipment available now and in the near future incorporates features from information technology systems which compound cyber vulnerabilities.

Hadley, Mark D.; McBride, Justin B.

2006-11-01T23:59:59.000Z

106

GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material |  

National Nuclear Security Administration (NNSA)

Removing Vulnerable Civilian Nuclear and Radiological Material | Removing Vulnerable Civilian Nuclear and Radiological Material | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material Fact Sheet GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material

107

GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material |  

NLE Websites -- All DOE Office Websites (Extended Search)

Removing Vulnerable Civilian Nuclear and Radiological Material | Removing Vulnerable Civilian Nuclear and Radiological Material | National Nuclear Security Administration Our Mission Managing the Stockpile Preventing Proliferation Powering the Nuclear Navy Emergency Response Recapitalizing Our Infrastructure Continuing Management Reform Countering Nuclear Terrorism About Us Our Programs Our History Who We Are Our Leadership Our Locations Budget Our Operations Media Room Congressional Testimony Fact Sheets Newsletters Press Releases Speeches Events Social Media Video Gallery Photo Gallery NNSA Archive Federal Employment Apply for Our Jobs Our Jobs Working at NNSA Blog Home > Media Room > Fact Sheets > GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material Fact Sheet GTRI: Removing Vulnerable Civilian Nuclear and Radiological Material

108

Vulnerability in Climate Change Research: A Comprehensive Conceptual Framework  

E-Print Network (OSTI)

hazards assessments, for instance, have regarded ‘natural’addressing natural hazards and vulnerability assessments ad-assessment developed by Klein and Nicholls (1999) sees ‘natural

Füssel, Hans–Martin

2005-01-01T23:59:59.000Z

109

AFTER A Framework for electrical power sysTems vulnerability...  

Open Energy Info (EERE)

Germany) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Germany Coordinates...

110

Mapping Climate Change Vulnerability and Impact Scenarios - A...  

Open Energy Info (EERE)

Sub-national Planners Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners...

111

Antioch University and EPA Webinar: Assessing Vulnerability of...  

Energy Savers (EERE)

Antioch University and EPA Webinar: Assessing Vulnerability of Water Conveyance Infrastructure from a Changing Climate in the Context of a Changing Landscape Antioch University and...

112

Comprehensive Vulnerability and Threat Analysis | ornl.gov  

NLE Websites -- All DOE Office Websites (Extended Search)

Vulnerability and Threat Analysis Our world is characterized by ever-changing threats to critical facilities, national assets and international interests. Understanding...

113

Vulnerability Analysis of Energy Delivery Control Systems  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0-18381 0-18381 Vulnerability Analysis of Energy Delivery Control Systems September 2011 Idaho National Laboratory Idaho Falls, Idaho 83415 http://www.inl.gov Prepared for the U.S. Department of Energy Office of Electricity Delivery and Energy Reliability Under DOE Idaho Operations Office Contract DE-AC07-05ID14517 The INL is a U.S. Department of Energy National Laboratory operated by Battelle Energy Alliance DISCLAIMER This information was prepared as an account of work sponsored by an agency of the U.S. Government. Neither the U.S. Government nor any agency thereof, nor any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness, of any information, apparatus, product, or

114

Attacking Systems ecurity vulnerabilities related to buffer overruns  

E-Print Network (OSTI)

Attacking Systems S ecurity vulnerabilities related to buffer overruns account for the largest exploits that take ad- vantage of the vulnerability to attack a system. The traditional approach and even security profession- als seemingly assume that all buffer overrun exploits operate in a similar

Sekar, R.

115

Automatic Discovery of API-Level Vulnerabilities Vinod Ganapathy  

E-Print Network (OSTI)

Automatic Discovery of API-Level Vulnerabilities Vinod Ganapathy , Sanjit A. Seshia , Somesh Jha-MADISON COMPUTER SCIENCES TECHNICAL REPORT: UW-CS-TR-1512, JULY 2004. Abstract A system is vulnerable to an API-level attack if its security can be compromised by invoking an allowed sequence of operations from its API. We

Ganapathy, Vinod

116

U-100: Google Chrome Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Google Chrome Multiple Vulnerabilities 0: Google Chrome Multiple Vulnerabilities U-100: Google Chrome Multiple Vulnerabilities February 10, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions, manipulate certain data, and compromise a user's system. PLATFORM: Google Chrome 16.x ABSTRACT: A remote user can create a specially crafted content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. Reference LINKS: Google Announcements and Release Channel Secunia Advisory SA47938 Security Tracker ID 1026654 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Google Chrome, where some

117

Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for  

Open Energy Info (EERE)

Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners Jump to: navigation, search Tool Summary Name: Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners Agency/Company /Organization: United Nations Development Programme (UNDP) Resource Type: Guide/manual Website: www.beta.undp.org/content/dam/aplaws/publication/en/publications/envir Language: English Mapping Climate Change Vulnerability and Impact Scenarios - A Guidebook for Sub-national Planners Screenshot This guidebook assists planners working at the sub-national levels to identify and map the nature of current and future vulnerability to long-term climate change so that appropriate policies and intervention can

118

V-173: Plesk 0-Day Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Plesk 0-Day Vulnerability 3: Plesk 0-Day Vulnerability V-173: Plesk 0-Day Vulnerability June 7, 2013 - 6:00am Addthis PROBLEM: There is a command injection vulnerability in Plesk which is currently being exploited in the wild PLATFORM: Plesk versions 8.6, 9.0, 9.2, 9.3, and 9.5.4 ABSTRACT: The vulnerability is caused due to PHP misconfiguration in the affected application REFERENCE LINKS: Seclist.org TrendMicro SIB isc.sans.edu Paritynews.com slashdot.org IMPACT ASSESSMENT: High DISCUSSION: The exploit makes use of specially crafted HTTP queries that inject PHP commands. The exploit uses POST request to launch a PHP interpreter and the attacker can set any configuration parameters through the POST request. The exploit code published calls the PHP interpreter directly with allow_url_include=on, safe_mode=off and suhosin.simulation=on arguments.

119

T-731:Symantec IM Manager Code Injection Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

T-731:Symantec IM Manager Code Injection Vulnerability T-731:Symantec IM Manager Code Injection Vulnerability T-731:Symantec IM Manager Code Injection Vulnerability September 30, 2011 - 8:30am Addthis PROBLEM: Symantec IM Manager Code Injection Vulnerability. PLATFORM: IM Manager versions prior to 8.4.18 are affected. ABSTRACT: Symantec IM Manager is prone to a vulnerability that will let attackers run arbitrary code. referecnce LINKS: Symantec Security Advisory SYM11-012 Symantec Security Updates Bugtraq ID: 49742 IMPACT ASSESSMENT: High Discussion: Symantec was notified of Cross-Site Scripting and Code injection/execution issues present in the Symantec IM Manager management console. The management console fails to properly filter/validate external inputs. Successful exploitation of SQL Injection or Remote Code execution might

120

T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

74: Drupal Secure Password Hashes Module Security Bypass 74: Drupal Secure Password Hashes Module Security Bypass Vulnerability T-674: Drupal Secure Password Hashes Module Security Bypass Vulnerability July 22, 2011 - 3:00pm Addthis PROBLEM: Drupal Secure Password Hashes Module Security Bypass Vulnerability PLATFORM: Drupal Secure Password Hashes 6.X-1.0 Drupal Secure Password Hashes 5.X-1.4 ABSTRACT: The Secure Password Hashes module for Drupal is prone to a security-bypass vulnerability. reference LINKS: Drupal Homepage SA-CONTRIB-2011-026 - Secure Password Hashes (phpass) - Multiple Vulnerabilities IMPACT ASSESSMENT: Medium Discussion: This module uses the PHPass hashing library to try to store users hashed passwords securely. The module sets a fixed string for the 'pass' column in the {users} database column but does not replace the pass attribute of the account

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


121

V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Symantec Endpoint Protection Manager Buffer Overflow 2: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability June 20, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Symantec Endpoint Protection Manager PLATFORM: The vulnerability is reported in versions 12.1.x prior to 12.1 RU3 ABSTRACT: Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC) REFERENCE LINKS: Secunia Advisory SA53864 SecurityTracker Alert ID: 1028683 Symantec Adivsory SYM13-005 CVE-2013-1612 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a boundary error within secars.dll and can be exploited to cause a buffer overflow via the web-based management

122

V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

82: Symantec Endpoint Protection Manager Buffer Overflow 82: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability June 20, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Symantec Endpoint Protection Manager PLATFORM: The vulnerability is reported in versions 12.1.x prior to 12.1 RU3 ABSTRACT: Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC) REFERENCE LINKS: Secunia Advisory SA53864 SecurityTracker Alert ID: 1028683 Symantec Adivsory SYM13-005 CVE-2013-1612 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a boundary error within secars.dll and can be exploited to cause a buffer overflow via the web-based management

123

V-187: Mozilla Firefox Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Mozilla Firefox Multiple Vulnerabilities 7: Mozilla Firefox Multiple Vulnerabilities V-187: Mozilla Firefox Multiple Vulnerabilities June 27, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Mozilla Firefox PLATFORM: Mozilla Firefox 21.x ABSTRACT: These vulnerabilities can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA53970 Secunia Advisory SA53953 Mozilla Advisory mfsa2013-49 Mozilla Advisory mfsa2013-50 Mozilla Advisory mfsa2013-51 Mozilla Advisory mfsa2013-53 Mozilla Advisory mfsa2013-55 Mozilla Advisory mfsa2013-56 Mozilla Advisory mfsa2013-59 CVE-2013-1682 CVE-2013-1683 CVE-2013-1684 CVE-2013-1685

124

Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of  

Open Energy Info (EERE)

Impacts, Vulnerability and Adaptation: The Case of Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Jump to: navigation, search Name Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Agency/Company /Organization World Agroforestry Centre Sector Land Focus Area Forestry Topics Adaptation, Background analysis, Co-benefits assessment Resource Type Publications Website http://www.worldagroforestry.o Country Philippines UN Region South-Eastern Asia References Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed[1] Assessing Climate Change Impacts, Vulnerability and Adaptation: The Case of Pantabangan-Carranglan Watershed Screenshot This article is a stub. You can help OpenEI by expanding it.

125

U-173: Symantec Web Gateway Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Symantec Web Gateway Multiple Vulnerabilities 3: Symantec Web Gateway Multiple Vulnerabilities U-173: Symantec Web Gateway Multiple Vulnerabilities May 21, 2012 - 7:00am Addthis PROBLEM: Symantec Web Gateway Multiple Vulnerabilities PLATFORM: 5.0.x prior to 5.0.3 ABSTRACT: Several vulnerabilities were reported in Symantec Web Gateway. A remote user can include and execute arbitrary code on the target system. A remote user can conduct cross-site scripting attacks. A remote user can view/delete/upload files on the target system. Reference Links: SecurityTracker Alert ID: 1027078 CVE-2012-0296 CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 IMPACT ASSESSMENT: Medium Discussion: The management interface does not properly authenticate remote users and does not properly validate user-supplied input. A remote user can cause arbitrary scripting code to be executed by the

126

V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: IBM Security AppScan Enterprise Multiple Vulnerabilities 9: IBM Security AppScan Enterprise Multiple Vulnerabilities V-119: IBM Security AppScan Enterprise Multiple Vulnerabilities March 26, 2013 - 12:56am Addthis PROBLEM: IBM Security AppScan Enterprise Multiple Vulnerabilities PLATFORM: IBM Rational AppScan 5.x IBM Rational AppScan 8.x ABSTRACT: IBM has acknowledged multiple vulnerabilities REFERENCE LINKS: IBM Reference #:1626264 Secunia Advisory SA52764 CVE-2008-4033 CVE-2012-4431 CVE-2012-5081 CVE-2013-0473 CVE-2013-0474 CVE-2013-0510 CVE-2013-0511 CVE-2013-0512 CVE-2013-0513 CVE-2013-0532 IMPACT ASSESSMENT: Medium DISCUSSION: 1) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. cause a DoS when a logged-in user visits a

127

V-111: Multiple vulnerabilities have been reported in Puppet | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Multiple vulnerabilities have been reported in Puppet 1: Multiple vulnerabilities have been reported in Puppet V-111: Multiple vulnerabilities have been reported in Puppet March 14, 2013 - 12:12am Addthis PROBLEM: Multiple vulnerabilities have been reported in Puppet PLATFORM: Puppet 2.x Puppet 3.x Puppet Enterprise 1.x Puppet Enterprise 2.x ABSTRACT: Puppet Multiple Vulnerabilities REFERENCE LINKS: Puppet Blog Secunia Advisory SA52596 CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 IMPACT ASSESSMENT: High DISCUSSION: 1) An unspecified error exists when invoking the "template" or "inline_template" functions while responding to a catalog request and can be exploited to execute arbitrary code via a specially crafted catalog request. 2) An input validation error exists in the application and can be exploited

128

U-174: Serendipity Unspecified SQL Injection Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Serendipity Unspecified SQL Injection Vulnerability 4: Serendipity Unspecified SQL Injection Vulnerability U-174: Serendipity Unspecified SQL Injection Vulnerability May 22, 2012 - 7:00am Addthis PROBLEM: Serendipity Unspecified SQL Injection Vulnerability PLATFORM: 1.6.1 and prior versions ABSTRACT: A vulnerability was reported in Serendipity. A remote user can inject SQL commands. Reference Links: SecurityTracker Alert ID: 1027079 Secunia Advisory SA49234 CVE-2012-2762 IMPACT ASSESSMENT: Medium Discussion: The 'include/functions_trackbacks.inc.php' script does not properly validate user-supplied input. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database. Impact: A remote user can execute SQL commands on the underlying database. Solution: The vendor has issued a fix (1.6.2).

129

V-118: IBM Lotus Domino Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: IBM Lotus Domino Multiple Vulnerabilities 8: IBM Lotus Domino Multiple Vulnerabilities V-118: IBM Lotus Domino Multiple Vulnerabilities March 25, 2013 - 12:40am Addthis PROBLEM: IBM Lotus Domino Multiple Vulnerabilities PLATFORM: IBM Domino 8.x ABSTRACT: Multiple vulnerabilities have been reported in IBM Lotus Domino REFERENCE LINKS: IBM Reference #:1627597 Secunia Advisory SA52753 CVE-2012-6277 CVE-2013-0486 CVE-2013-0487 IMPACT ASSESSMENT: High DISCUSSION: 1) An unspecified error can be exploited to disclose time-limited authentication credentials via the Domino Java Console and subsequently gain otherwise restricted access. Successful exploitation may require certain knowledge of Domino server configuration. 2) An unspecified error in the HTTP server component can be exploited to cause a memory leak and subsequently crash the server.

130

T-625: Opera Frameset Handling Memory Corruption Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Opera Frameset Handling Memory Corruption Vulnerability 5: Opera Frameset Handling Memory Corruption Vulnerability T-625: Opera Frameset Handling Memory Corruption Vulnerability May 18, 2011 - 3:05pm Addthis PROBLEM: A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system. PLATFORM: Opera versions prior to 11.11 ABSTRACT: The vulnerability is caused due to an error when handling certain frameset constructs during page unloading and can be exploited to corrupt memory via a specially crafted web page. reference LINKS: Secunia Advisory: SA44611 Opera Knowledge Base Opera 11.11 for Windows Opera Download Opera Mobile IMPACT ASSESSMENT: High Discussion: Framesets allow web pages to hold other pages inside them. Certain frameset constructs are not handled correctly when the page is unloaded, causing a

131

V-094: IBM Multiple Products Multiple Vulnerabilities | Department of  

NLE Websites -- All DOE Office Websites (Extended Search)

94: IBM Multiple Products Multiple Vulnerabilities 94: IBM Multiple Products Multiple Vulnerabilities V-094: IBM Multiple Products Multiple Vulnerabilities February 19, 2013 - 1:41am Addthis PROBLEM: IBM Multiple Products Multiple Vulnerabilities PLATFORM: IBM Maximo Asset Management versions 7.5, 7.1, and 6.2 IBM Maximo Asset Management Essentials versions 7.5, 7.1, and 6.2 IBM SmartCloud Control Desk version 7.5 IBM Tivoli Asset Management for IT versions 7.2, 7.1, and 6.2 IBM Tivoli Change and Configuration Management Database versions 7.2 and 7.1 IBM Tivoli Service Request Manager versions 7.2, 7.1, and 6.2 ABSTRACT: A weakness and multiple vulnerabilities have been reported in multiple IBM products. REFERENCE LINKS: IBM Reference #:1625624 IBM Product Security Incident Response Blog Secunia Advisory SA52132

132

V-022: Attachmate Reflection Products Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Attachmate Reflection Products Java Multiple Vulnerabilities 2: Attachmate Reflection Products Java Multiple Vulnerabilities V-022: Attachmate Reflection Products Java Multiple Vulnerabilities November 13, 2012 - 1:00am Addthis PROBLEM: Attachmate Reflection Products Java Multiple Vulnerabilities PLATFORM: Reflection X 2011 Reflection Suite for X 2011 Reflection for Secure IT Server for Windows Reflection for Secure IT Client and Server for UNIX ABSTRACT: Security issues related to Reflection PKI Services Manager REFERENCE LINKS: PKI Services Manager Technical Note 2560 Secunia Advisory SA51256 CVE-2012-0551 CVE-2012-1711 CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1720 CVE-2012-1721 CVE-2012-1722 CVE-2012-1723 CVE-2012-1724 CVE-2012-1725 CVE-2012-1726 IMPACT ASSESSMENT: High DISCUSSION: Attachmate has acknowledged multiple vulnerabilities in some Reflection

133

India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate  

Open Energy Info (EERE)

Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Jump to: navigation, search Name India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Agency/Company /Organization Swiss Agency for Development and Cooperation Sector Energy, Land, Water Focus Area Agriculture Topics Co-benefits assessment, Background analysis Resource Type Lessons learned/best practices Website http://www.intercooperation.or Country India Southern Asia References India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change[1] India-Vulnerability Assessment and Enhancing Adaptive Capacities to Climate Change Screenshot Contents 1 Introduction [1] 2 Community-based Institutions [2] 3 Pasture Land Development [3]

134

Mitigations for Security Vulnerabilities Found in Control System Networks |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Mitigations for Security Vulnerabilities Found in Control System Mitigations for Security Vulnerabilities Found in Control System Networks Mitigations for Security Vulnerabilities Found in Control System Networks Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho National Laboratory (INL) has observed that security procedures and devices are not consistently and effectively implemented. The Department of Homeland Security (DHS), National Cyber Security Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and government improve the security of the CSs used in the nation's critical infrastructures. One of the main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations for them. This paper discusses common problems and vulnerabilities seen in

135

V-173: Plesk 0-Day Vulnerability | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Plesk 0-Day Vulnerability 3: Plesk 0-Day Vulnerability V-173: Plesk 0-Day Vulnerability June 7, 2013 - 6:00am Addthis PROBLEM: There is a command injection vulnerability in Plesk which is currently being exploited in the wild PLATFORM: Plesk versions 8.6, 9.0, 9.2, 9.3, and 9.5.4 ABSTRACT: The vulnerability is caused due to PHP misconfiguration in the affected application REFERENCE LINKS: Seclist.org TrendMicro SIB isc.sans.edu Paritynews.com slashdot.org IMPACT ASSESSMENT: High DISCUSSION: The exploit makes use of specially crafted HTTP queries that inject PHP commands. The exploit uses POST request to launch a PHP interpreter and the attacker can set any configuration parameters through the POST request. The exploit code published calls the PHP interpreter directly with allow_url_include=on, safe_mode=off and suhosin.simulation=on arguments.

136

Benjamin Livshits and Monica S. Lam 1. PHPList Admin Page SQL Injection Vulnerability  

E-Print Network (OSTI)

Escalation Vulnerability 8. Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability 9. Zlib Local Race Condition Privilege Escalation Vulnerability 8. Vim ModeLines Further Variant Arbitrary

Livshits, Ben

137

V-051: Oracle Solaris Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Oracle Solaris Java Multiple Vulnerabilities 1: Oracle Solaris Java Multiple Vulnerabilities V-051: Oracle Solaris Java Multiple Vulnerabilities December 20, 2012 - 12:15am Addthis PROBLEM: Oracle Solaris Java Multiple Vulnerabilities PLATFORM: Oracle Solaris 11.x ABSTRACT: Oracle has acknowledged multiple vulnerabilities in Java included in Solaris REFERENCE LINKS: Secunia Advisory: SA51618 Secunia Advisory: SA50949 Third Party Vulnerability Resolution Blog in Java 7U9 Third Party Vulnerability Resolution Blog in Java 6U37 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084

138

US Energy Sector Vulnerabilities to Climate Change  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

On the cover: Trans-Alaska oil pipeline; aerial view of New Jersey refinery; coal barges on Mississippi River in St. Paul, Minnesota; power plant in Prince On the cover: Trans-Alaska oil pipeline; aerial view of New Jersey refinery; coal barges on Mississippi River in St. Paul, Minnesota; power plant in Prince George's County, Maryland; Grand Coulee Dam in Washington State; corn field near Somers, Iowa; wind turbines in Texas. Photo credits: iStockphoto U.S. ENERGY SECTOR VULNERABILITIES TO CLIMATE CHANGE AND EXTREME WEATHER Acknowledgements This report was drafted by the U.S. Department of Energy's Office of Policy and International Affairs (DOE-PI) and the National Renewable Energy Laboratory (NREL). The coordinating lead author and a principal author was Craig Zamuda of DOE-PI; other principal authors included Bryan Mignone of DOE-PI, and Dan Bilello, KC Hallett, Courtney Lee, Jordan Macknick, Robin Newmark, and Daniel Steinberg of NREL. Vince Tidwell of Sandia National Laboratories, Tom Wilbanks of

139

New Seals - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

More Information More Information VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

140

Insanely Fast Microprocessor Shop - Vulnerability Assessment Team - Nuclear  

NLE Websites -- All DOE Office Websites (Extended Search)

Insanely Fast Microprocessor Shop Insanely Fast Microprocessor Shop VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


141

About Seals - Vulnerability Assessment Team - Nuclear Engineering Division  

NLE Websites -- All DOE Office Websites (Extended Search)

Seals Seals VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

142

Findings and Lessons, Seals - Vulnerability Assessment Team - Nuclear  

NLE Websites -- All DOE Office Websites (Extended Search)

Findings and Lessons Learned Findings and Lessons Learned VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

143

Current Projects: Product Authenticity Tags - Vulnerability Assessment Team  

NLE Websites -- All DOE Office Websites (Extended Search)

Product Authenticity Tags Product Authenticity Tags VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms Argonne's VAT (brochure)

144

Rapid Sampling from Sealed Containers - Vulnerability Assessment Team -  

NLE Websites -- All DOE Office Websites (Extended Search)

Nonproliferation and Nonproliferation and National Security > VAT > Current Projects > Rapid Sampling Tools > ... from Sealed Containers VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Tamper & Intrusion Detection Rapid Sampling from Sealed Containers Demo video Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned

145

Common Myths about Tamper Indicating Seals - Vulnerability Assessment Team  

NLE Websites -- All DOE Office Websites (Extended Search)

Common Myths about Tamper Common Myths about Tamper Indicating Seals VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

146

U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability |  

NLE Websites -- All DOE Office Websites (Extended Search)

97: Cisco Adaptive Security Appliances Denial of Service 97: Cisco Adaptive Security Appliances Denial of Service Vulnerability U-197: Cisco Adaptive Security Appliances Denial of Service Vulnerability June 22, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in Cisco Adaptive Security Appliances (ASA), which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: Cisco Adaptive Security Appliance (ASA) 8.x Cisco ASA 5500 Series Adaptive Security Appliances ABSTRACT: The vulnerability is caused due to an unspecified error when handling IPv6 transit traffic and can be exploited to cause a reload of the affected device. reference LINKS: Vendor Advisory Secunia ID 49647 CVE-2012-3058 IMPACT ASSESSMENT: High Discussion: Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco

147

T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

22: Adobe Acrobat and Reader Unspecified Memory Corruption 22: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability T-622: Adobe Acrobat and Reader Unspecified Memory Corruption Vulnerability May 13, 2011 - 3:25am Addthis PROBLEM: Adobe Acrobat and Reader contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. PLATFORM: Adobe Reader versions 9.4.1 and prior, versions 8.2.5 and prior, and version 10.0 Acrobat Standard and Professional versions 9.4.1 and prior and version 10.0 Acrobat Standard and Professional versions 8.2.5 and prior Acrobat Professional Extended versions 9.4.1 and prior Acrobat 3D versions 8.2.5 and prior Adobe Flash Player versions 10.2.159.1 and prior for Windows, Macintosh, Linux, and Solaris ABSTRACT: The vulnerability is due to an unspecified error in the affected software

148

T-547: Microsoft Windows Human Interface Device (HID) Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

547: Microsoft Windows Human Interface Device (HID) Vulnerability 547: Microsoft Windows Human Interface Device (HID) Vulnerability T-547: Microsoft Windows Human Interface Device (HID) Vulnerability February 1, 2011 - 3:20am Addthis PROBLEM Microsoft Windows Human Interface Device (HID) Vulnerability. PLATFORM: Microsoft 2003 SP2, Vista SP2, 2008 SP2, XP SP3, 7; and prior service packs ABSTRACT: Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a Smartphone that the user connected to the computer. reference LINKS: Security Lab: Reference CVE-2011-0638 CVE Details: Reference CVE-2011-0638 Mitre Reference: CVE-2011-0638

149

U-191: Oracle Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

91: Oracle Java Multiple Vulnerabilities 91: Oracle Java Multiple Vulnerabilities U-191: Oracle Java Multiple Vulnerabilities June 14, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious local users PLATFORM: Oracle Java JDK 1.7.x / 7.x Oracle Java JRE 1.7.x / 7.x Sun Java JDK 1.5.x Sun Java JDK 1.6.x / 6.x Sun Java JRE 1.4.x Sun Java JRE 1.5.x / 5.x Sun Java JRE 1.6.x / 6.x Sun Java SDK 1.4.x ABSTRACT: The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update. Thus, prior Critical Patch Update Advisories should be reviewed for information regarding earlier accumulated security fixes.

150

OLADE-Central America Climate Change Vulnerability Program | Open Energy  

Open Energy Info (EERE)

OLADE-Central America Climate Change Vulnerability Program OLADE-Central America Climate Change Vulnerability Program Jump to: navigation, search Name OLADE-Central America Climate Change Vulnerability Program Agency/Company /Organization Latin America Energy Organization Partner Ministries of Energy and Energy Enterprises Sector Energy, Land Topics Background analysis Website http://www.olade.org/proyecto_ Program Start 2010 Program End 2011 Country Belize, Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama Central America, Central America, Central America, Central America, Central America, Central America, Central America References OLADE Energy and Climate Change Projects[1] OLADE is a Latin American organization working with Central American countries on climate change vulnerability for hydroelectric systems and

151

T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0:Samba SWAT 'user' Field Cross Site Scripting Vulnerability 0:Samba SWAT 'user' Field Cross Site Scripting Vulnerability T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability August 1, 2011 - 2:10pm Addthis PROBLEM: Samba SWAT 'user' Field Cross Site Scripting Vulnerability PLATFORM: All Linux ABSTRACT: It was found that the 'Change Password' page / screen of the Samba Web Administration Tool did not properly sanitize content of the user-provided "user" field, prior printing it back to the page content. A remote attacker could provide a specially-crafted URL, which once visited by an authenticated Samba SWAT user could allow the attacker to conduct cross-site scripting attacks (execute arbitrary HTML or script code). reference LINKS: SecurityFocus - Bugtraq ID: 48901 Secunia CVE Reference: CVE-2011-2694

152

U-035: Adobe Flash Player Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

35: Adobe Flash Player Multiple Vulnerabilities 35: Adobe Flash Player Multiple Vulnerabilities U-035: Adobe Flash Player Multiple Vulnerabilities November 14, 2011 - 10:15am Addthis PROBLEM: Adobe Flash Player Multiple Vulnerabilities. PLATFORM: Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems Adobe Flash Player 11.0.1.153 and earlier versions for Android Adobe AIR 3.0 and earlier versions for Windows, Macintosh, and Android ABSTRACT: Adobe recommends users of Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 11.1.102.55. Users of Adobe Flash Player 11.0.1.153 and earlier versions for Android should update to Adobe Flash Player 11.1.102.59 for Android. Users of Adobe AIR 3.0 for Windows, Macintosh, and Android should

153

V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

61: IBM Maximo Asset Management Products Java Multiple 61: IBM Maximo Asset Management Products Java Multiple Vulnerabilities V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities May 22, 2013 - 12:46am Addthis PROBLEM: IBM Maximo Asset Management Products Java Multiple Vulnerabilities PLATFORM: IBM Maximo Asset Management 6.x IBM Maximo Asset Management 7.x IBM Maximo Asset Management Essentials 7.x ABSTRACT: Asset and Service Mgmt Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. REFERENCE LINKS: IBM Reference #:1638135 Secunia Advisory SA53451 CVE-2013-0401 CVE-2013-2433 CVE-2013-2434 CVE-2013-0402 CVE-2013-1488 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569

154

V-237: TYPO3 Security Bypass Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-237: TYPO3 Security Bypass Vulnerabilities V-237: TYPO3 Security Bypass Vulnerabilities V-237: TYPO3 Security Bypass Vulnerabilities September 9, 2013 - 6:00am Addthis PROBLEM: Some vulnerabilities have been reported in TYPO3 PLATFORM: TYPO3 6.x ABSTRACT: TYPO3 comes with the possibility to restrict editors to certain file actions (copy, delete, move etc.) and to restrict these actions to be performed in certain locations REFERENCE LINKS: Secunia Advisory SA54717 Security Focus ID 62257 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Some errors when handling file actions can be exploited to bypass file action permission restrictions and e.g. create or read arbitrary files within or outside the webroot. 2) An error when validating file names within the file renaming functionality can be exploited to bypass the denied file extensions check

155

V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-180: IBM Application Manager For Smart Business Multiple V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities June 18, 2013 - 12:38am Addthis PROBLEM: IBM Application Manager For Smart Business Multiple Vulnerabilities PLATFORM: IBM Application Manager For Smart Business 1.x ABSTRACT: A security issue and multiple vulnerabilities have been reported in IBM Application Manager For Smart Business REFERENCE LINKS: Security Bulletin 1640752 Secunia Advisory SA53844 CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-2190 CVE-2012-2191 CVE-2012-2203 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4820 CVE-2012-4821 CVE-2012-4822 CVE-2012-4823 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5079

156

V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: IBM Maximo Asset Management Products Java Multiple 1: IBM Maximo Asset Management Products Java Multiple Vulnerabilities V-161: IBM Maximo Asset Management Products Java Multiple Vulnerabilities May 22, 2013 - 12:46am Addthis PROBLEM: IBM Maximo Asset Management Products Java Multiple Vulnerabilities PLATFORM: IBM Maximo Asset Management 6.x IBM Maximo Asset Management 7.x IBM Maximo Asset Management Essentials 7.x ABSTRACT: Asset and Service Mgmt Products - Potential security exposure when using JavaTM based applications due to vulnerabilities in Java Software Developer Kits. REFERENCE LINKS: IBM Reference #:1638135 Secunia Advisory SA53451 CVE-2013-0401 CVE-2013-2433 CVE-2013-2434 CVE-2013-0402 CVE-2013-1488 CVE-2013-1491 CVE-2013-1518 CVE-2013-1537 CVE-2013-1540 CVE-2013-1557 CVE-2013-1558 CVE-2013-1561 CVE-2013-1563 CVE-2013-1564 CVE-2013-1569

157

T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

613: Microsoft Excel Axis Properties Remote Code Execution 613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability T-613: Microsoft Excel Axis Properties Remote Code Execution Vulnerability May 2, 2011 - 7:42am Addthis PROBLEM: Microsoft Excel is prone to a remote code-execution vulnerability because the applications fail to sufficiently validate user-supplied input. PLATFORM: Microsoft Excel (2002-2010) ABSTRACT: Microsoft Excel is prone to a remote code-execution vulnerability because the applications fails to sufficiently validate user-supplied input. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service

158

U-187: Adobe Flash Player Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Adobe Flash Player Multiple Vulnerabilities 7: Adobe Flash Player Multiple Vulnerabilities U-187: Adobe Flash Player Multiple Vulnerabilities June 11, 2012 - 7:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Adobe Flash Player PLATFORM: Adobe Flash Player 11.2.202.235 and earlier for Windows, Macintosh and Linux Adobe Flash Player 11.1.115.8 and earlier for Android 4.x Adobe Flash Player 11.1.111.9 and earlier for Android 3.x and 2.x Adobe AIR 3.2.0.2070 and earlier for Windows, Macintosh and Android ABSTRACT: Adobe released security updates for Adobe Flash Player 11.2.202.235 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and 2.x. These updates

159

U-002:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

02:Adobe Photoshop Elements Multiple Memory Corruption 02:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities U-002:Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities October 4, 2011 - 11:00am Addthis PROBLEM: Adobe Photoshop Elements Multiple Memory Corruption Vulnerabilities. PLATFORM: Adobe Photoshop Elements 8.0 and earlier versions for Windows. ABSTRACT: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: Adobe Advisory: APSA11-03 SecurityTracker Alert ID: 1026132 SecurityFocus: CVE-2011-2443 IMPACT ASSESSMENT: High Discussion: A vulnerability was reported in Adobe Photoshop Elements. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted '.grd' or '.abr' file that,

160

T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

80:Samba SWAT 'user' Field Cross Site Scripting Vulnerability 80:Samba SWAT 'user' Field Cross Site Scripting Vulnerability T-680:Samba SWAT 'user' Field Cross Site Scripting Vulnerability August 1, 2011 - 2:10pm Addthis PROBLEM: Samba SWAT 'user' Field Cross Site Scripting Vulnerability PLATFORM: All Linux ABSTRACT: It was found that the 'Change Password' page / screen of the Samba Web Administration Tool did not properly sanitize content of the user-provided "user" field, prior printing it back to the page content. A remote attacker could provide a specially-crafted URL, which once visited by an authenticated Samba SWAT user could allow the attacker to conduct cross-site scripting attacks (execute arbitrary HTML or script code). reference LINKS: SecurityFocus - Bugtraq ID: 48901 Secunia CVE Reference: CVE-2011-2694

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


161

Chemical-Terrorism Vulnerability Information Guidance Document January 7, 2011  

E-Print Network (OSTI)

.215; Not currently applicable (2) Site Security Plans under §27.225; Not currently applicable (3) Documents relating to the Department's review and approval of Security Vulnerability Assessments and Site Security Plans, including

Pawlowski, Wojtek

162

Global Change and Human Vulnerability to Vector-Borne Diseases  

Science Journals Connector (OSTI)

...preventative measures in both developing...large part in reducing the vulnerability...preventative measures rather than...faster route to reducing the incidence...of the key greenhouse gases carbon dioxide...of a species related to its climatic...

Robert W. Sutherst

2004-01-01T23:59:59.000Z

163

Ethics of Vulnerability (ii): Imagining the Posthuman Future  

Science Journals Connector (OSTI)

Moreover, in contrast to determinist versions of transhumanism (as e.g. ‘Singularity’ thinking)...some extent at least—influence what we are to become by trying to understand our current vulnerabilities, project ...

Mark Coeckelbergh

2013-01-01T23:59:59.000Z

164

Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications  

E-Print Network (OSTI)

Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications Michael web applications. Authentication attacks occur when a web application authenticates users unsafely, granting access to web clients that lack the ap- propriate credentials. Access control attacks occur when

Sabatini, David M.

165

U.S. Energy Sector Vulnerability Report | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U.S. Energy Sector Vulnerability Report U.S. Energy Sector Vulnerability Report U.S. Energy Sector Vulnerability Report As part of the Administration's efforts to support national climate change adaptation planning through the Interagency Climate Change Adaptation Task Force and Strategic Sustainability Planning process -- and to advance the Energy Department's goal of promoting energy security -- the Department released the U.S. Energy Sector Vulnerability to Climate Change and Extreme Weather report. The report examines current and potential future impacts of climate change trends on the U.S. energy sector, including: Coastal energy infrastructure is at risk from sea level rise, increasing storm intensity and higher storm surge and flooding. Oil and gas production -- including refining, hydraulic fracturing

166

Abstract IA14: Functional genomics and cancer vulnerabilities  

Science Journals Connector (OSTI)

...Cancer Research. November 2014 meeting-abstract Genomics Genomics: Oral Presentations - Invited Abstracts Abstracts...2013; San Diego, CA Abstract IA14: Functional genomics and cancer vulnerabilities William C. Hahn Dana-Farber...

William C. Hahn

2014-11-01T23:59:59.000Z

167

A review of young people's vulnerabilities to online grooming  

Science Journals Connector (OSTI)

Abstract This review explores risk factors that may make a young person vulnerable to being groomed online. Even though research in this area is extremely limited, adolescents appear to be the age group most vulnerable to online grooming. Other vulnerabilities appear to be consistent with those associated with offline sexual abuse. The review suggests that behaviors specific to online grooming include: engaging in risk taking behavior online, high levels of internet access, and lack of parental involvement in the young person's internet use. Vulnerabilities to carry out these types of behavior and be more exposed to the risk of online grooming, are set within the context of the Ecological Model of child protection, consisting of: individual, family, community, and cultural risk factors. Patterns of vulnerability regarding living environment, ethnicity, socioeconomic status, and personality are tentative, but are often interconnected. The more risk taking behaviors the young person carries out, plus greater levels of vulnerability factors, the less resilient they are likely to be towards protecting themselves against online grooming. A protective factor appears to be parental involvement in their child's use of the internet. Therefore, this, in combination with internet safety education at school, is encouraged.

Helen Whittle; Catherine Hamilton-Giachritsis; Anthony Beech; Guy Collings

2013-01-01T23:59:59.000Z

168

V-083: Oracle Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Oracle Java Multiple Vulnerabilities 3: Oracle Java Multiple Vulnerabilities V-083: Oracle Java Multiple Vulnerabilities February 4, 2013 - 12:42am Addthis PROBLEM: Oracle Java Multiple Vulnerabilities PLATFORM: Oracle Java JDK 1.5.x / 5.x Oracle Java JDK 1.7.x / 7.x Oracle Java JRE 1.7.x / 7.x Oracle Java SDK 1.4.x / 4.x Sun Java JDK 1.4.x Sun Java JDK 1.6.x / 6.x Sun Java JRE 1.4.x / 4.x Sun Java JRE 1.5.x / 5.x Sun Java JRE 1.6.x / 6.x ABSTRACT: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update and Security Alert. REFERENCE LINKS: Oracle Security Advisory February 2013

169

V-107: Wireshark Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Wireshark Multiple Denial of Service Vulnerabilities 7: Wireshark Multiple Denial of Service Vulnerabilities V-107: Wireshark Multiple Denial of Service Vulnerabilities March 8, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Wireshark PLATFORM: Wireshark 1.6.x and 1.8.x ABSTRACT: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA52471 Wireshark Release Notes 1.8.6 Wireshark Release Notes 1.6.1.4 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 IMPACT ASSESSMENT: Medium DISCUSSION: 1) An error in the TCP dissector when processing certain packets can be

170

V-107: Wireshark Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Wireshark Multiple Denial of Service Vulnerabilities 7: Wireshark Multiple Denial of Service Vulnerabilities V-107: Wireshark Multiple Denial of Service Vulnerabilities March 8, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Wireshark PLATFORM: Wireshark 1.6.x and 1.8.x ABSTRACT: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). REFERENCE LINKS: Secunia Advisory SA52471 Wireshark Release Notes 1.8.6 Wireshark Release Notes 1.6.1.4 CVE-2013-2475 CVE-2013-2476 CVE-2013-2477 CVE-2013-2478 CVE-2013-2479 CVE-2013-2480 CVE-2013-2481 CVE-2013-2482 CVE-2013-2483 CVE-2013-2484 CVE-2013-2485 CVE-2013-2486 CVE-2013-2487 CVE-2013-2488 IMPACT ASSESSMENT: Medium DISCUSSION: 1) An error in the TCP dissector when processing certain packets can be

171

V-083: Oracle Java Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Oracle Java Multiple Vulnerabilities 3: Oracle Java Multiple Vulnerabilities V-083: Oracle Java Multiple Vulnerabilities February 4, 2013 - 12:42am Addthis PROBLEM: Oracle Java Multiple Vulnerabilities PLATFORM: Oracle Java JDK 1.5.x / 5.x Oracle Java JDK 1.7.x / 7.x Oracle Java JRE 1.7.x / 7.x Oracle Java SDK 1.4.x / 4.x Sun Java JDK 1.4.x Sun Java JDK 1.6.x / 6.x Sun Java JRE 1.4.x / 4.x Sun Java JRE 1.5.x / 5.x Sun Java JRE 1.6.x / 6.x ABSTRACT: A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update and Security Alert. REFERENCE LINKS: Oracle Security Advisory February 2013

172

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

vulnerability vulnerability identification, dEfense and Restoration (Smart Grid Project) (United Kingdom) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country United Kingdom Coordinates 55.378052°, -3.435973° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":55.378052,"lon":-3.435973,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

173

Locating Climate Insecurity: Where Are the Most Vulnerable Places in  

Open Energy Info (EERE)

Locating Climate Insecurity: Where Are the Most Vulnerable Places in Locating Climate Insecurity: Where Are the Most Vulnerable Places in Africa? Jump to: navigation, search Tool Summary LAUNCH TOOL Name: Locating Climate Insecurity: Where Are the Most Vulnerable Places in Africa? Agency/Company /Organization: The Robert Strauss Center Topics: Co-benefits assessment, Background analysis Resource Type: Publications Website: ccaps.strausscenter.org/system/research_items/pdfs/19/original.pdf?128 UN Region: "Sub-Saharan Africa" is not in the list of possible values (Eastern Africa, Middle Africa, Northern Africa, Southern Africa, Western Africa, Caribbean, Central America, South America, Northern America, Central Asia, Eastern Asia, Southern Asia, South-Eastern Asia, Western Asia, Eastern Europe, Northern Europe, Southern Europe, Western Europe, Australia and New Zealand, Melanesia, Micronesia, Polynesia, Latin America and the Caribbean) for this property.

174

The Journal of Physical Security - Vulnerability Assessment Team - Argonne  

NLE Websites -- All DOE Office Websites (Extended Search)

Current Projects > The Journal of Physical Current Projects > The Journal of Physical Security VAT Projects Introducing the VAT Adversarial Vulnerability Assessments Safety Tags & Product Counterfeiting Election Security Spoofing GPS Defeating Existing Tamper-Indicating Seals Specialty Field Tools & Sampling Tools Insider Threat Mitigation Drug Testing Security Microprocessor Prototypes The Journal of Physical Security Vulnerability Assessments Vulnerability Assessments Insanely Fast µProcessor Shop Insanely Fast µProcessor Shop Seals About Seals Applications of Seals Common Myths about Tamper Indicating Seals Definitions Findings and Lessons Learned New Seals Types of Seals Seals References Selected VAT Papers Selected VAT Papers Selected Invited Talks Self-Assessment Survey Security Maxims Devil's Dictionary of Security Terms

175

T-657: Drupal Prepopulate - Multiple vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Drupal Prepopulate - Multiple vulnerabilities 7: Drupal Prepopulate - Multiple vulnerabilities T-657: Drupal Prepopulate - Multiple vulnerabilities June 29, 2011 - 3:34pm Addthis PROBLEM: Prepopulate module enables pre-populating forms in Drupal using the $_REQUEST vairable. PLATFORM: Prepopulate module for Drupal 6.x versions prior to 6.x-2.2 ABSTRACT: The module does not adequately validate user input leading to an cross-site scripting (XSS) possibility in certain circumstances. reference LINKS: Advisory ID: DRUPAL-SA-CONTRIB-2011-023 Prepopulate module Prepopulate 6.x-2.2 Update IMPACT ASSESSMENT: High Discussion: The Prepopulate module enables pre-populating forms in Drupal using the $_REQUEST vairable. The module does not adequately validate user input leading to an cross-site scripting (XSS) possibility in certain circumstances. Users privileged to

176

Vulnerability Analysis of Energy Delivery Control Systems - 2011 |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Vulnerability Analysis of Energy Delivery Control Systems - 2011 Vulnerability Analysis of Energy Delivery Control Systems - 2011 Vulnerability Analysis of Energy Delivery Control Systems - 2011 Cybersecurity for energy delivery systems has emerged as one of the Nation's most serious grid modernization and infrastructure protection issues. Cyber adversaries are becoming increasingly targeted, sophisticated, and better financed. The energy sector must research, develop and deploy new cybersecurity capabilities faster than the adversary can launch new attack tools and techniques. The goal of the U.S. Department of Energy Office of Electricity Delivery and Energy Reliability (DOE/OE) National Supervisory Control and Data Acquisition (SCADA) Test Bed (NSTB) program is to enhance the reliability and resiliency of the Nation's energy infrastructure by reducing the risk

177

Agenda: Enhancing Energy Infrastructure Resiliency and Addressing Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

Quadrennial Energy Review Task Force Secretariat and Energy Policy and Systems Analysis Staff, U. S. Department of Energy (DOE) Public Meeting on “Enhancing Resilience in Energy Infrastructure and Addressing Vulnerabilities” On Friday, April 11, 2014, at 10 a.m. in room HVC-215 of the U.S. Capitol, the Department of Energy (DOE), acting as the Secretariat for the Quadrennial Energy Review Task Force, will hold a public meeting to discuss and receive comments on issues related to the Quadrennial Energy Review (QER). The meeting will focus on infrastructure vulnerabilities related to the electricity, natural gas and petroleum transmission, storage and distribution systems (TS&D). The meeting will consist of two facilitated panels of experts on identifying and addressing vulnerabilities within the nation’s energy TS&D infrastructure. Following the panels, an opportunity will be provided for public comment via an open microphone session.

178

Analysis of seismic vulnerability using remote sensing and GIS techniques  

Science Journals Connector (OSTI)

This paper presents a framework to integrate several sources of spatial information to derive a map of seismic vulnerability for the city of Arica, Chile, which has been historically affected by this natural hazard. The proposed method is based on generating a geographical database with different variables that are related to human activity, considering factors of potential reduction and increase of damage caused by a future earthquake. The spatial information was obtained from different sources, mainly remote sensing images, national and local census and field data collection. The map of seismic vulnerability was based on the estimated location of population, as well as the situation of critical installations and a map of construction fragility. Since population activity changes through the day, a dynamic cartography of vulnerability was produced, based on population density levels for different time periods. Construction fragility maps were derived from digital classification of an IRS-1C image, using textural features.

Patricio Zavala; Emilio Chuvieco

2003-01-01T23:59:59.000Z

179

Developing new methodology for nuclear power plants vulnerability assessment  

Science Journals Connector (OSTI)

The fundamental aim of an efficient regulatory emergency preparedness and response system is to provide sustained emergency readiness and to prevent emergency situations and accidents. But when an event occurs, the regulatory mission is to mitigate consequences and to protect people and the environment against nuclear and radiological damage. The regulatory emergency response system, which would be activated in the case of a nuclear and/or radiological emergency and release of radioactivity to the environment, is an important element of a comprehensive national regulatory system of nuclear and radiation safety. In the past, national emergency systems explicitly did not include vulnerability assessments of the critical nuclear infrastructure as an important part of a comprehensive preparedness framework. But after the huge terrorist attack on 11/09/2001, decision-makers became aware that critical nuclear infrastructure could also be an attractive target to terrorism, with the purpose of using the physical and radioactive properties of the nuclear material to cause mass casualties, property damage, and detrimental economic and/or environmental impacts. The necessity to evaluate critical nuclear infrastructure vulnerability to threats like human errors, terrorist attacks and natural disasters, as well as preparation of emergency response plans with estimation of optimized costs, are of vital importance for assurance of safe nuclear facilities operation and national security. In this paper presented new methodology and solution methods for vulnerability assessment can help the overall national energy sector to identify and understand the terrorist threats to and vulnerabilities of its critical infrastructure. Moreover, adopted methodology could help national regulators and agencies to develop and implement a vulnerability awareness and education programs for their critical assets to enhance the security and a safe operation of the entire energy infrastructure. New methods can also assist nuclear power plants to develop, validate, and disseminate assessment and surveys of new efficient countermeasures. Consequently, concise description of developed new quantitative method and adapted new methodology for nuclear regulatory vulnerability assessment of nuclear power plants are presented.

Venceslav Kostadinov

2011-01-01T23:59:59.000Z

180

U-042: Mac RealPlayer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

42: Mac RealPlayer Multiple Vulnerabilities 42: Mac RealPlayer Multiple Vulnerabilities U-042: Mac RealPlayer Multiple Vulnerabilities November 21, 2011 - 9:15am Addthis PROBLEM: Mac RealPlayer Multiple Vulnerabilities. PLATFORM: Versions 12.0.0.1701 and prior. ABSTRACT: Multiple vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory: SA46963 Secunia Vulnerability Report: Mac RealPlayer 12.x Secunia Advisory: SA46954 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the versions 14.0.7 and prior.

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


181

U-042: Mac RealPlayer Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Mac RealPlayer Multiple Vulnerabilities 2: Mac RealPlayer Multiple Vulnerabilities U-042: Mac RealPlayer Multiple Vulnerabilities November 21, 2011 - 9:15am Addthis PROBLEM: Mac RealPlayer Multiple Vulnerabilities. PLATFORM: Versions 12.0.0.1701 and prior. ABSTRACT: Multiple vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user's system. reference LINKS: Secunia Advisory: SA46963 Secunia Vulnerability Report: Mac RealPlayer 12.x Secunia Advisory: SA46954 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the versions 14.0.7 and prior.

182

Vulnerability Analysis Considerations for the Transportation of Special Nuclear Material  

SciTech Connect

The vulnerability analysis methodology developed for fixed nuclear material sites has proven to be extremely effective in assessing associated transportation issues. The basic methods and techniques used are directly applicable to conducting a transportation vulnerability analysis. The purpose of this paper is to illustrate that the same physical protection elements (detection, delay, and response) are present, although the response force plays a dominant role in preventing the theft or sabotage of material. Transportation systems are continuously exposed to the general public whereas the fixed site location by its very nature restricts general public access.

Nicholson, Lary G.; Purvis, James W.

1999-07-21T23:59:59.000Z

183

Vulnerability analysis for complex networks using aggressive abstraction.  

SciTech Connect

Large, complex networks are ubiquitous in nature and society, and there is great interest in developing rigorous, scalable methods for identifying and characterizing their vulnerabilities. This paper presents an approach for analyzing the dynamics of complex networks in which the network of interest is first abstracted to a much simpler, but mathematically equivalent, representation, the required analysis is performed on the abstraction, and analytic conclusions are then mapped back to the original network and interpreted there. We begin by identifying a broad and important class of complex networks which admit vulnerability-preserving, finite state abstractions, and develop efficient algorithms for computing these abstractions. We then propose a vulnerability analysis methodology which combines these finite state abstractions with formal analytics from theoretical computer science to yield a comprehensive vulnerability analysis process for networks of realworld scale and complexity. The potential of the proposed approach is illustrated with a case study involving a realistic electric power grid model and also with brief discussions of biological and social network examples.

Colbaugh, Richard; Glass, Kristin L.

2010-06-01T23:59:59.000Z

184

NV: Nessus Vulnerability Visualization for the Web Lane Harrison  

E-Print Network (OSTI)

NV: Nessus Vulnerability Visualization for the Web Lane Harrison Oak Ridge National Laboratory Oak Ridge TN, USA harrisonlt@ornl.gov Riley Spahn Oak Ridge National Laboratory Oak Ridge TN, USA spahnrb1@ornl.gov Mike Iannacone Oak Ridge National Laboratory Oak Ridge TN, USA iannaconemd@ornl.gov Evan

Kaiser, Gail E.

185

Climate Change: Conflict, Security and Vulnerability Professor of Climate Change  

E-Print Network (OSTI)

Climate Change: Conflict, Security and Vulnerability Mike Hulme Professor of Climate Change Science, Society and Sustainability Group School of Environmental Sciences Rethinking Climate Change, Conflict security" "increase risk of conflicts among and within nations" #12;· from `climatic change' to `climate-change

Hulme, Mike

186

Experimental Investigation of Microwave Vulnerabilities in CMOS Inverters  

E-Print Network (OSTI)

Experimental Investigation of Microwave Vulnerabilities in CMOS Inverters Agis A. Iliadis effects on single CMOS inverters, the fundamental building block of logic ICs, consisting of an NMOS and a PMOS transistor. The inverters were designed in our group and fabricated in the AMI-1.5µm MOSIS line

Anlage, Steven

187

Safeguarding Vulnerable Groups Policy Purpose of this Document  

E-Print Network (OSTI)

1 Safeguarding Vulnerable Groups Policy Purpose of this Document This document contains guidelines in university activities or visiting university premises. Author: Students in Classrooms & Safeguarding Children.0 Jamie Marshall January 2014 Added contents Amended e-safety Updated Safeguarding Officer Details Andy

Evans, Paul

188

Safeguarding Vulnerable Groups Policy 1. WHAT IS SAFEGUARDING?  

E-Print Network (OSTI)

Safeguarding Vulnerable Groups Policy 1. WHAT IS SAFEGUARDING? 1.1Safeguarding is defined by the Children Act 1989 and Joint Chief Inspectors Report on Arrangements to Safeguard Children (2002) as meaning with other local agencies'. 2. WHO ARE WE SAFEGUARDING? 2.1 Safeguarding practices are most commonly applied

Aickelin, Uwe

189

An assessment of fire vulnerability for aged electrical relays  

SciTech Connect

There has been some concern that, as nuclear power plants age, protective measures taken to control and minimize the impact of fire may become ineffective, or significantly less effective, and hence result in an increased fire risk. One objective of the Fire Vulnerability of Aged Electrical Components Program is to assess the effects of aging and service wear on the fire vulnerability of electrical equipment. An increased fire vulnerability of components may lead to an overall increase in fire risk to the plant. Because of their widespread use in various electrical safety systems, electromechanical relays were chosen to be the initial components for evaluation. This test program assessed the impact of operational and thermal aging on the vulnerability of these relays to fire-induced damage. Only thermal effects of a fire were examined in this test program. The impact of smoke, corrosive materials, or fire suppression effects on relay performance were not addressed in this test program. The purpose of this test program was to assess whether the fire vulnerability of electrical relays increased with aging. The sequence followed for the test program was to: identify specific relay types, develop three fire scenarios, artificially age several relays, test the unaged and aged relays in the fire exposure scenarios, and compare the results. The relays tested were Agastat GPI, General Electric (GE) HMA, HGA, and HFA. At least two relays of each type were artificially aged and at least two relays of each type were new. Relays were operationally aged by cycling the relay under rated load for 2,000 operations. These relays were then thermally aged for 60 days with their coil energized.

Vigil, R.A. [Sandia National Labs., Albuquerque, NM (United States)]|[Science and Engineering Associates, Inc., Albuquerque, NM (United States); Nowlen, S.P. [Sandia National Labs., Albuquerque, NM (United States)

1995-03-01T23:59:59.000Z

190

T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities 9: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities May 24, 2011 - 3:35pm Addthis PROBLEM: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities. PLATFORM: Avaya versions prior to 3.8.5 (confirmed in 3.8.2) ABSTRACT: Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. refrence LINKS: Avaya Security Advisory: ASA-2011-143 Secunia Advisory: SA44062 Securelist ID: SA44062 Vulnerability Report: Avaya WinPDM 3.x IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the Unite Host Router service (UniteHostRouter.exe)

191

U-234: Oracle MySQL User Login Security Bypass Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

234: Oracle MySQL User Login Security Bypass Vulnerability 234: Oracle MySQL User Login Security Bypass Vulnerability U-234: Oracle MySQL User Login Security Bypass Vulnerability August 14, 2012 - 7:00am Addthis PROBLEM: Oracle MySQL User Login Security Bypass Vulnerability PLATFORM: Version(s): prior to 5.1.63 and 5.5.25 are vulnerable. ABSTRACT: Oracle MySQL is prone to a security bypass vulnerability Attackers can exploit this issue to bypass certain security restrictions. REFERENCE LINKS: http://www.securityfocus.com/bid/53911/discuss CVE-2012-2122 IMPACT ASSESSMENT: Medium Discussion: Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials.The vulnerability is identified as CVE-2012-2122 and was addressed in MySQL 5.1.63 and 5.5.25 in

192

U-158: HP NonStop Server Java Multiple Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: HP NonStop Server Java Multiple Vulnerabilities 8: HP NonStop Server Java Multiple Vulnerabilities U-158: HP NonStop Server Java Multiple Vulnerabilities April 30, 2012 - 7:00am Addthis PROBLEM: HP NonStop Server Java Multiple Vulnerabilities PLATFORM: HP NonStop Server 6.x ABSTRACT: Multiple vulnerabilities have been reported in HP NonStop Server Reference links: Secunia Advisory SA48977 CVE-2011-3547 CVE-2011-3551 CVE-2011-3553 IMPACT ASSESSMENT: High Discussion: HP has acknowledged multiple vulnerabilities in HP NonStop Server, which can be exploited by malicious users to disclose sensitive information and by malicious people to disclose sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. Impact: Successful exploitation of this vulnerability may allow remote manipulation

193

U-196: Cisco AnyConnect VPN Client Two Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Cisco AnyConnect VPN Client Two Vulnerabilities 6: Cisco AnyConnect VPN Client Two Vulnerabilities U-196: Cisco AnyConnect VPN Client Two Vulnerabilities June 21, 2012 - 7:00am Addthis PROBLEM: Two vulnerabilities have been reported in Cisco AnyConnect VPN Client, which can be exploited by malicious people to compromise a user's system. PLATFORM: Cisco AnyConnect VPN Client 2.x Cisco AnyConnect VPN Client 3.x ABSTRACT: The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities: Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop HostScan Downloader Software Downgrade Vulnerability Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader

194

T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

29: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities 29: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities T-629: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities May 24, 2011 - 3:35pm Addthis PROBLEM: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities. PLATFORM: Avaya versions prior to 3.8.5 (confirmed in 3.8.2) ABSTRACT: Vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. refrence LINKS: Avaya Security Advisory: ASA-2011-143 Secunia Advisory: SA44062 Securelist ID: SA44062 Vulnerability Report: Avaya WinPDM 3.x IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the Unite Host Router service (UniteHostRouter.exe)

195

TO APPEAR IN IEEE TRANSACTIONS ON POWER SYSTEMS 1 Vulnerability Assessment of Cybersecurity for  

E-Print Network (OSTI)

TO APPEAR IN IEEE TRANSACTIONS ON POWER SYSTEMS 1 Vulnerability Assessment of Cybersecurity Govindarasu, Member, IEEE Abstract--Vulnerability assessment is a requirement of NERC's cybersecurity within the substation networks. Countermeasures are identified for improvement of the cybersecurity

Manimaran, Govindarasu

196

T-551: Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE))

Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur.

197

Time-Resolved Photoluminescence and Photovoltaics  

SciTech Connect

The time-resolved photoluminescence (TRPL) technique and its ability to characterize recombination in bulk photovoltaic semiconductor materials are reviewed. Results from a variety of materials and a few recent studies are summarized and compared.

Metzger, W. K.; Ahrenkiel, R. K.; Dippo, P.; Geisz, J.; Wanlass, M. W.; Kurtz, S.

2005-01-01T23:59:59.000Z

198

Climate Change Vulnerability of Native and Alien Freshwater Fishes of California: A Systematic Assessment  

E-Print Network (OSTI)

Climate Change Vulnerability of Native and Alien Freshwater Fishes of California: A Systematic and climate change vulnerability scores were derived for 121 native and 43 alien fish species. The two scores baseline and greater climate change vulnerability than did alien species. Fifty percent of California

199

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS  

E-Print Network (OSTI)

ISS-011, Vulnerability Assessment Standard 1/3 UCIT INFORMATION SECURITY STANDARDS Vulnerability Assessment Standard Rationale 1 To enable timely identification and mitigation of vulnerabilities and security flaws affecting computing devices within UofC's computing environment. Scope 2 2.1 This standard

Habib, Ayman

200

ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing  

E-Print Network (OSTI)

ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing generating a data patch or a vulnerability signature for an unknown vulnerability, given a zero-day attack. In this paper, we aim to automate this process and enable fast, patch-level pro- tection generation

Locasto, Michael E.

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


201

Climate Change and Infrastructure, Urban Systems, and Vulnerabilities  

SciTech Connect

This Technical Report on Climate Change and Infrastructure, Urban Systems, and Vulnerabilities has been prepared for the U.S. Department of Energy by the Oak Ridge National Laboratory in support of the U.S. National Climate Assessment (NCA). It is a summary of the currently existing knowledge base on its topic, nested within a broader framing of issues and questions that need further attention in the longer run. The report arrives at a number of assessment findings, each associated with an evaluation of the level of consensus on that issue within the expert community, the volume of evidence available to support that judgment, and the section of the report that provides an explanation for the finding. Cross-sectoral issues related to infrastructures and urban systems have not received a great deal of attention to date in research literatures in general and climate change assessments in particular. As a result, this technical report is breaking new ground as a component of climate change vulnerability and impact assessments in the U.S., which means that some of its assessment findings are rather speculative, more in the nature of propositions for further study than specific conclusions that are offered with a high level of confidence and research support. But it is a start in addressing questions that are of interest to many policymakers and stakeholders. A central theme of the report is that vulnerabilities and impacts are issues beyond physical infrastructures themselves. The concern is with the value of services provided by infrastructures, where the true consequences of impacts and disruptions involve not only the costs associated with the clean-up, repair, and/or replacement of affected infrastructures but also economic, social, and environmental effects as supply chains are disrupted, economic activities are suspended, and/or social well-being is threatened. Current knowledge indicates that vulnerability concerns tend to be focused on extreme weather events associated with climate change that can disrupt infrastructure services, often cascading across infrastructures because of extensive interdependencies threatening health and local economies, especially in areas where human populations and economic activities are concentrated in urban areas. Vulnerabilities are especially large where infrastructures are subject to multiple stresses, beyond climate change alone; when they are located in areas vulnerable to extreme weather events; and if climate change is severe rather than moderate. But the report also notes that there are promising approaches for risk management, based on emerging lessons from a number of innovative initiatives in U.S. cities and other countries, involving both structural and non-structural (e.g., operational) options.

Wilbanks, Thomas J [ORNL] [ORNL; Fernandez, Steven J [ORNL] [ORNL

2014-01-01T23:59:59.000Z

202

Protecting Vulnerable Research Subjects in Critical Care Trials: Enhancing the Informed Consent Process and Recommendations for Safeguards  

Science Journals Connector (OSTI)

Although critically ill patients represent a vulnerable group of individuals, guidelines in research ethics assert that ethically acceptable research may proceed with such vulnerable subjects if additional safeguards

Henry Silverman

2011-04-01T23:59:59.000Z

203

Unified Resolve 2014: A Proof of Concept for Radiological Support...  

Office of Environmental Management (EM)

Unified Resolve 2014: A Proof of Concept for Radiological Support to Incident Commanders Unified Resolve 2014: A Proof of Concept for Radiological Support to Incident Commanders...

204

Verifying the Benefits and Resolving the Issues in the Commercializati...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

the Benefits and Resolving the Issues in the Commercialization of Ethanol Containing Diesel Fuels Verifying the Benefits and Resolving the Issues in the Commercialization of...

205

Resolving Code and Standard Barriers to Building America Innovations...  

Office of Energy Efficiency and Renewable Energy (EERE) Indexed Site

Resolving Code and Standard Barriers to Building America Innovations - 2014 BTO Peer Review Resolving Code and Standard Barriers to Building America Innovations - 2014 BTO Peer...

206

T-596: 0-Day Windows Network Interception Configuration Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: 0-Day Windows Network Interception Configuration 6: 0-Day Windows Network Interception Configuration Vulnerability T-596: 0-Day Windows Network Interception Configuration Vulnerability April 6, 2011 - 5:48am Addthis PROBLEM: 0-Day exploit of IPv4 and IPv6 mechanics and how it applies to Microsoft Windows Operating systems. PLATFORM: Microsoft Operating Systems (OS) Windows Vista, Windows 7, and Windows 2008 Server ABSTRACT: The links below describe a parasitic IPv6 layered over a native IPv4 network. This attack can be used to stage potential man-in-the-middle (MITM) attacks on IPv4 traffic. Please see the "Other Links" section below, as it provides an external URL reference. reference LINKS: InfoSec Institute - SLAAC Attack Cisco Threat Comparison and Best-Practice White Paper IMPACT ASSESSMENT: High

207

Seismic vulnerability assessment of a high voltage disconnect switch  

Science Journals Connector (OSTI)

Abstract This paper deals with the seismic vulnerability of high voltage equipment typically installed in electric substations. In particular, the seismic response of a 380 kV vertical disconnect switch has been investigated based on the results of an experimental campaign carried out at Roma Tre University. According to a series of non-linear analyses, the influence of the most significant parameters on the seismic behavior of this apparatus has been analyzed and the corresponding fragility curves have been evaluated by using the Effective Fragility Analysis method. The results showed a limited vulnerability of the disconnect switch, whose most critical parts are the bottom joint of the ceramic support column and the steel column base.

Fabrizio Paolacci; Renato Giannini; Silvia Alessandri; Gianmarco De Felice

2014-01-01T23:59:59.000Z

208

T-626: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Xen Multiple Buffer Overflow and Integer Overflow 6: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities T-626: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities May 19, 2011 - 3:05pm Addthis PROBLEM: Xen Multiple Buffer Overflow and Integer Overflow Vulnerabilities PLATFORM: XenSource Xen 3.3.1, XenSource Xen 3.3, XenSource Xen 3.2, XenSource Xen 3.1.2, XenSource Xen 3.1.1, XenSource Xen 3.0.3, XenSource Xen 4.0, XenSource Xen 3.0, RedHat Enterprise Linux Virtualization 5 server, RedHat Enterprise Linux Desktop Multi OS 5 client ,RedHat Enterprise Linux 5 server, Red Hat Fedora 15 ,and Red Hat Enterprise Linux Desktop 5 client ABSTRACT: It was found that the xc_try_bzip2_decode() and xc_try_lzma_decode() decode routines did not correctly check for a possible buffer size overflow in the

209

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

AFTER A Framework for electrical power sysTems vulnerability AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration (Smart Grid Project) (Norway) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Norway Coordinates 60.472023°, 8.468946° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":60.472023,"lon":8.468946,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

210

The vulnerability of renewable energy to climate change in Brazil  

Science Journals Connector (OSTI)

Energy supply in Brazil relies heavily on renewable energy source. The production of energy from renewable sources, however, greatly depends on climatic conditions, which may be impacted in the future due to global climate change (GCC). This paper analyzes the vulnerabilities of renewable energy production in Brazil for the cases of hydropower generation and liquid biofuels production, given a set of long-term climate projections for the A2 and B2 IPCC emission scenarios. The most important result found in this study is the increasing energy vulnerability of the poorest regions of Brazil to GCC. Both biofuels production (particularly biodiesel) and electricity generation (particularly hydropower) may negatively suffer from changes in the climate of those regions. Other renewable energy sources—such as wind power generation—may also be vulnerable, raising the need for further research. However, the results found are fundamentally dependent on the climate projections which, in turn, are still highly uncertain with respect to the future evolution of greenhouse gas emissions, greenhouse gas concentrations in the atmosphere and GCC. Therefore, in such long-term scenario analyses, the trends and directions derived are the ones to be emphasized rather than the precise results one arrives.

André Frossard Pereira de Lucena; Alexandre Salem Szklo; Roberto Schaeffer; Raquel Rodrigues de Souza; Bruno Soares Moreira Cesar Borba; Isabella Vaz Leal da Costa; Amaro Olimpio Pereira Júnior; Sergio Henrique Ferreira da Cunha

2009-01-01T23:59:59.000Z

211

Report to Congress on Insular Area energy vulnerability  

SciTech Connect

This report was prepared in response to Section 1406 of the Energy Policy Act of 1992 (Public Law 102-486), which directed the Department of Energy (DOE) to ``conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption,`` and to ``outline how the insular areas shall gain access to vital oil supplies during times of national emergency.`` The Act defines the insular areas to be the US Virgin Islands and Puerto Rico in the Caribbean, and Guam, American Samoa, the Commonwealth of the Northern Mariana Islands (CNMI), and Palau in the Pacific. In the study, ``unique vulnerabilities`` were defined as susceptibility to: (1) more frequent or more likely interruptions of oil supplies compared to the US Mainland, and/or (2) disproportionately larger or more likely economic losses in the event of an oil supply disruption. In order to assess unique vulnerabilities, the study examined the insular areas` experience during past global disruptions of oil supplies and during local emergencies caused by natural disasters. The effects of several possible future global disruptions and local emergencies were also analyzed. Analyses were based on historical data, simulations using energy and economic models, and interviews with officials in the insular governments and the energy industry.

Not Available

1994-05-01T23:59:59.000Z

212

Climate Change Vulnerability Assessment for Idaho National Laboratory  

SciTech Connect

The University of Idaho (UI) was asked to participate in the development of a climate change vulnerability assessment for Idaho National Laboratory (INL). This report describes the outcome of that assessment. The climate change happening now, due in large part to human activities, is expected to continue in the future. UI and INL used a common framework for assessing vulnerability that considers exposure (future climate change), sensitivity (system or component responses to climate), impact (exposure combined with sensitivity), and adaptive capacity (capability of INL to modify operations to minimize climate change impacts) to assess vulnerability. Analyses of climate change (exposure) revealed that warming that is ongoing at INL will continue in the coming decades, with increased warming in later decades and under scenarios of greater greenhouse gas emissions. Projections of precipitation are more uncertain, with multi model means exhibiting somewhat wetter conditions and more wet days per year. Additional impacts relevant to INL include estimates of more burned area and increased evaporation and transpiration, leading to reduced soil moisture and plant growth.

Christopher P. Ischay; Ernest L. Fossum; Polly C. Buotte; Jeffrey A. Hicke; Alexander Peterson

2014-10-01T23:59:59.000Z

213

Putting vulnerability to climate change on the map: a review of approaches, benefits, and risks  

SciTech Connect

There is growing demand among stakeholders across public and private institutions for spatially-explicit information regarding vulnerability to climate change at the local scale. However, the challenges associated with mapping the geography of climate change vulnerability are non-trivial, both conceptually and technically, suggesting the need for more critical evaluation of this practice. Here, we review climate change vulnerability mapping in the context of four key questions that are fundamental to assessment design. First, what are the goals of the assessment? A review of published assessments yields a range of objective statements that emphasize problem orientation or decision-making about adaptation actions. Second, how is the assessment of vulnerability framed? Assessments vary with respect to what values are assessed (vulnerability of what) and the underlying determinants of vulnerability that are considered (vulnerability to what). The selected frame ultimately influences perceptions of the primary driving forces of vulnerability as well as preferences regarding management alternatives. Third, what are the technical methods by which an assessment is conducted? The integration of vulnerability determinants into a common map remains an emergent and subjective practice associated with a number of methodological challenges. Fourth, who participates in the assessment and how will it be used to facilitate change? Assessments are often conducted under the auspices of benefiting stakeholders, yet many lack direct engagement with stakeholders. Each of these questions is reviewed in turn by drawing on an illustrative set of 45 vulnerability mapping studies appearing in the literature. A number of pathways for placing vulnerability

Preston, Benjamin L [ORNL

2011-01-01T23:59:59.000Z

214

T-543: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities 3: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities T-543: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities January 26, 2011 - 7:35am Addthis PROBLEM: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities. PLATFORM: Wireshark 0.8.20 through 1.2.8. ABSTRACT: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities. Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application. reference LINKS: Securityfocus IMPACT ASSESSMENT: Medium Discussion: Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities.Exploiting these issues may allow attackers to crash the

215

U-218: Cisco Linksys WMB54G TFTP Command Injection Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

18: Cisco Linksys WMB54G TFTP Command Injection Vulnerability 18: Cisco Linksys WMB54G TFTP Command Injection Vulnerability U-218: Cisco Linksys WMB54G TFTP Command Injection Vulnerability July 23, 2012 - 6:49am Addthis PROBLEM: Cisco Linksys WMB54G TFTP Command Injection Vulnerability PLATFORM: Cisco Linksys WMB54G 1.x ABSTRACT: System access from local network reference LINKS: Bugtraq ID: 54615 Original Advisory Secunia Advisory SA49868 Cisco Advisory ID: cisco-sa-20111019-cs IMPACT ASSESSMENT: Medium Discussion: A vulnerability in Cisco Linksys WMB54G was reported, which can be exploited by malicious people to compromise a vulnerable device. The vulnerability is caused due to missing input validation in the TFTP service when running the firmware update functionality and can be exploited to inject and execute arbitrary shell commands. Additionally, it may be

216

U-099: MySQL Unspecified Code Execution Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

099: MySQL Unspecified Code Execution Vulnerability 099: MySQL Unspecified Code Execution Vulnerability U-099: MySQL Unspecified Code Execution Vulnerability February 9, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in MySQL, which can be exploited by malicious people to compromise a vulnerable system. PLATFORM: MySQL 5.x ABSTRACT: Successful exploitation allows execution of arbitrary code. Reference LINKS: Secunia Advisory SA47894 No CVE references currently available. IMPACT ASSESSMENT: Medium Discussion: The vulnerability is reported in version 5.5.20. Other versions may also be affected. The exploit has been tested with mysql-5.5.20-debian6.0-i686.deb on Debian 6.0. Impact: System access from local network Solution: An effective workaround cannot currently be provided due to limited vulnerability details.

217

V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

14: RealPlayer MP4 Processing Buffer Overflow Vulnerability 14: RealPlayer MP4 Processing Buffer Overflow Vulnerability V-114: RealPlayer MP4 Processing Buffer Overflow Vulnerability March 19, 2013 - 12:01am Addthis PROBLEM: RealPlayer MP4 Processing Buffer Overflow Vulnerability PLATFORM: Versions prior to 16.0.1.18. ABSTRACT: A vulnerability has been reported in RealPlayer REFERENCE LINKS: RealNetworks, Inc Secunia Advisory SA52692 CVE-2013-1750 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to an error when processing MP4 files and can be exploited to cause a heap-based buffer overflow via a specially crafted MP4 file. IMPACT: Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 16.0.1.18. Addthis Related Articles U-042: Mac RealPlayer Multiple Vulnerabilities V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote

218

T-716: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: Google SketchUp v8.x - '.DAE' File Memory Corruption 6: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability T-716: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability September 14, 2011 - 9:28am Addthis PROBLEM: Attackers may exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. PLATFORM: Google SketchUp 8 is vulnerable; other versions may also be affected. ABSTRACT: Google SketchUp v8.x - '.DAE' File Memory Corruption Vulnerability reference LINKS: Vulnerability-Lab SketchUp Downloads IMPACT ASSESSMENT: Medium Discussion: A Memory Corruption vulnerability is detected on the Google s SketchUp v8.x. The vulnerability is caused by an memory corruption when processing corrupt DAE files through the filter, which could be exploited by attackers

219

V-070: Apache CouchDB Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apache CouchDB Multiple Vulnerabilities 0: Apache CouchDB Multiple Vulnerabilities V-070: Apache CouchDB Multiple Vulnerabilities January 16, 2013 - 1:00am Addthis PROBLEM: Apache CouchDB Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in versions prior to 1.0.4, 1.1.2, and 1.2.1. ABSTRACT: Multiple vulnerabilities have been reported in Apache CouchDB REFERENCE LINKS: Secunia Advisory SA51765 Seclists.org/fulldisclosure/2013/Jan/80 Seclists.org/fulldisclosure/2013/Jan/81 Seclists.org/fulldisclosure/2013/Jan/82 CVE-2012-5641 CVE-2012-5649 CVE-2012-5650 IMPACT ASSESSMENT: Medium DISCUSSION: Multiple vulnerabilities have been reported in Apache CouchDB, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information. 1) Input passed via the query parameters to browser-based test suite is not

220

Spectral resolvability of iterated rippled noise  

Science Journals Connector (OSTI)

A forward?masking experiment was used to estimate the spectral ripple of iterated rippled noise (IRN) that is possibly resolved by the auditory system. Tonal signals were placed at spectral peaks and valleys of IRN maskers for a wide variety of IRN conditions that included different delays number of iterations and stimulus durations. The differences in the forward?masked thresholds of tones at spectral peaks and valleys were used to estimate spectral resolvability and these results were compared to estimates obtained from a gamma?tone filter bank. The IRN spectrum has spectral peaks that are harmonics of the reciprocal of the delay used to generate IRN stimuli. As the number of iterations in the generation of IRN stimuli increases so does the difference in the spectral peak?to?valley ratio. For high number of iterations long delays and long durations evidence for spectral resolvability existed up to the 6th harmonic. For all other conditions spectral resolvability appeared to disappear at harmonics lower than the 6th or was not measurable at all. These data will be discussed in terms of the role spectral resolvability might play in processing the pitch pitch strength and timbre of IRN stimuli. [Work supported by a grant from NIDCD.

2005-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


221

MMS establishes team to resolve royalty disputes  

SciTech Connect

This paper reports that the U.S. Minerals Management Service has set up a permanent negotiating team to resolve royalty disputes with producers. MMS plans to use the team approach to negotiate multiple settlements in single, marathon negotiations covering issues such as production monitoring, production valuation, royalty reporting, and royalty payments.

Not Available

1992-06-22T23:59:59.000Z

222

RESOLVING BEAM TRANSPORT PROBLEMS IN ELECTROSTATIC ACCELERATORS  

E-Print Network (OSTI)

RESOLVING BEAM TRANSPORT PROBLEMS IN ELECTROSTATIC ACCELERATORS J. D. LARSON (*) Oak Ridge National are frequently encounte- red during the design, operation and upgrading of electrostatic accelerators. Examples are provided of analytic procedures that clarify accelerator ion optics and lead to more effective beam

Boyer, Edmond

223

Cloud Tracking in Cloud-Resolving Models  

E-Print Network (OSTI)

Cloud Tracking in Cloud-Resolving Models RMetS Conference 4th September 2007 Bob Plant Department of Meteorology, University of Reading, UK #12;Introduction Obtain life cycle statistics for clouds in CRM simulations What is the distribution of cloud lifetimes? What factors determine the lifetime of an individual

Plant, Robert

224

T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

94: IBM solidDB Password Hash Authentication Bypass 94: IBM solidDB Password Hash Authentication Bypass Vulnerability T-594: IBM solidDB Password Hash Authentication Bypass Vulnerability April 4, 2011 - 6:08am Addthis PROBLEM: A vulnerability has been reported in IBM solidDB, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: IBM solidDB 4.x - IBM solidDB 6.x ABSTRACT: This vulnerability could allow remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. REFERENCE LINKS: IBM Security Alert Secunia Advisory: SA44030 ZDI Advisory: ZDI-11-115 IBM solidDB Support IMPACT ASSESSMENT: Medium Discussion: The specific flaw exists within the solid.exe process which listens by default on TCP ports 1315, 1964 and 2315. The authentication protocol

225

V-086: IntegraXor ActiveX Control Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: IntegraXor ActiveX Control Buffer Overflow Vulnerability 6: IntegraXor ActiveX Control Buffer Overflow Vulnerability V-086: IntegraXor ActiveX Control Buffer Overflow Vulnerability February 7, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in IntegraXor PLATFORM: Integraxor Versions prior to 4.x ABSTRACT: The vulnerability is caused due to an error in the PE3DO32A.ocx ActiveX control and can be exploited to cause a buffer overflow. REFERENCE LINKS: Secunia Advisory SA52073 CVE-2012-4700 US-CERT Advisory IMPACT ASSESSMENT: High DISCUSSION: Successfully exploiting this vulnerability could lead to a DoS for the application or could allow an attacker to execute arbitrary code. IMPACT: Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 4.00 build 4280.0 Addthis Related Articles

226

U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-214: HP Network Node Manager Java JDK / JRE Multiple U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities July 17, 2012 - 7:00am Addthis PROBLEM: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in version 9.0x running on HP-UX, Linux, Solaris, and Windows. ABSTRACT: Vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). reference LINKS: HP Support document ID: c03405642 Secunia Advisory SA49966 IMPACT ASSESSMENT: High Discussion: HP has acknowledged some vulnerabilities in HP Network Node Manager, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially

227

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability U-086:Linux Kernel "/proc//mem" Privilege Escalation Vulnerability January 23, 2012 - 9:00am Addthis PROBLEM: Linux Kernel "/proc//mem" Privilege Escalation Vulnerability. PLATFORM: Linux Kernel 2.6.x ABSTRACT: A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges reference LINKS: Linux Kernel Update CVE-2012-0056 Red Hat Bugzilla Bug 782642 IMPACT ASSESSMENT: Medium Discussion: The vulnerability is caused due to the kernel not properly restricting access to "/proc//mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process.

228

V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing 5: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability June 25, 2013 - 12:41am Addthis PROBLEM: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability PLATFORM: Apache OpenOffice SDK 3.x ABSTRACT: Apache has acknowledged a vulnerability in Apache OpenOffice SDK REFERENCE LINKS: Apache OpenOffice Secunia Advisory SA53963 Secunia Advisory SA53846 CVE-2013-1571 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to a UDK 3.2.7 Java API Reference JavaDoc file having been generated using a vulnerable version of Oracle Java. IMPACT: Apache can be exploited by malicious people to conduct spoofing attacks. SOLUTION: The vendor has issued a fix. Addthis Related Articles

229

U-224: ISC DHCP Multiple Denial of Service Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: ISC DHCP Multiple Denial of Service Vulnerabilities 4: ISC DHCP Multiple Denial of Service Vulnerabilities U-224: ISC DHCP Multiple Denial of Service Vulnerabilities July 31, 2012 - 7:00am Addthis PROBLEM: ISC DHCP Multiple Denial of Service Vulnerabilities PLATFORM: ISC DHCP before versions DHCP 4.1-ESV-R6 or DHCP 4.2.4-P1 ABSTRACT: ISC DHCP is prone to multiple denial-of-service vulnerabilities. reference LINKS: BIND and DHCP Security Updates Released Bugtraq ID: 54665 Secunia Advisory SA50018 CVE-2012-3571 CVE-2012-3570 CVE-2012-3954 IMPACT ASSESSMENT: Medium Discussion: Multiple vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error when handling client identifiers can be exploited to trigger an endless loop and prevent the server from processing further client requests

230

U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: HP Network Node Manager Java JDK / JRE Multiple 4: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities U-214: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities July 17, 2012 - 7:00am Addthis PROBLEM: HP Network Node Manager Java JDK / JRE Multiple Vulnerabilities PLATFORM: The vulnerabilities are reported in version 9.0x running on HP-UX, Linux, Solaris, and Windows. ABSTRACT: Vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). reference LINKS: HP Support document ID: c03405642 Secunia Advisory SA49966 IMPACT ASSESSMENT: High Discussion: HP has acknowledged some vulnerabilities in HP Network Node Manager, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially

231

V-211: IBM iNotes Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

211: IBM iNotes Multiple Vulnerabilities 211: IBM iNotes Multiple Vulnerabilities V-211: IBM iNotes Multiple Vulnerabilities August 5, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in IBM Lotus iNotes PLATFORM: IBM iNotes 9.x ABSTRACT: IBM iNotes has two cross-site scripting vulnerabilities and an ActiveX Integer overflow vulnerability REFERENCE LINKS: Secunia Advisory SA54436 IBM Security Bulletin 1645503 CVE-2013-3027 CVE-2013-3032 CVE-2013-3990 IMPACT ASSESSMENT: High DISCUSSION: 1) Certain input related to MIME mail is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An integer overflow error within the DWA9W ActiveX control can be exploited to execute arbitrary code.

232

U-020: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: McAfee Web Gateway Web Access Cross Site Scripting 0: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability U-020: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability October 26, 2011 - 9:00am Addthis PROBLEM: McAfee Web Gateway Web Access Cross Site Scripting Vulnerability. PLATFORM: The vulnerability is reported in versions prior to 7.1.5.2. ABSTRACT: Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behavior of a web application in a user's browser, without compromising the underlying system. Attackers can exploit this issue by enticing an unsuspecting user to follow a malicious URI. reference LINKS: McAfee Web Gateway Release Notes Bugtraq ID: 50341 Secunia Advisory: SA46570 IMPACT ASSESSMENT: Medium Discussion: A vulnerability has been reported in McAfee Web Gateway, which can be

233

V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: PuTTY SSH Handshake Integer Overflow Vulnerabilities 3: PuTTY SSH Handshake Integer Overflow Vulnerabilities V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities August 7, 2013 - 6:00am Addthis PROBLEM: SEARCH-LAB has reported some vulnerabilities in PuTTY PLATFORM: PuTTY 0.x ABSTRACT: The vulnerabilities can be exploited by malicious people to potentially compromise a user's system. REFERENCE LINKS: Secunia Advisory SA54354 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3520 CVE-2013-4206 CVE-2013-4207 CVE-2013-4208 CVE-2013-4852 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerabilities are caused due to some integer overflow errors when handling the SSH handshake and can be exploited to cause heap-based buffer overflows via a negative handshake message length. IMPACT: Successful exploitation of may allow execution of arbitrary code

234

V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: ModSecurity Multipart Message Parsing Security Bypass 5: ModSecurity Multipart Message Parsing Security Bypass Vulnerability V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability October 18, 2012 - 6:00am Addthis PROBLEM: ModSecurity Multipart Message Parsing Security Bypass Vulnerability PLATFORM: Modsecurity Versions prior to 2.70 ABSTRACT: SEC Consult has reported a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions REFERENCE LINKS: SEC Consult Secunia Advisory SA49853 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to an error when parsing multipart requests and can be exploited to bypass certain filtering rules. IMPACT: Remote Security Bypass SOLUTION: Update to version 2.70. Addthis Related Articles V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities

235

U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: IBM WebSphere Commerce User Information Disclosure 2: IBM WebSphere Commerce User Information Disclosure Vulnerability U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability October 2, 2012 - 6:00am Addthis PROBLEM: IBM WebSphere Commerce User Information Disclosure Vulnerability PLATFORM: WebSphere Commerce Versions 6.0.0.0 to 6.0.0.11 WebSphere Commerce Versions 7.0.0.0 to 7.0.0.6 ABSTRACT: A vulnerability in WebSphere Commerce could allow disclosure of user personal data. reference LINKS: IBM Security Bulletin 1612484 X-Force Vulnerability Database (78867) Secunia Advisory SA50821 CVE-2012-4830 IMPACT ASSESSMENT: Medium Discussion: A remote unauthenticated attacker could exploit a security vulnerability in WebSphere Commerce to expose user personal data. The attack can be performed manually and the effort required is comparatively low.

236

U-065: Microsoft Windows win32k.sys Memory Corruption Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Microsoft Windows win32k.sys Memory Corruption Vulnerability 5: Microsoft Windows win32k.sys Memory Corruption Vulnerability U-065: Microsoft Windows win32k.sys Memory Corruption Vulnerability December 20, 2011 - 9:45am Addthis PROBLEM: Microsoft Windows win32k.sys Memory Corruption Vulnerability. PLATFORM: Operating System Microsoft Windows 7 ABSTRACT: Successful exploitation may allow execution of arbitrary code with kernel-mode privileges. reference LINKS: Secunia Advisory SA47237 MS11-087:Article ID: 2639417 IMPACT ASSESSMENT: High Discussion: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page

237

V-082: Novell GroupWise Client Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Novell GroupWise Client Two Vulnerabilities 2: Novell GroupWise Client Two Vulnerabilities V-082: Novell GroupWise Client Two Vulnerabilities February 1, 2013 - 6:00am Addthis PROBLEM: Two vulnerabilities have been reported in Novell GroupWise Client PLATFORM: Novell GroupWise 2012 Novell GroupWise Client 2012 Novell GroupWise Client 8.x Novell GroupWise Server 8.x ABSTRACT: Two vulnerabilities have been reported in Novell GroupWise Client which can be exploited by malicious people to compromise a user's system. REFERENCE LINKS: Secunia Advisory SA52031 CVE-2012-0439 CVE-2013-0804 Novell KB 7011687 Novell KB 7011688 IMPACT ASSESSMENT: High DISCUSSION: The GroupWise Client for Windows is vulnerable to an ActiveX Control exploit where by enticing a target user to open a malicious file or visit a malicious page, a remote attacker could execute arbitrary code on

238

U-276: VMware vCenter Operations Cross-Site Scripting Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

76: VMware vCenter Operations Cross-Site Scripting Vulnerability 76: VMware vCenter Operations Cross-Site Scripting Vulnerability U-276: VMware vCenter Operations Cross-Site Scripting Vulnerability October 8, 2012 - 7:00am Addthis PROBLEM: VMware vCenter Operations Cross-Site Scripting Vulnerability PLATFORM: VMware vCenter Operations 1.x ABSTRACT: A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks. reference LINKS: Original Advisory Secunia Advisory SA50795 CVE-2012-5050 IMPACT ASSESSMENT: Medium Discussion: Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Impact: A vulnerability in VMware vCenter Operations, which can be exploited to

239

T-655: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

5: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability 5: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability T-655: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability June 27, 2011 - 4:31pm Addthis PROBLEM: Mozilla Firefox CVE-2011-2369 HTML Injection Vulnerability PLATFORM: Mozilla Firefox ABSTRACT: Mozilla Firefox is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. reference LINKS: Securityfocus Mozilla Firefox Homepage MFSA 2011-27: XSS encoding hazard with inline SVG IMPACT ASSESSMENT: High Discussion: Mozilla Firefox is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to

240

U-228: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities 8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities U-228: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities August 6, 2012 - 7:00am Addthis PROBLEM: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities PLATFORM: Adobe Flash Player versions included with BlackBerry PlayBook tablet software versions 2.0.1.358 and earlier. ABSTRACT: Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet software reference LINKS: BlackBerry Article ID: KB31675 Secunia Advisory SA50164 CVE-2012-0752 CVE-2012-0753 CVE-2012-0754 CVE-2012-0755 CVE-2012-0756 CVE-2012-0767 CVE-2012-0768 CVE-2012-0769 CVE-2012-0773 CVE-2012-0779 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


241

Chemical Safety Vulnerability Working Group report. Volume 2  

SciTech Connect

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 148 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. Volume 2 consists of seven appendices containing the following: Tasking memorandums; Project plan for the CSV Review; Field verification guide for the CSV Review; Field verification report, Lawrence Livermore National Lab.; Field verification report, Oak Ridge Reservation; Field verification report, Savannah River Site; and the Field verification report, Hanford Site.

Not Available

1994-09-01T23:59:59.000Z

242

Does topological information matter for power grid vulnerability?  

Science Journals Connector (OSTI)

Power grids which are playing an important role in supporting the economy of a region as well as the life of its citizens could be attacked by terrorists or enemies to damage the region. Depending on different levels of power grid information collected by the terrorists their attack strategies might be different. This paper groups power grid information into four levels: no information purely topological information (PTI) topological information with generator and load nodes (GLNI) and full information (including component physical properties and flow parameters information) and then identifies possible attack strategies for each information level. Analyzing and comparing power grid vulnerability under these attack strategies from both terrorists' and utility companies' point of view give rise to an approach to quantify the relative values of these three types of information including PTI GLNI and component parameter information (CPI). This approach can provide information regarding the extent to which topological information matters for power system vulnerability decisions. Taking several test systems as examples results show that for small attacks with p ? ? ?0.1 CPI matters the most; when taking attack cost into consideration and assuming that the terrorists take the optimum cost-efficient attack intensity then CPI has the largest cost-based information value.

2014-01-01T23:59:59.000Z

243

Effect of beta on Seismic Vulnerability Curve for RC Bridge Based on Double Damage Criterion  

SciTech Connect

In the analysis of seismic vulnerability curve based on double damage criterion, the randomness of structural parameter and randomness of seismic should be considered. Firstly, the distribution characteristics of structure capability and seismic demand are obtained based on IDA and PUSHOVER, secondly, the vulnerability of the bridge is gained based on ANN and MC and a vulnerability curve according to this bridge and seismic is drawn. Finally, the analysis for a continuous bridge is displayed as an example, and parametric analysis for the effect of beta is done, which reflects the bridge vulnerability overall from the point of total probability, and in order to reduce the discreteness, large value of beta are suggested.

Feng Qinghai [CCCC Highway, CO., Ltd. (China); Yuan Wancheng [Bridge Department, Tongji University, Shanghai (China)

2010-05-21T23:59:59.000Z

244

Offshore blow-out accidents : an analysis of causes of vulnerability exposing technological systems to accidents.  

E-Print Network (OSTI)

??This thesis is about understanding causes of vulnerabilities leading to specific type of accidents on offshore oil and gas installations. Blow-out accidents have disastrous potential… (more)

Sćtren, Thomas G.

2007-01-01T23:59:59.000Z

245

E-Print Network 3.0 - areas vulnerabilities impacts Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

9 InformationSystemsResearch Vol. 21, No. 1, March 2010, pp. 115132 Summary: Vendors' Patch Release Behavior: Impact of Vulnerability Disclosure Ashish Arora, Ramayya Krishnan,...

246

A Global Cloud Resolving Model Goals  

NLE Websites -- All DOE Office Websites (Extended Search)

Cloud Resolving Model Cloud Resolving Model Goals Uniform global horizontal grid spacing of 4 km or better ("cloud permitting") 100 or more layers up to at least the stratopause Parameterizations of microphysics, turbulence (including small clouds), and radiation Execution speed of at least several simulated days per wall-clock day on immediately available systems Annual cycle simulation by end of 2011. Motivations Parameterizations are still problematic. There are no spectral gaps. The equations themselves change at high resolution. GCRMs will be used for NWP within 10 years. GCRMs will be used for climate time-slices shortly thereafter. It's going to take some time to learn how to do GCRMs well. Scaling Science Length, Spatial extent, #Atoms, Weak scaling Time scale

247

RESOLVED: Projectb filesystem outage July 9, 2012  

NLE Websites -- All DOE Office Websites (Extended Search)

RESOLVED: Projectb filesystem outage July 9, 2012 RESOLVED: Projectb filesystem outage July 9, 2012 RESOLVED: Projectb filesystem outage July 9, 2012 July 9, 2012 (0 Comments) The projectb filesystem had a hardware failure that potentially generated I/O errors. The filesystem logs indicate that the earliest abnormal event on the filesystem occurred at 9:19AM and the filesystem was taken down for maintenance at 10:42AM. The filesystem returned to service at 11:20AM. Jobs running on the cluster would not have been able to read from or write to the projectb filesystem between 10:42AM and 11:20AM. Between 9:19AM and 10:42AM one out of the 20 GPFS controllers on projectb was down, and didn't failover (as it should have). This means: 1/20 file I/O operations could have failed between 9:19AM and 10:42AM If your job was performing a large number of short reads and writes, then

248

Spatially and polarization resolved plasmon mediated transmission through continuous metal  

E-Print Network (OSTI)

Spatially and polarization resolved plasmon mediated transmission through continuous metal films Y transmission through an embedded undulated continuous thin metal film under normal incidence. 1D undulations resolved, polarization independent transmission. Whereas the needed submicron microstructure lends itself

Boyer, Edmond

249

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

Czech Czech Republic) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Czech Republic Coordinates 49.817493°, 15.472962° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":49.817493,"lon":15.472962,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

250

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

Ireland) Ireland) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Ireland Coordinates 53.41291°, -8.24389° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":53.41291,"lon":-8.24389,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

251

Topology and vulnerability of the Iranian power grid  

Science Journals Connector (OSTI)

Abstract In this paper we investigated the structural properties of the ultra high voltage power transmission network of Iran. We modeled the power grid as a network with 105 nodes and 142 connection links. We found that the Iranian power grid displays a relatively moderate clustering coefficient–much larger than that of corresponding random networks–and small characteristics path length comparable to that of corresponding random networks; i.e. the power grid is a small-world network with exponential degree distribution. Global efficiency was considered as an indicator of grid’s performance and the influence of random and intentional nodal failures on the efficiency was investigated. We also studied the influence of cascaded failures on the largest connected component of the network. The power grid was vulnerable against cascaded failures, which should be considered serious in redesigning the network topology.

Momhammad Ali Saniee Monfared; Mahdi Jalili; Zohreh Alipour

2014-01-01T23:59:59.000Z

252

Assessing Vulnerabilities, Risks, and Consequences of Damage to Critical Infrastructure  

SciTech Connect

Since the publication of 'Critical Foundations: Protecting America's Infrastructure,' there has been a keen understanding of the complexity, interdependencies, and shared responsibility required to protect the nation's most critical assets that are essential to our way of life. The original 5 sectors defined in 1997 have grown to 18 Critical Infrastructures and Key Resources (CIKR), which are discussed in the 2009 National Infrastructure Protection Plan (NIPP) and its supporting sector-specific plans. The NIPP provides the structure for a national program dedicated to enhanced protection and resiliency of the nation's infrastructure. Lawrence Livermore National Laboratory (LLNL) provides in-depth, multi-disciplinary assessments of threat, vulnerability, and consequence across all 18 sectors at scales ranging from specific facilities to infrastructures spanning multi-state regions, such as the Oil and Natural Gas (ONG) sector. Like many of the CIKR sectors, the ONG sector is comprised of production, processing, distribution, and storage of highly valuable and potentially dangerous commodities. Furthermore, there are significant interdependencies with other sectors, including transportation, communication, finance, and government. Understanding the potentially devastating consequences and collateral damage resulting from a terrorist attack or natural event is an important element of LLNL's infrastructure security programs. Our work began in the energy sector in the late 1990s and quickly expanded other critical infrastructure sectors. We have performed over 600 physical assessments with a particular emphasis on those sectors that utilize, store, or ship potentially hazardous materials and for whom cyber security is important. The success of our approach is based on building awareness of vulnerabilities and risks and working directly with industry partners to collectively advance infrastructure protection. This approach consists of three phases: The Pre-Assessment Phase brings together infrastructure owners and operators to identify critical assets and help the team create a structured information request. During this phase, we gain information about the critical assets from those who are most familiar with operations and interdependencies, making the time we spend on the ground conducting the assessment much more productive and enabling the team to make actionable recommendations. The Assessment Phase analyzes 10 areas: Threat environment, cyber architecture, cyber penetration, physical security, physical penetration, operations security, policies and procedures, interdependencies, consequence analysis, and risk characterization. Each of these individual tasks uses direct and indirect data collection, site inspections, and structured and facilitated workshops to gather data. Because of the importance of understanding the cyber threat, LLNL has built both fixed and mobile cyber penetration, wireless penetration and supporting tools that can be tailored to fit customer needs. The Post-Assessment Phase brings vulnerability and risk assessments to the customer in a format that facilitates implementation of mitigation options. Often the assessment findings and recommendations are briefed and discussed with several levels of management and, if appropriate, across jurisdictional boundaries. The end result is enhanced awareness and informed protective measures. Over the last 15 years, we have continued to refine our methodology and capture lessons learned and best practices. The resulting risk and decision framework thus takes into consideration real-world constraints, including regulatory, operational, and economic realities. In addition to 'on the ground' assessments focused on mitigating vulnerabilities, we have integrated our computational and atmospheric dispersion capability with easy-to-use geo-referenced visualization tools to support emergency planning and response operations. LLNL is home to the National Atmospheric Release Advisory Center (NARAC) and the Interagency Modeling and Atmospheric Assessment Center (IMAAC). NA

Suski, N; Wuest, C

2011-02-04T23:59:59.000Z

253

AFTER A Framework for electrical power sysTems vulnerability  

Open Energy Info (EERE)

Belgium) Belgium) Jump to: navigation, search Project Name AFTER A Framework for electrical power sysTems vulnerability identification, dEfense and Restoration Country Belgium Coordinates 50.359482°, 4.63623° Loading map... {"minzoom":false,"mappingservice":"googlemaps3","type":"ROADMAP","zoom":14,"types":["ROADMAP","SATELLITE","HYBRID","TERRAIN"],"geoservice":"google","maxzoom":false,"width":"600px","height":"350px","centre":false,"title":"","label":"","icon":"","visitedicon":"","lines":[],"polygons":[],"circles":[],"rectangles":[],"copycoords":false,"static":false,"wmsoverlay":"","layers":[],"controls":["pan","zoom","type","scale","streetview"],"zoomstyle":"DEFAULT","typestyle":"DEFAULT","autoinfowindows":false,"kml":[],"gkml":[],"fusiontables":[],"resizable":false,"tilt":0,"kmlrezoom":false,"poi":true,"imageoverlays":[],"markercluster":false,"searchmarkers":"","locations":[{"text":"","title":"","link":null,"lat":50.359482,"lon":4.63623,"alt":0,"address":"","icon":"","group":"","inlineLabel":"","visitedicon":""}]}

254

Finding Semantic Vulnerabilities in PHP Applications The University of Texas at Austin  

E-Print Network (OSTI)

SAFERPHP: Finding Semantic Vulnerabilities in PHP Applications Sooel Son The University of Texas the first characterization of these types of vulner- abilities in PHP applications, develop novel inter-procedural algorithms for discovering them in PHP source code, and implement these algorithms as part of SAFERPHP

Shmatikov, Vitaly

255

SP 800-40 Version 2.0. Creating a Patch and Vulnerability Management Program  

Science Journals Connector (OSTI)

This document provides guidance on creating a security patch and vulnerability management program and testing the effectiveness of that program. The primary audience is security managers who are responsible for designing and implementing the program. ... Keywords: Computer security, security patches, vulnerability management

Peter M. Mell; Tiffany Bergeron; David Henning

2005-11-01T23:59:59.000Z

256

V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

V-057: eXtplorer "ext_find_user()" Authentication Bypass V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability December 28, 2012 - 6:00am Addthis December 28 2012 - 6:00am PROBLEM: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability PLATFORM: eXtplorer 2.x ABSTRACT: A vulnerability has been reported in eXtplorer, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA51636 eXtplorer 2.1.3 Security Release IMPACT ASSESSMENT: Medium DISCUSSION: eXtplorer was notified of a problem within the authentication system of eXtplorer Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 that have been found to be vulnerable to an authentication bypass bug.

257

U-097: PHP "php_register_variable_ex()" Code Execution Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

097: PHP "php_register_variable_ex()" Code Execution 097: PHP "php_register_variable_ex()" Code Execution Vulnerability U-097: PHP "php_register_variable_ex()" Code Execution Vulnerability February 7, 2012 - 9:00am Addthis PROBLEM: PHP "php_register_variable_ex()" Code Execution Vulnerability PLATFORM: PHP 5.3.x ABSTRACT: Execution of arbitrary code via network as well as user access via network reference LINKS: PHP Security Archive SecurityTracker Alert ID: 1026631 Secunia Advisory SA47806 CVE-2012-0830 IMPACT ASSESSMENT: High Discussion: A vulnerability has been reported in PHP, which can be exploited by malicious people to compromise a vulnerable system. Impact: A remote user can send specially crafted data to trigger a memory error in php_register_variable_ex() and execute arbitrary code on the target system.

258

V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Apache Tomcat Security Bypass and Denial of Service 7: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities November 6, 2012 - 6:00am Addthis PROBLEM: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities PLATFORM: Apache Tomcat 5.x Apache Tomcat 6.x Apache Tomcat 7.x ABSTRACT: Two vulnerabilities were reported in Apache Tomcat REFERENCE LINKS: Apache.org Apache Tomcat Denial of Service Apache Tomcat DIGEST authentication weaknesses Secunia Advisory SA51138 CVE-2012-2733 CVE-2012-3439 IMPACT ASSESSMENT: Medium DISCUSSION: A weakness and a vulnerability have been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). 1) An error within the "parseHeaders()" function

259

U-172: OpenOffice.org Two Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

72: OpenOffice.org Two Vulnerabilities 72: OpenOffice.org Two Vulnerabilities U-172: OpenOffice.org Two Vulnerabilities May 18, 2012 - 7:00am Addthis PROBLEM: OpenOffice.org Two Vulnerabilities PLATFORM: OpenOffice.org 3.3, Other versions may also be affected. ABSTRACT: Two vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to compromise a user's system. Reference LINKS: Secunia Advisory SA46992 CVE-2012-1149 CVE-2012-2149 IMPACT ASSESSMENT: High Discussion: 1) An integer overflow error in the vclmi.dll module when allocating memory for an embedded image object can be exploited to cause a heap-based buffer overflow e.g. via a specially crafted JPEG object within a DOC file. 2) An error within libwpd when parsing Wordperfect documents can be exploited to overwrite arbitrary memory via a specially crafted Wordperfect

260

U-069: Telnet code execution vulnerability: FreeBSD and Kerberos |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

69: Telnet code execution vulnerability: FreeBSD and Kerberos 69: Telnet code execution vulnerability: FreeBSD and Kerberos U-069: Telnet code execution vulnerability: FreeBSD and Kerberos December 27, 2011 - 5:18am Addthis PROBLEM: Telnet code execution vulnerability: FreeBSD and Kerberos PLATFORM: Operating System: FreeBSD 7.1, 7.3, 8.0 and 8.1 and Software: Kerberos ABSTRACT: Vulnerability was reported in FreeBSD Telnet. A remote user can execute arbitrary code on the target system. reference LINKS: FreeBSD-SA-11:08.telnetd MITKRB5-SA-2011-008 Secunia Advisory: SA47397 (FreeBSD) Secunia Advisory: SA47348 (Kerberos) SecurityTracker Alert ID: 1026460 CVE-2011-4862 IMPACT ASSESSMENT: High Discussion: When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. The telnet

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


261

V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apache Struts "ParameterInterceptor" Security Bypass 2: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability May 23, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in Apache Struts PLATFORM: The vulnerability is reported in versions prior to 2.3.14.1 ABSTRACT: A vulnerability has been reported in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA53495 Apache Struts Advisory S2-012 Apache Struts Advisory S2-013 CVE-2013-1965 CVE-2013-1966 IMPACT ASSESSMENT: High DISCUSSION: A request that included a specially crafted request parameter could be used to inject arbitrary OGNL code into the stack, afterward used as request

262

V-056: FreeType BDF Glyph Processing Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: FreeType BDF Glyph Processing Buffer Overflow Vulnerability 6: FreeType BDF Glyph Processing Buffer Overflow Vulnerability V-056: FreeType BDF Glyph Processing Buffer Overflow Vulnerability December 27, 2012 - 6:00am Addthis PROBLEM: FreeType BDF Glyph Processing Buffer Overflow Vulnerability PLATFORM: Version(s): prior to 2.4.11 ABSTRACT: Several vulnerabilities were reported in FreeType. A remote user can cause arbitrary code to be executed on the target user's system. REFERENCE LINKS: SecurityTracker Alert ID: 1027921 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 IMPACT ASSESSMENT: High DISCUSSION: A remote user can create a specially crafted font file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user or application. A null pointer dereference can be triggered in bdf_free_font()

263

U-149: Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: Apache OFBiz Cross-Site Scripting and Code Execution 9: Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities U-149: Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities April 17, 2012 - 8:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in Apache OFBiz, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. PLATFORM: Apache OFBiz 10.x ABSTRACT: The vulnerabilities are reported in version 10.04.01. Prior versions may also be affected. references LINKS: Vendor Advisory Secunia Advisory 48800 CVE-2012-1621 IMPACT ASSESSMENT: High Discussion: 1) Certain unspecified input is not properly sanitised within the "getServerError()" function in checkoutProcess.js before being returned to the user. This can be exploited to execute arbitrary HTML and script code

264

T-572: VMware ESX/ESXi SLPD denial of service vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

72: VMware ESX/ESXi SLPD denial of service vulnerability 72: VMware ESX/ESXi SLPD denial of service vulnerability T-572: VMware ESX/ESXi SLPD denial of service vulnerability March 8, 2011 - 3:05pm Addthis PROBLEM: A vulnerability was reported in VMware ESX. A remote user can cause denial of service conditions. PLATFORM: ESX/ESXi 4.0, 4.1 ABSTRACT: VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. reference LINKS: VMware Security Advisory: VMSA-2011-0004 VMware vSphere 4 VMware ESXi 4.1 Update CVE-2010-3609 IMPACT ASSESSMENT: Moderate Discussion: A remote user can send specially crafted data to cause the target Service Location Protocol daemon (SLPD) to enter an infinite loop and consume excessive CPU resources.A remote user can consume excessive CPU resources.

265

U-108: Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Net4Switch ipswcom ActiveX Control Buffer Overflow 8: Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability U-108: Net4Switch ipswcom ActiveX Control Buffer Overflow Vulnerability February 22, 2012 - 8:00am Addthis PROBLEM: A vulnerability was reported in Net4Switch ipswcom ActiveX Control, which can be exploited by malicious people to compromise a user's system. PLATFORM: Net4Switch ipswcom ActiveX Control 1.x ABSTRACT: The vulnerability is caused due to a boundary error within the "CxDbgPrint()" function (cxcmrt.dll) when creating a debug message string. reference LINKS: Vendor Advisory Secunia Advisroy 48125 No CVE references. IMPACT ASSESSMENT: High Discussion: The vulnerability is caused due to a boundary error within the "CxDbgPrint()" function (cxcmrt.dll) when creating a debug message string.

266

V-219: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

19: Kingsoft Writer 2012 WPS Font Names Buffer Overflow 19: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability V-219: Kingsoft Writer 2012 WPS Font Names Buffer Overflow Vulnerability August 16, 2013 - 5:52am Addthis PROBLEM: Kaveh Ghaemmaghami has discovered a vulnerability in Kingsoft Writer 2012, which can be exploited by malicious people to compromise a user's system. PLATFORM: Kingsoft Office 2012, Kingsoft Weirwe 2012 8.x ABSTRACT: The vulnerability is confirmed in the following products and versions: * Kingsoft Writer 2012 version 8.1.0.3030. * Kingsoft Writer 2012 bundled in Kingsoft Office 2012 version 8.1.0.3385. REFERENCE LINKS: Secunia Advisory SA53266 CVE-2013-3934 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to a boundary error in when handling font names and can be exploited to cause a stack-based buffer overflow via a

267

U-018: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

18: Oracle AutoVue ActiveX Control Insecure Method 18: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities U-018: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities October 25, 2011 - 8:45am Addthis PROBLEM: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities. PLATFORM: The vulnerabilities are confirmed in version 20.0.2 build 7910 (AutoVueX.ocx 20.1.1.7910). Other versions may also be affected. ABSTRACT: Successful exploitation of the vulnerabilities allows execution of arbitrary code. reference LINKS: Bugtraq ID: 50321 Secunia Advisory SA46473 Oracle AutoVue IMPACT ASSESSMENT: High Discussion: Successfully exploiting this issue will allow attackers to create or overwrite arbitrary files on the victim's computer within the context of the affected application (typically Internet Explorer) that uses the

268

T-682:Double free vulnerability in MapServer | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2:Double free vulnerability in MapServer 2:Double free vulnerability in MapServer T-682:Double free vulnerability in MapServer August 2, 2011 - 4:08pm Addthis PROBLEM: Double free vulnerability in MapServer PLATFORM: All versions may be susceptible to SQL injection under certain circumstances ABSTRACT: MapServer developers have discovered flaws in the OGC filter support in MapServer. Specific code is used in support of WFS, WMS-SLD and SOS specifications. All versions may be susceptible to SQL injection under certain circumstances. The extent of the vulnerability depends on the MapServer version, relational database and mapfile configuration being used. All users are strongly encouraged to upgrade to these latest releases. reference LINKS: Double-free in msAddImageSymbol() when filename is a http resource

269

V-236: MediaWiki CentralAuth Extension Authentication Bypass Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: MediaWiki CentralAuth Extension Authentication Bypass 6: MediaWiki CentralAuth Extension Authentication Bypass Vulnerability V-236: MediaWiki CentralAuth Extension Authentication Bypass Vulnerability September 6, 2013 - 4:36am Addthis PROBLEM: A vulnerability has been reported in the CentralAuth extension for MediaWiki, which can be exploited by malicious people to bypass certain security restrictions. PLATFORM: MediaWiki CentralAuth Extension ABSTRACT: A vulnerability has been reported in the CentralAuth extension for MediaWik REFERENCE LINKS: Secunia Advisory SA54723 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to an error when handling auto-logins and can be exploited to bypass the authentication mechanism by providing a valid username within the "centralauth_User" cookie. IMPACT:

270

U-022: Apple QuickTime Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple QuickTime Multiple Vulnerabilities 2: Apple QuickTime Multiple Vulnerabilities U-022: Apple QuickTime Multiple Vulnerabilities October 28, 2011 - 8:15am Addthis PROBLEM: Apple QuickTime Multiple Vulnerabilities. PLATFORM: Apple QuickTime prior to 7.7.1 ABSTRACT: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system. reference LINKS: Apple Product Security Article: HT5016 Secunia Advisory SA46618 SecurityTracker Alert ID: 1026251 CVE-2011-3218, CVE-2011-3219, CVE-2011-3220 CVE-2011-3221, CVE-2011-3222, CVE-2011-3223 CVE-2011-3228, CVE-2011-3247, CVE-2011-3248 CVE-2011-3249, CVE-2011-3250, CVE-2011-3251 IMPACT ASSESSMENT: High Discussion: Multiple vulnerabilities have been reported in Apple Quicktime, which can be exploited by malicious people to compromise a user's system.

271

V-148: Novell iPrint Client Unspecified Buffer Overflow Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Novell iPrint Client Unspecified Buffer Overflow 8: Novell iPrint Client Unspecified Buffer Overflow Vulnerability V-148: Novell iPrint Client Unspecified Buffer Overflow Vulnerability May 3, 2013 - 6:00am Addthis PROBLEM: Novell iPrint Client Unspecified Buffer Overflow Vulnerability PLATFORM: Novell iPrint Client 5.x ABSTRACT: A vulnerability has been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system REFERENCE LINKS: Secunia Advisory SA53261 Novell KB 7012344 Novell KB 7008708 CVE-2013-1091 IMPACT ASSESSMENT: High DISCUSSION: The vulnerability is caused due to an unspecified error and can be exploited to cause a stack-based buffer overflow. IMPACT: Successful exploitation may allow execution of arbitrary code SOLUTION: Vendor recommendation is to update to Version 5.90

272

Time-resolved x-ray diagnostics  

SciTech Connect

Techniques for time-resolved x-ray diagnostics will be reviewed with emphasis on systems utilizing x-ray diodes or scintillators. System design concerns for high-bandwidth (> 1 GHz) diagnostics will be emphasized. The limitations of a coaxial cable system and a technique for equalizing to improve bandwidth of such a system will be reviewed. Characteristics of new multi-GHz amplifiers will be presented. An example of a complete operational system on the Los Alamos Helios laser will be presented which has a bandwidth near 3 GHz over 38 m of coax. The system includes the cable, an amplifier, an oscilloscope, and a digital camera readout.

Lyons, P.B.

1981-01-01T23:59:59.000Z

273

SciTech Connect: Time-resolved carrier distributions in graphene  

NLE Websites -- All DOE Office Websites (Extended Search)

Conference: Time-resolved carrier distributions in graphene Citation Details In-Document Search Title: Time-resolved carrier distributions in graphene Time-resolved carrier...

274

APPENDIX A: Climate Change Vulnerability Literature Review The purpose of this discussion is to review the existing literature surrounding climate change adaptation  

E-Print Network (OSTI)

1 APPENDIX A: Climate Change Vulnerability Literature Review Purpose The purpose of this discussion is to review the existing literature surrounding climate change adaptation and vulnerability with a focus thought surrounding methods for conducting climate change vulnerability assessments. The review

Brownstone, Rob

275

Social Vulnerability to Coastal and Inland Flood Hazards: A Comparison of GIS-Based Spatial Interpolation Methods  

Science Journals Connector (OSTI)

Previous research on exposure to flood hazards suggests that individuals characterized by low social vulnerability are more likely to reside in coastal flood hazard zones than individuals of higher social vulnerability, but few studies have examined ... Keywords: Areal Interpolation, Coastal Hazards, Dasymetric Mapping, Environmental Justice, Flood, Geographic Information Systems GIS, Risk, Vulnerability

Marilyn C. Montgomery; Jayajit Chakraborty

2013-07-01T23:59:59.000Z

276

Fuzzy integrated vulnerability assessment model for critical facilities in combating the terrorism  

Science Journals Connector (OSTI)

Critical facility vulnerability assessment is a highly complex strategic activity in combating the terrorism and necessitates a structured quantified methodology to support the decision-making process in defense planning. In the system perspective, the critical facility, such as airport, dam, governmental facility, harbor, nuclear power plant, oil plant etc., can be defined as a system that relies on a group of different interdependent logical and physical entities as system functions and system components. The aim of this paper is to present a realistic approach to determine the vulnerability of such a system defended against the terrorist attack under multiple criteria which can be both qualitative and quantitative by considering these interdependencies. The proposed approach, called fuzzy integrated vulnerability assessment model (FIVAM), is based on fuzzy set theory, Simple Multi-Attribute Rating Technique (SMART) and Fuzzy Cognitive Maps (FCM) methodology in a group decision-making environment. The FIVAM approach is presented step-by-step and applied to a simple case study on airport vulnerability assessment. The results of the application are compared to those observed through a classical vulnerability assessment model to illustrate the effectiveness of the FIVAM. Furthermore, FIVAM provides a framework to identify the hidden vulnerabilities caused by the functional interdependencies within the system. The results also show that FIVAM quantifies the vulnerability of the system, system functions and system components, and determines the most critical functions and components by simulating the system behavior.

Ilker Akgun; Ahmet Kandakoglu; Ahmet Fahri Ozok

2010-01-01T23:59:59.000Z

277

A graph-based network-vulnerability analysis system  

SciTech Connect

This report presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.

Swiler, L.P.; Phillips, C. [Sandia National Labs., Albuquerque, NM (United States); Gaylor, T. [3M, Austin, TX (United States). Visual Systems Div.

1998-01-01T23:59:59.000Z

278

A graph-based network-vulnerability analysis system  

SciTech Connect

This paper presents a graph based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level of effort for the attacker, various graph algorithms such as shortest path algorithms can identify the attack paths with the highest probability of success.

Swiler, L.P.; Phillips, C.; Gaylor, T.

1998-05-03T23:59:59.000Z

279

A graph-based system for network-vulnerability analysis  

SciTech Connect

This paper presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The graph-based tool can identify the set of attack paths that have a high probability of success (or a low effort cost) for the attacker. The system could be used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is matched with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.

Swiler, L.P.; Phillips, C.

1998-06-01T23:59:59.000Z

280

GIS DRASTIC model for groundwater vulnerability estimation of Astaneh-Kouchesfahan Plain, Northern Iran  

Science Journals Connector (OSTI)

In this study, the groundwater vulnerability to pollution was evaluated for Astaneh-Kouchesfahan Plain, Northern Iran using GIS DRASTIC model. Based upon available data, six thematic maps were generated and intrinsic vulnerability map was developed based upon calculations from various mapped layers and DRASTIC index. The results show that low, moderate, high and very high groundwater vulnerability risk zones cover around 12, 52, 28 and 8% of the area, respectively. Finally, in order to verify the model, the categorised DRASTIC map was compared with a categorized TDS map and the results shows that the areas including enhanced values of TDS correspond with those with higher DRASTIC ratings.

Masoud Saatsaz; Wan Nor Azmin Sulaiman; Saeid Eslamian; Kourosh Mohammadi

2011-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


281

Time resolved side scatter diagnostics at NOVA  

SciTech Connect

Side scattering of the radiation during the interaction of a laser beam with the long scale length plasma in hohlraum is a difficult problem of relevance to the viability of ICF. It is important to measure the absolute amount of the laser side scatter as well as the angular distribution of that scatter. The OSA diagnostics has been implemented on NOVA to measure these quantities. We have implemented a fiber-optically coupled streak camera to measure the temporally and angularly resolved side scatter radiation at 351 nm at 9 different angles. Filtered PIN diodes were positioned at 31 various angles in the E-field planed and B-field plane of the incident probe beam to sample and measure the scattered radiation at the 351 nm wavelength of the probe. The diode data was used to calibrate the Brillouin power received by the 9 strategically located fiber optic channels. This presentation will describe the OSA and associated diagnostics.

Kyrala, G.A.; Evans, S.C.; Jimerson, J.R.; Fernandez, J.C.

1996-06-01T23:59:59.000Z

282

U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U.S. Energy Sector Vulnerabilities to Climate Change and Extreme U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather This report-part of the Administration's efforts to support national climate change adaptation planning through the Interagency Climate Change Adaptation Task Force and Strategic Sustainability Planning process established under Executive Order 13514 and to advance the U.S. Department of Energy's goal of promoting energy security-examines current and potential future impacts of these climate trends on the U.S. energy sector. Report updated July 16, 2013. Explore an interactive map that shows where climate change has already impacted the energy sector. US Energy Sector Vulnerabilities to Climate Change More Documents & Publications

283

A Busy Year Securing Vulnerable Nuclear Material and Making the World Safer  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

A Busy Year Securing Vulnerable Nuclear Material and Making the A Busy Year Securing Vulnerable Nuclear Material and Making the World Safer A Busy Year Securing Vulnerable Nuclear Material and Making the World Safer January 7, 2011 - 6:22pm Addthis John Schueler John Schueler Former New Media Specialist, Office of Public Affairs This holiday season was certainly a busy one for the National Nuclear Security Administration (NNSA). While many Americans were off completing last minute Christmas shopping and spending time with loved ones, the team at NNSA was working around the clock to secure over 50 kilograms of highly enriched uranium from three sites in the Ukraine. As part of President Obama's ambitious plan to secure all vulnerable nuclear material around the world in four years, NNSA assisted in repatriating the dangerous

284

U-188: MySQL User Login Security Bypass and Unspecified Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: MySQL User Login Security Bypass and Unspecified 8: MySQL User Login Security Bypass and Unspecified Vulnerability U-188: MySQL User Login Security Bypass and Unspecified Vulnerability June 12, 2012 - 7:00am Addthis PROBLEM: A security issue and vulnerability have been reported in MySQL PLATFORM: MySQL 5.x ABSTRACT: An error when verifying authentication attempts can be exploited to bypass the authentication mechanism. Reference LINKS: Original Advisory CVE-2012-2122 Secunia Advisory 49409 IMPACT ASSESSMENT: High Discussion: Successful exploitation of this vulnerability requires MySQL to be built on a system with a library that allows "memcmp()" to return a value outside of the -128 through 127 range (e.g. sse-optimized glibc). NOTE: Vendor binaries are reportedly not affected. The security issue is reported in versions prior to 5.1.63 and 5.5.25.

285

U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing 7: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability August 16, 2012 - 7:00am Addthis PROBLEM: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability PLATFORM: Version(s): Mozilla Firefox 6 - 12 ABSTRACT: To exploit this issue, an attacker must entice an unsuspecting user to follow a crafted URI. REFERENCE LINKS: http://www.securityfocus.com/bid/54585 CVE-2012-1950 IMPACT ASSESSMENT: Medium Discussion: The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load. mozilla Firefox is prone to a URI-spoofing spoofing vulnerability. Attackers may exploit this issue to display

286

U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

37: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing 37: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability U-237: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability August 16, 2012 - 7:00am Addthis PROBLEM: Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability PLATFORM: Version(s): Mozilla Firefox 6 - 12 ABSTRACT: To exploit this issue, an attacker must entice an unsuspecting user to follow a crafted URI. REFERENCE LINKS: http://www.securityfocus.com/bid/54585 CVE-2012-1950 IMPACT ASSESSMENT: Medium Discussion: The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load. mozilla Firefox is prone to a URI-spoofing spoofing vulnerability. Attackers may exploit this issue to display

287

U-117: Potential security vulnerability has been identified with certain HP  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: Potential security vulnerability has been identified with 7: Potential security vulnerability has been identified with certain HP printers and HP digital senders U-117: Potential security vulnerability has been identified with certain HP printers and HP digital senders March 5, 2012 - 7:00am Addthis PROBLEM: The vulnerability could be exploited remotely to install unauthorized printer firmware. PLATFORM: Select HP printers and Digital Senders ABSTRACT: Remote attackers could execute arbitrary code by using a session on TCP port 9100 to upload a crafted firmware update. reference LINKS: Vendor Advisory CVE-2011-4161 Previous JC3 Advisory Bulletin IMPACT ASSESSMENT: High Discussion: The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx;

288

V-191: Apple Mac OS X Multiple Vulnerabilities | Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

1: Apple Mac OS X Multiple Vulnerabilities 1: Apple Mac OS X Multiple Vulnerabilities V-191: Apple Mac OS X Multiple Vulnerabilities July 3, 2013 - 6:00am Addthis PROBLEM: Apple has issued a security update for Mac OS X PLATFORM: Apple Macintosh OS X ABSTRACT: The vulnerabilities are caused due to a bundled version of QuickTime REFERENCE LINKS: Secunia Advisory SA54049 APPLE-SA-2013-07-02-1 Security Update 2013-003 CVE-2013-1018 CVE-2013-1019 CVE-2013-1022 IMPACT ASSESSMENT: High DISCUSSION: A boundary error when parsing compressed data within H.264 encoded movie files can be exploited to cause a buffer overflow A boundary error when handling the Sorenson Video 3 "mdat" section within a MOV file can be exploited to cause a buffer overflow A boundary error when handling "mvhd" atoms can be exploited to cause a

289

U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

202: Apple QuickTime Multiple Stack Overflow Vulnerabilities 202: Apple QuickTime Multiple Stack Overflow Vulnerabilities U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities June 29, 2012 - 7:00am Addthis PROBLEM: Apple QuickTime is prone to multiple stack-based buffer-overflow vulnerabilities. PLATFORM: Version(s): prior to 7.7.2 ABSTRACT: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. Reference links: Vendor Advisory Security Focus ID 53571 CVE-2012-0663 IMPACT ASSESSMENT: Medium Discussion: These issues arise when the application handles specially crafted files. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.Versions prior to

290

U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities | Department  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

2: Apple QuickTime Multiple Stack Overflow Vulnerabilities 2: Apple QuickTime Multiple Stack Overflow Vulnerabilities U-202: Apple QuickTime Multiple Stack Overflow Vulnerabilities June 29, 2012 - 7:00am Addthis PROBLEM: Apple QuickTime is prone to multiple stack-based buffer-overflow vulnerabilities. PLATFORM: Version(s): prior to 7.7.2 ABSTRACT: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. Reference links: Vendor Advisory Security Focus ID 53571 CVE-2012-0663 IMPACT ASSESSMENT: Medium Discussion: These issues arise when the application handles specially crafted files. Successful exploits may allow attackers to execute arbitrary code in the context of the currently logged-in user; failed exploit attempts will cause denial-of-service conditions.Versions prior to

291

V-191: Apple Mac OS X Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

1: Apple Mac OS X Multiple Vulnerabilities 1: Apple Mac OS X Multiple Vulnerabilities V-191: Apple Mac OS X Multiple Vulnerabilities July 3, 2013 - 6:00am Addthis PROBLEM: Apple has issued a security update for Mac OS X PLATFORM: Apple Macintosh OS X ABSTRACT: The vulnerabilities are caused due to a bundled version of QuickTime REFERENCE LINKS: Secunia Advisory SA54049 APPLE-SA-2013-07-02-1 Security Update 2013-003 CVE-2013-1018 CVE-2013-1019 CVE-2013-1022 IMPACT ASSESSMENT: High DISCUSSION: A boundary error when parsing compressed data within H.264 encoded movie files can be exploited to cause a buffer overflow A boundary error when handling the Sorenson Video 3 "mdat" section within a MOV file can be exploited to cause a buffer overflow A boundary error when handling "mvhd" atoms can be exploited to cause a

292

T-668: Vulnerability in a BlackBerry Enterprise Server component could  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Vulnerability in a BlackBerry Enterprise Server component 8: Vulnerability in a BlackBerry Enterprise Server component could allow information disclosure and partial denial of service T-668: Vulnerability in a BlackBerry Enterprise Server component could allow information disclosure and partial denial of service July 14, 2011 - 7:20am Addthis PROBLEM: Vulnerability in a BlackBerry Enterprise Server component could allow information disclosure and partial denial of service PLATFORM: Affected Software >> BlackBerry Enterprise Server (BES) version(s) 5.0.0 for API/MS Exchange (Admin API Option Only), BES/Express version 5.0.2 & 5.0.3 IBM Lotus Domino , BES 5.0.1, 5.0.2 & 5.0.3 for MS Exchange, IBM Lotus Domino, BlackBerry Enterprise Server versions 5.0.1 for GroupWise ABSTRACT: This advisory describes a security issue in the BlackBerry Administration

293

V-033: ownCloud Cross-Site Scripting and File Upload Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: ownCloud Cross-Site Scripting and File Upload 3: ownCloud Cross-Site Scripting and File Upload Vulnerabilities V-033: ownCloud Cross-Site Scripting and File Upload Vulnerabilities November 26, 2012 - 2:00am Addthis PROBLEM: ownCloud Cross-Site Scripting and File Upload Vulnerabilities PLATFORM: ownCloud 4.5.2, 4.5.1, 4.0.9 ABSTRACT: Multiple vulnerabilities have been reported in ownCloud REFERENCE LINKS: ownCloud Server Advisories Secunia Advisory SA51357 IMPACT ASSESSMENT: Medium DISCUSSION: 1) Input passed via the filename to apps/files_versions/js/versions.js and apps/files/js/filelist.js and event title to 3rdparty/fullcalendar/js/fullcalendar.js is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

294

U-151: Bugzilla Cross-Site Request Forgery Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

51: Bugzilla Cross-Site Request Forgery Vulnerability 51: Bugzilla Cross-Site Request Forgery Vulnerability U-151: Bugzilla Cross-Site Request Forgery Vulnerability April 19, 2012 - 8:15am Addthis PROBLEM: A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks. PLATFORM: Bugzilla 2.x Bugzilla 3.x Bugzilla 4.x ABSTRACT: The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. reference LINKS: Vendor Advisory Secunia Advisory 48835 CVE-2012-0465 CVE-2012-0466 IMPACT ASSESSMENT: Medium Discussion: When abusing the X-FORWARDED-FOR header, an attacker could bypass the lockout policy allowing a possible brute-force discovery of a valid user password. An attacker can get access to some bug information using the victim's

295

U-028: Microsoft Windows win32k.sys TrueType Font Parsing Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

28: Microsoft Windows win32k.sys TrueType Font Parsing 28: Microsoft Windows win32k.sys TrueType Font Parsing Vulnerability U-028: Microsoft Windows win32k.sys TrueType Font Parsing Vulnerability November 7, 2011 - 8:15am Addthis PROBLEM: Microsoft Windows win32k.sys TrueType Font Parsing Vulnerability. PLATFORM: Microsoft Windows 7 Microsoft Windows Server 2003 Datacenter Edition Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Web Edition Microsoft Windows Server 2008 Microsoft Windows Storage Server 2003 Microsoft Windows Vista Microsoft Windows XP Home Edition Microsoft Windows XP Professional ABSTRACT: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. reference LINKS:

296

T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment...  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the...

297

Respiratory control in aquatic insects dictates their vulnerability to global warming  

Science Journals Connector (OSTI)

...their vulnerability to global warming Wilco C. E. P. Verberk...synergistic effects of global warming and hypoxia. 2. Material...Thermal tolerance and the global redistribution of animals...confound long-term warming effects on river macroinvertebrates...

2013-01-01T23:59:59.000Z

298

Hospital response for children as a vulnerable population in radiological/nuclear incidents  

Science Journals Connector (OSTI)

......November 2010 research-article Papers Hospital response for children as a vulnerable...and Life Safety Department, Kingston Hospitals, Kingston, Ontario, Canada Emergency...initial response. The primary goals of the hospital in a hazardous event are to: Protect......

Brenda Conway; Jordan Pike

2010-11-01T23:59:59.000Z

299

USE OF COMPOSITE MATERIALS TO REPAIR STEEL STRUCTURES VULNERABLE TO FATIGUE DAMAGE  

E-Print Network (OSTI)

This study investigates mainly two different topics related to the use of CFRP's for strengthening and repair of steel bridges: the use of CFRP's to prevent damage in fatigue vulnerable welded connections prior to fatigue-crack initiation...

Alemdar, Fatih

2010-01-01T23:59:59.000Z

300

Screening vulnerabilities in water supply networks : risk analysis of infrastructure systems  

E-Print Network (OSTI)

The extreme importance of critical infrastructures to modern society is widely known. Recognizing that society cannot afford the costs associated with absolute protection, it is necessary to prioritize the vulnerabilities ...

Michaud, David, 1975-

2005-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


301

Detection of morphological markers of vulnerable atherosclerotic plaque using multimodal spectroscopy  

E-Print Network (OSTI)

Vulnerable plaques, which are responsible for most acute ischemic events, are presently invisible to x-ray angiography. Their primary morphological features include a thin or ulcerated fibrous cap, a large necrotic core, ...

Fitzmaurice, Maryann

302

U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

U.S. Energy Sector Vulnerabilities to Climate Change and Extreme U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather This report-part of the Administration's efforts to support national climate change adaptation planning through the Interagency Climate Change Adaptation Task Force and Strategic Sustainability Planning process established under Executive Order 13514 and to advance the U.S. Department of Energy's goal of promoting energy security-examines current and potential future impacts of these climate trends on the U.S. energy sector. Report updated July 16, 2013. Explore an interactive map that shows where climate change has already impacted the energy sector. US Energy Sector Vulnerabilities to Climate Change More Documents & Publications

303

Two Manufacturers Agree to Civil Penalties to Resolve Enforcement...  

Energy Savers (EERE)

Civil Penalty to Resolve Light Bulb Efficiency Violations DOE Collects Civil Penalties for Failure to Certify DOE Collects 80,000 Civil Penalty From Showerhead Manufacturer...

304

T-555: Adobe Acrobat and Reader Image Parsing Arbitrary Code Execution Vulnerability  

Energy.gov (U.S. Department of Energy (DOE))

Critical vulnerabilities have been identified in Adobe Reader X (10.0) for Windows and Macintosh; Adobe Reader 9.4.1 and earlier versions for Windows, Macintosh and UNIX; and Adobe Acrobat X (10.0) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. Risk for Adobe Reader X users is significantly lower, as none of these issues bypass Protected Mode mitigations.

305

V-167: GnuTLS TLS Record Decoding Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: GnuTLS TLS Record Decoding Denial of Service Vulnerability 7: GnuTLS TLS Record Decoding Denial of Service Vulnerability V-167: GnuTLS TLS Record Decoding Denial of Service Vulnerability May 30, 2013 - 6:00am Addthis PROBLEM: A vulnerability has been reported in GnuTLS PLATFORM: GnuTLS 2.x ABSTRACT: A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to cause a DoS (Denial of Service) REFERENCE LINKS: Secunia Advisory SA53600 GnuTLS Library GNUTLS-SA-2013-2 CVE-2013-2116 IMPACT ASSESSMENT: Medium DISCUSSION: The vulnerability is caused due to an out-of-bounds read error within the "_gnutls_ciphertext2compressed()" function in lib/gnutls_cipher.c and can be exploited to cause a crash of the application using the library. IMPACT: Possible DoS SOLUTION: Vendor recommends applying Patch or upgrading to Version 3.x

306

V-226: HP StoreOnce D2D Backup Systems Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

6: HP StoreOnce D2D Backup Systems Denial of Service 6: HP StoreOnce D2D Backup Systems Denial of Service Vulnerability V-226: HP StoreOnce D2D Backup Systems Denial of Service Vulnerability August 24, 2013 - 3:45am Addthis PROBLEM: A vulnerability has been reported in HP StoreOnce D2D Backup Systems, which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: HP StoreOnce D2D Backup Systems 1.x, HP StoreOnce D2D Backup Systems 2.x ABSTRACT: The vulnerability is reported in versions 2.2.18 and prior and 1.2.18 and prior. REFERENCE LINKS: Secunia Advisory SA54598 CVE-2013-2353 IMPACT ASSESSMENT: Moderate DISCUSSION: A vulnerability has been reported in HP StoreOnce D2D Backup Systems, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further

307

Knowledge Management and Visualization in Support of Vulnerability Assessment of Electricity Production  

SciTech Connect

With the rapid growth in demand of electricity, vulnerability assessment of electricity production and its availability has become essential to our economy, national defense, and quality of life. The main focus to date has generally been on protecting power plants and energy transmission systems. However, the extraction and delivery of fuels is also a critical component of the value chain for electricity production. A disruption at any point in the infrastructure could result in lost power production and delivery. The need for better analysis of fuel delivery vulnerabilities is pressing. Therefore, the purpose of this paper is to present the preliminary results of a research project that aims to analyze the vulnerability associated with delivery of fuels and to ensure availability of fuel supplies, by providing insight into likely vulnerability problems so that solutions and preventative methods may be devised. In this research project, a framework for electricity production vulnerability assessment was proposed. Different data sources were integrated into a data warehouse to allow interactive analysis of enormous historical datasets for coal transactions and coal transportation. By summarizing and slicing the historical datasets into different data cubes, the enormous datasets were able to be analyzed and visualized. An interactive GIS interface allows users to interact with it to perform different queries and then visualize the results. The analyses help decision makers understand the impact of fuel delivery disruption and the vulnerabilities in the coal transportation system. Thus, solutions and policies might be advised to avoid disruptions.

Dodrill, Keith; Garrett, J.H. (Carnegie Mellon); Matthews, S. (Carnegie Mellon); Shih, C-Y. (Carnegie Mellon); Soibelman, L. (Carnegie Mellon); McSurdy, S.

2007-01-01T23:59:59.000Z

308

U-171: DeltaV Products Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

71: DeltaV Products Multiple Vulnerabilities 71: DeltaV Products Multiple Vulnerabilities U-171: DeltaV Products Multiple Vulnerabilities May 17, 2012 - 7:00am Addthis PROBLEM: DeltaV Products Multiple Vulnerabilities PLATFORM: DeltaV and DeltaV Workstations versions 9.3.1, 10.3.1, 11.3, and 11.3.1 DeltaV ProEssentials Scientific Graph version 5.0.0.6 ABSTRACT: Multiple vulnerabilities have been reported in DeltaV products, which can be exploited by malicious people to conduct cross-site scripting attacks, SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. Reference LINKS: Secunia Advisory SA49210 CVE-2012-1814 CVE-2012-1815 CVE-2012-1816 CVE-2012-1817 CVE-2012-1818 IMPACT ASSESSMENT: High Discussion: 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and

309

Resolving the Spin Crisis: Mergers and Feedback  

E-Print Network (OSTI)

We model in simple terms the angular momentum (J) problem of galaxy formation in CDM, and identify the key elements of a scenario that can solve it. The buildup of J is modeled via dynamical friction and tidal stripping in mergers. This reveals how over-cooling in incoming halos leads to transfer of J from baryons to dark matter (DM), in conflict with observations. By incorporating a simple recipe of supernova feedback, we match the observed J distribution in disks. Gas removal from small incoming halos, which make the low-J component of the product, eliminates the low-J baryons. Partial heating and puffing-up of the gas in larger incoming halos, combined with tidal stripping, reduces the J loss of baryons. This implies a higher baryonic spin for lower mass halos. The observed low baryonic fraction in dwarf galaxies is used to calibrate the characteristic velocity associated with supernova feedback, yielding v_fb sim 100 km/s, within the range of theoretical expectations. The model then reproduces the observed distribution of spin parameter among dwarf and bright galaxies, as well as the J distribution inside these galaxies. This suggests that the model captures the main features of a full scenario for resolving the spin crisis.

Avishai Dekel; Ariyeh H. Maller

2002-01-19T23:59:59.000Z

310

Efficient data IO for a Parallel Global Cloud Resolving Model  

Science Journals Connector (OSTI)

Execution of a Global Cloud Resolving Model (GCRM) at target resolutions of 2-4 km will generate, at a minimum, 10s of Gigabytes of data per variable per snapshot. Writing this data to disk, without creating a serious bottleneck in the execution of the ... Keywords: Data formatting, Geodesic grid, Global Cloud Resolving Model, Grid Specifications, High performance IO, Parallel IO libraries

Bruce Palmer; Annette Koontz; Karen Schuchardt; Ross Heikes; David Randall

2011-12-01T23:59:59.000Z

311

Civil Penalty Actions For Certification Violations Resolved | Department of  

NLE Websites -- All DOE Office Websites (Extended Search)

Civil Penalty Actions For Certification Violations Resolved Civil Penalty Actions For Certification Violations Resolved Civil Penalty Actions For Certification Violations Resolved May 6, 2010 - 12:39pm Addthis Today, the Department of Energy announced that it had resolved civil penalty actions against four showerhead manufacturers for having violated the Department's water conservation certification regulations. To resolve these actions Zoe Industries, Altmans Products LLC, EZ-FLO International, and Watermark Designs Ltd. have now certified that their showerheads meet federal water conservation standards and collectively will pay civil penalties of $165,104. DOE had initiated cases against the four manufacturers on January 25th, alleging that they had failed to submit required documents to DOE demonstrating compliance with federal

312

Civil Penalty Actions For Certification Violations Resolved | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Civil Penalty Actions For Certification Violations Resolved Civil Penalty Actions For Certification Violations Resolved Civil Penalty Actions For Certification Violations Resolved May 6, 2010 - 12:39pm Addthis Today, the Department of Energy announced that it had resolved civil penalty actions against four showerhead manufacturers for having violated the Department's water conservation certification regulations. To resolve these actions Zoe Industries, Altmans Products LLC, EZ-FLO International, and Watermark Designs Ltd. have now certified that their showerheads meet federal water conservation standards and collectively will pay civil penalties of $165,104. DOE had initiated cases against the four manufacturers on January 25th, alleging that they had failed to submit required documents to DOE demonstrating compliance with federal

313

V-080: Apple iOS Multiple Vulnerabilities | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

0: Apple iOS Multiple Vulnerabilities 0: Apple iOS Multiple Vulnerabilities V-080: Apple iOS Multiple Vulnerabilities January 30, 2013 - 12:56am Addthis PROBLEM: Apple iOS Multiple Vulnerabilities PLATFORM: Apple iOS 6.x for iPhone 3GS and later Apple iOS for iPad 6.x Apple iOS for iPod touch 6.x ABSTRACT: Two security issues and multiple vulnerabilities have been reported in Apple iOS REFERENCE LINKS: Article: HT5642 APPLE-SA-2013-01-28-1 iOS 6.1 Software Update Secunia Advisory SA52002 CVE-2011-3058 CVE-2012-2619 CVE-2012-2824 CVE-2012-2857 CVE-2012-2889 CVE-2012-3606 CVE-2012-3607 CVE-2012-3621 CVE-2012-3632 CVE-2012-3687 CVE-2012-3701 CVE-2013-0948 CVE-2013-0949 CVE-2013-0950 CVE-2013-0951 CVE-2013-0952 CVE-2013-0953 CVE-2013-0954 CVE-2013-0955 CVE-2013-0956 CVE-2013-0958 CVE-2013-0959 CVE-2013-0962 CVE-2013-0963 CVE-2013-0964

314

V-158: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities 8: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities V-158: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities May 17, 2013 - 6:00am Addthis PROBLEM: Multiple vulnerabilities have been reported in BlackBerry Tablet OS PLATFORM: BlackBerry Tablet OS 2.x ABSTRACT: Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. REFERENCE LINKS: Secunia Advisory SA53453 Blackberry Security Advisory KB34161 CVE-2012-5248 CVE-2012-5249 CVE-2012-5250 CVE-2012-5251 CVE-2012-5252 CVE-2012-5253 CVE-2012-5254 CVE-2012-5255 CVE-2012-5256 CVE-2012-5257 CVE-2012-5258 CVE-2012-5259 CVE-2012-5260 CVE-2012-5261 CVE-2012-5262 CVE-2012-5263 CVE-2012-5264 CVE-2012-5265

315

V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

7: eXtplorer "ext_find_user()" Authentication Bypass 7: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability V-057: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability December 28, 2012 - 6:00am Addthis PROBLEM: eXtplorer "ext_find_user()" Authentication Bypass Vulnerability PLATFORM: eXtplorer 2.x ABSTRACT: A vulnerability has been reported in eXtplorer, which can be exploited by malicious people to bypass certain security restrictions. REFERENCE LINKS: Secunia Advisory SA51636 eXtplorer 2.1.3 Security Release IMPACT ASSESSMENT: Medium DISCUSSION: eXtplorer was notified of a problem within the authentication system of eXtplorer Versions 2.1.2, 2.1.1, 2.1.0 and 2.1.0RC5 that have been found to be vulnerable to an authentication bypass bug. IMPACT: An error within the "ext_find_user()" function in users.php can be

316

GIS and ANN coupling model: an innovative approach to evaluate vulnerability of karst water inrush in coalmines of north China  

Science Journals Connector (OSTI)

In northern China, coal mining is often affected by groundwater inrushes ... of the coalmines. A geographic information system (GIS) was constructed to evaluate the vulnerability of...

Qiang Wu; Hua Xu; Wei Pang

2008-05-01T23:59:59.000Z

317

Local Implications of Globally Restricted Mobility: A study of Queenstown’s vulnerability to peak oil and climate change.  

E-Print Network (OSTI)

??This thesis employs a case study approach to investigate local implications of globally restricted mobility by examining Queenstown’s vulnerability to peak oil and climate change.… (more)

Walsh, Tim

2011-01-01T23:59:59.000Z

318

Clash of the built and natural environments : a vulnerability index to flood risk in Galveston County, Texas.  

E-Print Network (OSTI)

??Vulnerability occurs at the intersection of natural geophysical forces and human settlement decisions. When humans decide to place themselves and their homes in harm’s way… (more)

Kellerman, Frances Anne

2013-01-01T23:59:59.000Z

319

Groundwater vulnerability to agrochemicals: a GIS-based DRASTIC model analysis of Carroll, Chariton, and Saline counties, Missouri USA .  

E-Print Network (OSTI)

??This investigation presents an analysis of groundwater vulnerability in three mid-Missouri counties that represent an agricultural production region that is physiographically and hydrogeologically complex. The… (more)

Soper, Rodney Craig

2006-01-01T23:59:59.000Z

320

V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

177: VMware vCenter Chargeback Manager File Upload Handling 177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability June 13, 2013 - 6:00am Addthis PROBLEM: vCenter Chargeback Manager Remote Code Execution PLATFORM: VMware vCenter Chargeback Manager 2.x ABSTRACT: The vCenter Chargeback Manager contains a critical vulnerability that allows for remote code execution REFERENCE LINKS: Secunia Advisory SA53798 VMWare Security Advisory VMSA-2013-0008 CVE-2013-3520 IMPACT ASSESSMENT: Medium DISCUSSION: The vCenter Chargeback Manager (CBM) contains a flaw in its handling of file uploads. Exploitation of this issue may allow an unauthenticated attacker to execute code remotely. IMPACT: System Access SOLUTION: Vendor recommends updating to version 2.5.1

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


321

DOE Resolves Nearly All of its September 2010 Certification Enforcement  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolves Nearly All of its September 2010 Certification Resolves Nearly All of its September 2010 Certification Enforcement Actions DOE Resolves Nearly All of its September 2010 Certification Enforcement Actions October 19, 2010 - 10:39am Addthis The Energy Department's new Office of Enforcement, part of the General Counsel's Office, announced today that it has now successfully resolved 26 of the 30 certification enforcement cases brought in September 2010 as part of the Department's ongoing enforcement initiative. The Department will continue aggressively enforcing its certification requirements, which generate information that allows the Department to verify if a company is complying with energy and water efficiency standards that deliver significant energy, water, and cost savings to the American public.

322

DOE Resolves Nearly All of its September 2010 Certification Enforcement  

NLE Websites -- All DOE Office Websites (Extended Search)

Resolves Nearly All of its September 2010 Certification Resolves Nearly All of its September 2010 Certification Enforcement Actions DOE Resolves Nearly All of its September 2010 Certification Enforcement Actions October 19, 2010 - 10:39am Addthis The Energy Department's new Office of Enforcement, part of the General Counsel's Office, announced today that it has now successfully resolved 26 of the 30 certification enforcement cases brought in September 2010 as part of the Department's ongoing enforcement initiative. The Department will continue aggressively enforcing its certification requirements, which generate information that allows the Department to verify if a company is complying with energy and water efficiency standards that deliver significant energy, water, and cost savings to the American public.

323

DOE Office of Enforcement Resolves 20 Energy Efficiency Enforcement Cases |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolves 20 Energy Efficiency Enforcement Resolves 20 Energy Efficiency Enforcement Cases DOE Office of Enforcement Resolves 20 Energy Efficiency Enforcement Cases June 3, 2011 - 5:04pm Addthis The Department of Energy's Office of Enforcement today announced that it has resolved the 20 enforcement cases it brought in April 2011 against companies for failing to certify that their products comply with the Department's energy and water use standards. The certification requirement generates important information that allows the Department to verify compliance with its efficiency standards and ensures that consumers have the information they need to buy energy- and cost-saving products. In 17 of the cases, the companies entered agreements that include a commitment to certify all covered products. As part of the agreements,

324

DOE Successfully Resolves Three Enforcement Cases and Files Yet Another |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Successfully Resolves Three Enforcement Cases and Files Yet Successfully Resolves Three Enforcement Cases and Files Yet Another DOE Successfully Resolves Three Enforcement Cases and Files Yet Another September 29, 2010 - 5:24pm Addthis The Department has resolved three more of the 27 certification enforcement cases initiated three weeks ago and issued one additional penalty notice to Nordyne, LLC for failure to certify certain air conditioner and heat pump products. These actions reflect the Department's continued aggressive efforts to enforce the Department's certification requirement - which helps to ensure that appliance, plumbing, and lighting products meet the energy and water efficiency levels required by law. The three companies - Daewoo International Inc., Amerisink Inc., and Stiebel Eltron, Inc.- have each agreed to pay $5,000 in penalties and to

325

DOE Resolves Avanti Refrigerator and Freezer Civil Penalty Case  

Energy.gov (U.S. Department of Energy (DOE))

Today, the Department of Energy announced that it has resolved the civil penalty action against Mackle Company for its failure to certify that refrigerators and refrigerator-freezers sold under the...

326

Depth-resolved cathodoluminescence spectroscopy of silicon supersaturated with sulfur  

E-Print Network (OSTI)

We investigate the luminescence of Si supersaturated with S (Si:S) using depth-resolved cathodoluminescence spectroscopy and secondary ion mass spectroscopy as the S concentration is varied over 2 orders of magnitude ...

Fabbri, Filippo

327

Generic Sorting in RESOLVE Yu-Shan Sun  

E-Print Network (OSTI)

1 Generic Sorting in RESOLVE Yu-Shan Sun Dept. of Mathematics and Computer Science Denison University Granville OH, 43023, USA Email: sun s@denison.edu Joan Krone Dept. of Mathematics and Computer

328

Application of Automation and Thermal Analysis to Resolving Agent Selection  

Science Journals Connector (OSTI)

The use of differential scanning calorimetry as a means to identify diastereoisomeric salts with a clear eutectic composition that is needed for effective resolution is described and forms the basis of a resolving agent screening process. Automated salt ...

Ulrich C. Dyer; David A. Henderson; Mark B. Mitchell

1999-03-19T23:59:59.000Z

329

Department of Energy Plutonium ES&H Vulnerability Assessment Savannah River Site interim compensatory measures  

SciTech Connect

The Savannah River Site (SRS) has recently completed a self-assessment of potential vulnerabilities associated with plutonium and other transuranic materials stored at the site. An independent Working Group Assessment Team (WGAT) appointed by DOE/ES&H also performed an independent assessment, and reviewed and validated the site self-assessment. The purpose of this report is to provide a status of interim compensatory measures at SRS to address hazards in advance of any corrective actions. ES&H has requested this status for all vulnerabilities ranked medium or higher with respect to potential consequences to workers, environment, and the public.

Bickford, W.E.

1994-09-15T23:59:59.000Z

330

Angularly resolved Auger rates of LiF and HF  

Science Journals Connector (OSTI)

Angularly resolved Auger rates are investigated. The angular distributions of Auger electrons display a strong dependence on the final dicationic state which is created by the Auger process. The angular distributions show interference structures which can be related to the geometry of the molecule. Although there are presently no experimental data on angularly resolved Auger rates, we suppose that the angular distributions are measurable, e.g., by coincidence techniques.

K. Zähringer; H.-D. Meyer; L. S. Cederbaum

1992-11-01T23:59:59.000Z

331

Femtosecond time-resolved spectroscopy of coherent oscillations in nanomaterials  

E-Print Network (OSTI)

FEMTOSECOND TIME-RESOLVED SPECTROSCOPY OF COHERENT OSCILLATIONS IN NANOMATERIALS A Dissertation by SERGUEI JEREBTSOV Submitted to the Office of Graduate Studies of Texas A&M University in partial fulfillment of the requirements for the degree... of DOCTOR OF PHILOSOPHY May 2007 Major Subject: Physics FEMTOSECOND TIME-RESOLVED SPECTROSCOPY OF COHERENT OSCILLATIONS IN NANOMATERIALS A Dissertation by SERGUEI JEREBTSOV Submitted to the Office of Graduate Studies of Texas A&M University in partial...

Jerebtsov, Serguei Nikolaevich

2009-05-15T23:59:59.000Z

332

E-Print Network 3.0 - angle resolved thermal Sample Search Results  

NLE Websites -- All DOE Office Websites (Extended Search)

consequences of a thermal pulse... . Schematic drawing of the time-resolved ellipsometer. Pump pulses thermally excite a thin Au film deposited... 1 Time-resolved ellipsometry for...

333

E-Print Network 3.0 - angle-resolved ultraviolet photoelectron...  

NLE Websites -- All DOE Office Websites (Extended Search)

Ph.D. March, 1994. Thesis: "Angle-Resolved Photoemission Study of Several Transition Metal... .D. 2003. Thesis: "Angle-Resolved Photoemission Study of the Elelctronic Structure...

334

U-183: ISC BIND DNS Resource Records Handling Vulnerability | Department of  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

3: ISC BIND DNS Resource Records Handling Vulnerability 3: ISC BIND DNS Resource Records Handling Vulnerability U-183: ISC BIND DNS Resource Records Handling Vulnerability June 5, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). PLATFORM: Version(s): ISC BIND 9.2.x ISC BIND 9.3.x ISC BIND 9.4.x ISC BIND 9.5.x ISC BIND 9.6.x ISC BIND 9.7.x ISC BIND 9.8.x ISC BIND 9.9.x ABSTRACT: This problem was uncovered while testing with experimental DNS record types. It is possible to add records to BIND with null (zero length) rdata fields. Reference List: Secunia Advisory 49338 CVE-2012-1667 Original Advisory IMPACT ASSESSMENT: High Discussion: Recursive servers may crash or disclose some portion of memory to the

335

Energy Sector Vulnerable to Climate Change, U.S. Department of Energy  

NLE Websites -- All DOE Office Websites (Extended Search)

Energy Sector Vulnerable to Climate Change, U.S. Department of Energy Report Says Print E-mail Energy Sector Vulnerable to Climate Change, U.S. Department of Energy Report Says Print E-mail President Obama Announces His Climate Action Plan Friday, July 26, 2013 Featured by DOE, a member of the U.S. Global Change Research Program In his speech at Georgetown University last month, President Obama referred to our nation's vulnerabilities to climate change, underscoring how Hurricane Sandy and other climate-related disasters serve as wake-up calls. These extreme weather events as well as changes in temperature and water availability - all related to our changing climate - are disrupting the ways we generate, distribute, and consume energy, according to a new report released by the US Department of Energy. The U.S. Energy Sector Vulnerabilities to Climate Change and Extreme Weather report examines current and potential future impacts of these climate trends on the U.S. energy sector.

336

U-138: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: Cisco IOS IPSec IKE Unspecified Denial of Service 8: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability U-138: Cisco IOS IPSec IKE Unspecified Denial of Service Vulnerability April 2, 2012 - 7:00am Addthis PROBLEM: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). PLATFORM: Cisco IOS XE 2.1.x Cisco IOS XE 2.2.x Cisco IOS XE 2.3.x Cisco IOS XE 2.4.x Cisco IOS XE 2.5.x Cisco IOS XE 2.6.x Cisco IOS XE 3.1.x Cisco IOS XE 3.3.x ABSTRACT: The IKEv1 feature of Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected device. REFERENCE LINKS: Vendor Advisory Secunia Advisory SA48607 CVE-2012-0381 iMPACT ASSESSMENT: High discussion: The March 28, 2012, Cisco IOS Software Security Advisory bundled

337

T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

4: Vulnerability in the PDF distiller of the BlackBerry 4: Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server T-534: Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server January 13, 2011 - 2:30pm Addthis PROBLEM: Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server. PLATFORM: * BlackBerry Enterprise Server Express version 5.0.1 and 5.0.2 for Microsoft Exchange * BlackBerry Enterprise Server Express version 5.0.2 for IBM Lotus Domino * BlackBerry Enterprise Server versions 4.1.3 through 5.0.2 for Microsoft Exchange and IBM Lotus Domino * BlackBerry Enterprise Server versions 4.1.3 through 5.0.1 for Novell GroupWise * BlackBerry Professional Software version 4.1.4 for Microsoft Exchange and

338

Sensitivity Analysis of the Power Grid Vulnerability to Large-Scale Cascading Failures  

E-Print Network (OSTI)

, Survivability. 1. INTRODUCTION The power grid is vulnerable to natural disasters, such as earthquakes and solar life, as many systems (e.g., telecommunications, gas and wa- ter supply, and transportation) highly blackout in Italy [10] and the Apr. 2012 blackout in Cyprus [16]), and Asia (India's blackout in July 2012

Shepard, Kenneth

339

Centrality and vulnerability in liner shipping networks: revisiting the Northeast Asian port hierarchy  

E-Print Network (OSTI)

1 Centrality and vulnerability in liner shipping networks: revisiting the Northeast Asian port@parisgeo.cnrs.fr Sung-Woo LEE Korea Maritime Institute Shipping, Port & Logistics Research Department KBS media Center: revisiting the Northeast Asian port hierarchy Abstract This paper is essentially an empirical investigation

Paris-Sud XI, Université de

340

Extreme vulnerability of smallholder farmers to agricultural risks and climate change in Madagascar  

Science Journals Connector (OSTI)

...reducing agricultural risk, which could be widely...used to help with such investments that result in important...their high exposure to risks and the urgent need to...vulnerability to these risks. Increasing the productivity...technical, financial and political support and action at...

2014-01-01T23:59:59.000Z

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


341

Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats  

E-Print Network (OSTI)

Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats Mingkui- grates communication networks into traditional power grid. This integration, however, makes the power and applications. But in power grid, these data-centric attacks may result in instable power systems, and further

Wang, Wenye

342

Statistical Estimation of Circuit Timing Vulnerability Due to Leakage-Induced Power Grid Voltage Drop  

E-Print Network (OSTI)

Statistical Estimation of Circuit Timing Vulnerability Due to Leakage-Induced Power Grid Voltage voltage drops on the power grid that can affect circuit timing. We propose a statistical analysis supply voltage to circuit devices is referred to as the power grid. The consequences of power grid

Najm, Farid N.

343

1900 CROP SCIENCE, VOL. 44, NOVEMBERDECEMBER 2004 Reducing the Genetic Vulnerability of Cotton  

E-Print Network (OSTI)

1900 CROP SCIENCE, VOL. 44, NOVEMBER­DECEMBER 2004 Reducing the Genetic Vulnerability of Cotton. Lloyd May, and C. Wayne Smith change in cotton yields has steadily declined since 1985. The u.s. cotton (Gossypium spp.) production system By 1998, absolute cotton yields (not just the rate ofexemplifies

Chee, Peng W.

344

Title: Climate Change Vulnerability and Adaptation Options for Coastal Communities in Timor-Leste  

E-Print Network (OSTI)

Title: Climate Change Vulnerability and Adaptation Options for Coastal Communities in Timor-Leste Summary Climate change is a major global challenge, particularly for world's coastal communities in low 2008, Kelman & West 2009, Veitayaki 2010). Within these regions, climate change impacts are already

345

Experimental Studies of Vulnerabilities in Devices and On-Chip Protection  

E-Print Network (OSTI)

Experimental Studies of Vulnerabilities in Devices and On-Chip Protection Agis A. Iliadis effects on the fundamental units of IC circuits, ie individual devices (MOSFETs) and gates (CMOS Inverters MOSFET devices as on-chip sensing and protecting elements. · Develop on-chip sensing, registration

Anlage, Steven

346

UEA Water Security Research Centre Climate Change and Variability Adaptation and Vulnerability  

E-Print Network (OSTI)

UEA Water Security Research Centre Climate Change and Variability · Adaptation and Vulnerability · Transboundary Cooperation ­ Conflict · Irrigation Performance and Policy · River Basin Management · Water Allocation · Hydropolitics www.uea.ac.uk/watersecurity #12;The UEA Water Security Research Centre applies

Everest, Graham R

347

Vulnerability of the New York City Metropolitan Area to Coastal Hazards,  

E-Print Network (OSTI)

Trade Center site in Lower Manhattan, and of the Brooklyn water- front, long home to the former Brooklyn-Level Rise: Inferences for Urban Coastal Risk Management and Adaptation Policies Klaus Jacob, Vivien Gornitz at or near sea level. Major coastal urban centers have long been vulnerable to natural hazards, such as storm

348

educating | innovating | transforming | advocating | strengthening vulnerable families social workuniversity of illinois at urbana-champaign  

E-Print Network (OSTI)

educating | innovating | transforming | advocating | strengthening vulnerable families social innovative efforts and collaborations are having on the lives of people in need. Whose lives? Those of · Low to work through the social barriers hindering the project. "We needed to gain trust from the local

Gilbert, Matthew

349

Governors of the Armagh Observatory and Planetarium: Safeguarding Children and Vulnerable Adults Policy and  

E-Print Network (OSTI)

15 Governors of the Armagh Observatory and Planetarium: Safeguarding Children and Vulnerable Adults been drafted by considering law and government policies and procedures on safeguarding. A list has been as being safe and protected from harm. For the purposes of this Safeguarding policy the terms `child

350

Governors of the Armagh Observatory and Planetarium: Safeguarding Children and Vulnerable Adults Policy and  

E-Print Network (OSTI)

15 Governors of the Armagh Observatory and Planetarium: Safeguarding Children and Vulnerable Adults drafted by considering law and government policies and procedures on safeguarding. A list has been as being safe and protected from harm. For the purposes of this Safeguarding policy the terms `child

351

Impact of relief accuracy on flood simulations and road network vulnerability analysis  

E-Print Network (OSTI)

1 Impact of relief accuracy on flood simulations and road network vulnerability analysis Jean). Numerical representation of relief (DTM) is a prime necessity in risk simulation, in particular in flood of the flood simulation. On that account, we consider ways to enrich the DTM by integrating relevant

Paris-Sud XI, Université de

352

Seismic vulnerability assessment through explicit consideration of uncertainties in structural capacities and structural demands  

Science Journals Connector (OSTI)

Earthquakes are among the most important natural hazards confronting engineers, regulatory authorities, and the public at large. The assessment of structural seismic vulnerability has become the subject of intensive research. In this paper, a mathematical framework for seismic vulnerability assessment of building structures is presented, and the concept of vulnerability function is introduced and mathematically described, which is integrally related to the fragility assessment and reflects the susceptibility of a system to serious consequences. The limit state of a building structure is stated as the structural demand exceeding the structural capacity, so the methodology is developed based on a systematic treatment of uncertainties in seismic hazard, structural demands due to seismic hazard, and capacities of building structures in resisting limit states. The methods and assessment procedures are illustrated through a steel building frame, showing the presented methodology is an efficient tool in support of seismic vulnerability assessment. The explicit consideration of uncertainty is an integral part of the engineering risk management and decision process, and the methodology can also be applied to other buildings, bridges or civil infrastructure systems.

Quanwang Li; Jiankang Sun; Jiansheng Fan

2012-01-01T23:59:59.000Z

353

A METHOD FOR RAPID VULNERABILITY ASSESSMENT OF STRUCTURES LOADED BY OUTSIDE BLASTS  

E-Print Network (OSTI)

the structural reliability information for the vulnerability analysis. 1 Corresponding Author: Jamova 39, SI-1000 , Matjaz Leskovar, Marko Cepin, Borut Mavko "Jozef Stefan" Institute, Reactor Engineering Division Keywords blast loads, buildings, rapid assessment, structural reliability ABSTRACT The blast loads have in most

Cizelj, Leon

354

Assessment of U.S. Agriculture Sector and Human Vulnerability to a Rift Valley Fever Outbreak  

E-Print Network (OSTI)

on the assessment of the U.S. agricultural sector and human vulnerability to a Rift Valley Fever (RVF) outbreak and the value of a select set of alternative disease control strategies. RVF is a vector-borne, zoonotic disease that affects both livestock and humans...

Hughes, Randi Catherine

2011-08-08T23:59:59.000Z

355

Management response plan for the Chemical Safety Vulnerability Working Group report. Volume 2  

SciTech Connect

The Chemical Safety Vulnerability (CSV) Working Group was established to identify adverse conditions involving hazardous chemicals at DOE facilities that might result in fires or explosions, release of hazardous chemicals to the environment, or exposure of workers or the public to chemicals. A CSV Review was conducted in 146 facilities at 29 sites. Eight generic vulnerabilities were documented related to: abandoned chemicals and chemical residuals; past chemical spills and ground releases; characterization of legacy chemicals and wastes; disposition of legacy chemicals; storage facilities and conditions; condition of facilities and support systems; unanalyzed and unaddressed hazards; and inventory control and tracking. Weaknesses in five programmatic areas were also identified related to: management commitment and planning; chemical safety management programs; aging facilities that continue to operate; nonoperating facilities awaiting deactivation; and resource allocations. To address the facility-specific and site-specific vulnerabilities, responsible DOE and site-contractor line organizations have developed initial site response plans. These plans, presented as Volume 2 of this Management Response Plan, describe the actions needed to mitigate or eliminate the facility- and site-specific vulnerabilities identified by the CSV Working Group field verification teams. Initial site response plans are described for: Brookhaven National Lab., Hanford Site, Idaho National Engineering Lab., Lawrence Livermore National Lab., Los Alamos National Lab., Oak Ridge Reservation, Rocky Flats Plant, Sandia National Laboratories, and Savannah River Site.

Not Available

1994-09-01T23:59:59.000Z

356

PHS 650-section 052: Healthcare Quality Improvement and Evaluation for Vulnerable Populations  

E-Print Network (OSTI)

can contribute to global health system reform and realization of the Millennium Development Goals. II. Learning Objectives To understand how quality health care has been defined and implemented with vulnerable health care quality" BMJ 2004; 328: 1124-9 Bloom BS. "Crossing the quality chasm: a new health system

Sheridan, Jennifer

357

A graph-theoretical characterization of power network vulnerabilities Fabio Pasqualetti, Antonio Bicchi, and Francesco Bullo  

E-Print Network (OSTI)

of vulnerabilities that are inherent to the power network interconnection structure. From a system theoretic, if exploited by an adversarial agent, may lead to a complete disruption of the system functionalities. The case in the power network model. The study of dynamical systems in descriptor form has received sensible attention

Bullo, Francesco

358

Power System Extreme Event Detection: The Vulnerability Frontier Bernard C. Lesieutre Ali Pinar  

E-Print Network (OSTI)

Power System Extreme Event Detection: The Vulnerability Frontier Bernard C. Lesieutre Ali Pinar the number of line outages in a grid to the power disrupted by the outages. This frontier describes the boundary of a space relating the possible severity of a disturbance in terms of power disruption, from zero

Pinar, Ali

359

Energy Vulnerability Assessment for the US Pacific Islands. Technical Appendix 2  

SciTech Connect

The study, Energy Vulnerability Assessment of the US Pacific Islands, was mandated by the Congress of the United States as stated in House Resolution 776-220 of 1992, Section 1406. The resolution states that the US Secretary of Energy shall conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption. Such study shall outline how the insular areas shall gain access to vital oil supplies during times of national emergency. The resolution defines insular areas as the US Virgin Islands, Puerto Rico, Guam, American Samoa, the Commonwealth of the Northern Mariana Islands, and Palau. The US Virgin Islands and Puerto Rico are not included in this report. The US Department of Energy (USDOE) has broadened the scope of the study contained in the House Resolution to include emergency preparedness and response strategies which would reduce vulnerability to an oil supply disruption as well as steps to ameliorate adverse economic consequences. This includes a review of alternative energy technologies with respect to their potential for reducing dependence on imported petroleum. USDOE has outlined the four tasks of the energy vulnerability assessment as the following: (1) for each island, determine crude oil and refined product demand/supply, and characterize energy and economic infrastructure; (2) forecast global and regional oil trade flow patterns, energy demand/supply, and economic activities; (3) formulate oil supply disruption scenarios and ascertain the general and unique vulnerabilities of these islands to oil supply disruptions; and (4) outline emergency preparedness and response options to secure oil supplies in the short run, and reduce dependence on imported oil in the longer term.

Fesharaki, F.; Rizer, J.P.; Greer, L.S.

1994-05-01T23:59:59.000Z

360

Resolve to Save Energy This Year | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolve to Save Energy This Year Resolve to Save Energy This Year Resolve to Save Energy This Year January 2, 2014 - 8:50am Addthis Looking for ways to save energy? Check out these tips that every homeowner should try. | Infographic by Sarah Gerrity, Energy Department. Updated January 2, 2014. Looking for ways to save energy? Check out these tips that every homeowner should try. | Infographic by Sarah Gerrity, Energy Department. Updated January 2, 2014. Rebecca Matulka Rebecca Matulka Digital Communications Specialist, Office of Public Affairs Looking for more ways to save energy? Check out Energy Saver for tips that save energy and money. Editor's Note: It's a new year, and that means new resolutions. Whether this is the first year you're looking for ways to save energy or you want to lower your energy bills even more than last year, check out our eight

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


361

Princeton Professor Resolves Complex Puzzle | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Princeton Professor Resolves Complex Puzzle Princeton Professor Resolves Complex Puzzle Princeton Professor Resolves Complex Puzzle November 24, 2010 - 11:32am Addthis Andy Oare Andy Oare Former New Media Strategist, Office of Public Affairs What does this mean for me? Dr. Torquato's work -- in addition to detecting gravitational waves and improving understanding of low-temperature states of matter -- could have applications in areas ranging from wireless communications network layouts to data compression and coding and cryptography. A change in perspective can change everything. A complex jigsaw puzzle may suddenly be solved by stepping back ... Taking the dog for a walk ... Or going to the gym. Physicists and mathematicians often work in similar fashion: taking a step back, looking at a complex problem in a new way, and

362

Resolve to Save Energy This Year | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolve to Save Energy This Year Resolve to Save Energy This Year Resolve to Save Energy This Year January 2, 2013 - 10:52am Addthis Looking for ways to save energy? Check out these tips that every homeowner should try. | Infographic by Sarah Gerrity, Energy Department. Looking for ways to save energy? Check out these tips that every homeowner should try. | Infographic by Sarah Gerrity, Energy Department. Rebecca Matulka Rebecca Matulka Digital Communications Specialist, Office of Public Affairs Looking for more ways to save energy? Check out Energy Saver for tips that save energy and money. At the beginning of every new year, millions of Americans make New Year's resolutions, which inevitably are forgotten by the end of January. This year, forget making a New Year's resolution. Instead make a home energy

363

A watershed-based method for environmental vulnerability assessment with a case study of the Mid-Atlantic region  

SciTech Connect

The paper presents a method for environmental vulnerability assessment with a case study of the Mid-Atlantic region. The method is based on the concept of 'self-/peer-appraisal' of a watershed in term of vulnerability. The self-/peer-appraisal process is facilitated by two separate linear optimization programs. The analysis provided insights on the environmental conditions, in general, and the relative vulnerability pattern, in particular, of the Mid-Atlantic region. The suggested method offers a simple but effective and objective way to perform a regional environmental vulnerability assessment. Consequently the method can be used in various steps in environmental assessment and planning. - Highlights: Black-Right-Pointing-Pointer We present a method for regional environmental vulnerability assessment. Black-Right-Pointing-Pointer It is based on the self-/peer-appraisal concept in term of vulnerability. Black-Right-Pointing-Pointer The analysis is facilitated by two separate linear optimization programs. Black-Right-Pointing-Pointer The method provides insights on the regional relative vulnerability pattern.

Tran, Liem T., E-mail: ltran1@utk.edu [Department of Geography, University of Tennessee, Knoxville, TN (United States); O& #x27; Neill, Robert V. [OTIE and Associates, Oak Ridge, TN (United States); Smith, Elizabeth R. [U.S. Environmental Protection Agency, Office of Research and Development, National Exposure Research Laboratory, Research Triangle Park, NC (United States)

2012-04-15T23:59:59.000Z

364

Comparisons of purely topological model, betweenness based model and direct current power flow model to analyze power grid vulnerability  

Science Journals Connector (OSTI)

This paper selects three frequently used power grid models including a purely topological model (PTM) a betweennness based model (BBM) and a direct current power flow model (DCPFM) to describe three different dynamical processes on a power grid under both single and multiple component failures. Each of the dynamical processes is then characterized by both a topology-based and a flow-based vulnerability metrics to compare the three models with each other from the vulnerability perspective. Taking as an example the IEEE 300 power grid with line capacity set proportional to a tolerance parameter tp the results show non-linear phenomenon: under single node failures there exists a critical value of tp?=?1.36 above which the three models all produce identical topology-based vulnerability results and more than 85% nodes have identical flow-based vulnerability from any two models; under multiple node failures that each node fails with an identical failure probability fp there exists a critical fp?=?0.56 above which the three models produce almost identical topology-based vulnerability results at any tp???1 but producing identical flow-based vulnerability results only occurs at fp?=?1. In addition the topology-based vulnerability results can provide a good approximation for the flow-based vulnerability under large fp and the priority of PTM and BBM to better approach the DCPFM for vulnerability analysis mainly depends on the value of fp. Similar results are also found for other failure types other system operation parameters and other power grids.

2013-01-01T23:59:59.000Z

365

Time-Resolved Study of Bonding in Liquid Carbon  

NLE Websites -- All DOE Office Websites (Extended Search)

Time-Resolved Study of Bonding Time-Resolved Study of Bonding in Liquid Carbon Time-Resolved Study of Bonding in Liquid Carbon Print Wednesday, 28 September 2005 00:00 We are accustomed to observing carbon in its elemental form as a solid, ranging from the soft "lead" in pencils to the precious gemstone in diamond rings. While considerable attention has been focused on solid forms of carbon, the properties of liquid carbon are much more difficult to measure accurately. The very strong bonding between carbon atoms that gives diamonds their hardness also makes carbon very difficult to melt, requiring temperatures above 5000 K at pressures above 100 bar. Maintaining such conditions in a laboratory is a challenge that has hampered efforts to fully understand the chemical bonding properties of this biologically, industrially, and environmentally important element. At the ALS, researchers have found a way to rapidly heat a carbon sample and contain the resulting liquid long enough to perform picosecond time-resolved x-ray absorption spectroscopy. The technique provides a way to measure the bonding properties of liquid carbon at near-solid densities that can then be compared with results from molecular dynamics simulations.

366

Resolving Water Conflicts -Impediments and Solutions Symposium Location: Binghamton University  

E-Print Network (OSTI)

and discuss possible approaches to resolving these conflicts. Agenda: Wednesday P.M. Keynote Presentations Zhu, Burrell Montz and Joe Graney) 1:30 ­ 2:15 Jeff Lape Executive Director EPA Chesapeake Bay Program Conflicts and Solutions - Chesapeake Bay Program Perspectives 2:15 ­ 2:30 Break (Refreshments in Back

Suzuki, Masatsugu

367

Spatially Resolved Ballistic Optoelectronic Transport Measured by Quantized  

E-Print Network (OSTI)

Spatially Resolved Ballistic Optoelectronic Transport Measured by Quantized Photocurrent of the electron modes in the QPC. KEYWORDS Ballistic optoelectronic quantum transport, nanoscale electronics Q to hundreds of nanometers have been detected. We find that a ballistic optoelectronic trans- port can occur

Ludwig-Maximilians-Universität, München

368

An improved framework for power grid vulnerability analysis considering critical system features  

Science Journals Connector (OSTI)

Abstract In recent years the rapid development of complex network theory has provided a new angle on the vulnerability analysis of a power grid. However, current analysis models are usually general ones that may ignore some specific features of power systems. In order to address the issue, this paper proposes an improved framework for the vulnerability analysis of power grids. Firstly, the traditional topology based graph model is improved by depicting a power grid as a weighted graph based on the reactance matrix. Secondly, the concept of load is redefined by using power angle information. Thirdly, the power flow constraints are adopted instead of the shortest path based flow scheme. Based on the proposed framework, an improved dynamic analysis model is developed. In addition, numerical simulations for both a general traditional model and the proposed model are investigated based on the IEEE 118-bus system respectively. The comparison demonstrates that the improved model is more effective and efficient for the vulnerability analysis of a power grid.

YuanYu Dai; Guo Chen; ZhaoYang Dong; YuSheng Xue; David J. Hill; Yuan Zhao

2014-01-01T23:59:59.000Z

369

Insular Area energy vulnerability, Puerto Rico, US Virgin Islands. Technical Appendix 1  

SciTech Connect

This report was prepared in response to Section 1406 of the Energy Policy Act of 1992 (P.L. 192-486). The Act directed the Department of Energy (DOE) to ``conduct a study of the implications of the unique vulnerabilities of the insular areas to an oil supply disruption,`` and to ``outline how the insular areas shall gain access to vital oil supplies during times of national emergency.`` The Act defines the insular areas to be the US Virgin Islands and Puerto Rico in the Caribbean, and Guam, American Samoa, the Commonwealth of the Northern Mariana Islands (CNMI), and Palau in the Pacific. This report is the analysis of Puerto Rico and the US Virgin Islands. In the study, ``unique vulnerabilities`` were defined as susceptibility to: (1) more frequent or more likely interruptions of oil supplies compared to the mainland, and/or (2) disproportionately larger or more likely economic losses in the event of an oil supply disruption. In order to asses unique vulnerabilities, the study examined in the insular areas` experience during past global disruptions of oil supplies and during local emergencies caused by natural disasters. The effects of several possible future global disruptions and local emergencies were also analyzed. Analyses were based on historical data, simulations using energy and economic models, and interviews with officials in the insular governments and the energy industry.

Stern, M.; Willard, E.E.; Efferding, S. [Ensys Energy & Systems, Inc., Flemington, NJ (United States)

1994-05-01T23:59:59.000Z

370

Vulnerability of larval and juvenile white sturgeon to barotrauma: can they handle the pressure?  

SciTech Connect

Techniques were developed to determine which life stages of fish are vulnerable to barotrauma from expansion of internal gases during decompression. Eggs, larvae and juvenile hatchery-reared white sturgeon (Acipenser transmontanus; up to 91 days post hatch; dph), were decompressed to assess vulnerability to barotrauma and identify initial swim bladder inflation. Barotrauma related injury and mortality were first observed 9 dph, on the same day as initial exogenous feeding. However, barotrauma related injury did not occur again until swim bladder inflation 75 dph (visible from necropsy and x-ray radiographs). Swim bladder inflation was not consistent among individuals, with only 44% being inflated 91 dph. Additionally, swim bladder inflation did not appear to be size dependent among fish ranging in total length from 61-153 mm at 91 dph. The use of a combination of decompression tests and x-ray radiography was validated as a method to determine initial swim bladder inflation and vulnerability to barotrauma. Extending these techniques to other species and life history stages would help to determine fish susceptibility to hydroturbine passage and aid in fish conservation.

Brown, Richard S.; Cook, Katrina V.; Pflugrath, Brett D.; Rozeboom, Latricia L.; Johnson, Rachelle C.; McLellan, Jason; Linley, Timothy J.; Gao, Yong; Baumgartner, Lee J.; Dowell, Frederick E.; Miller, Erin A.; White, Timothy A.

2013-07-01T23:59:59.000Z

371

Systematic investigation of genetic vulnerabilities across cancer cell lines reveals lineage-specific dependencies in ovarian cancer  

E-Print Network (OSTI)

A comprehensive understanding of the molecular vulnerabilities of every type of cancer will provide a powerful roadmap to guide therapeutic approaches. Efforts such as The Cancer Genome Atlas Project will identify genes ...

Ren, Yin

372

The Vulnerability of Mobile Home Residents in Tornado Disasters: The 2008 Super Tuesday Tornado in Macon County, Tennessee  

Science Journals Connector (OSTI)

Mobile home residents are known to be highly vulnerable to tornadoes and account for a considerable portion of tornado-related fatalities. The problem is partially related to the limited protection provided by the structure; however, shortcomings ...

Philip L. Chaney; Greg S. Weaver

2010-07-01T23:59:59.000Z

373

Comparisons of complex network based models and direct current power flow model to analyze power grid vulnerability under intentional attacks  

Science Journals Connector (OSTI)

Abstract Many scholars have applied complex network based models to investigate power grid vulnerability, but how effective are these models to capture the real performance is an interesting topic. This paper selects two typical complex network based models, including a purely topological model (PTM) and a betweenness based model (BBM), as well as a direct current power flow model (DCPFM), to simulate the topology-based and flow-based vulnerability of power grid under degree, betweenness, maximum traffic and importance based intentional attacks. The relationships of vulnerability results from different models are analyzed and discussed for model comparisons. Taking IEEE 300 power grid with line capacity set proportional to tolerant parameter tp as example, the results show that there exists a critical node attack intensity A I = 0.147 , above which the three models produce almost identical topology-based vulnerability results under each attack strategy at any t p ? 1 , while producing identical flow-based vulnerability results from PTM and DCPFM occurs at A I > 0.147 , and A I > 0.73 for BBM and DCPFM, which indicates that the PTM can better approach the DCPFM for flow-based vulnerability analysis under intentional attacks. Similar results are also found for intentional edge attacks and other power grids.

Min Ouyang; Lijing Zhao; Zhezhe Pan; Liu Hong

2014-01-01T23:59:59.000Z

374

Manufacturers of Noncompliant Products Agree to Civil Penalties to Resolve  

NLE Websites -- All DOE Office Websites (Extended Search)

Manufacturers of Noncompliant Products Agree to Civil Penalties to Manufacturers of Noncompliant Products Agree to Civil Penalties to Resolve Enforcement Actions Manufacturers of Noncompliant Products Agree to Civil Penalties to Resolve Enforcement Actions July 1, 2013 - 11:17am Addthis The Department of Energy has settled civil penalty actions it initiated against nine companies for the manufacture and sale in the United States of products that fail to meet federal energy conservation standards. The covered consumer products and commercial/industrial equipment found in violation included automatic commercial ice makers, distribution transformers, external power supplies, showerheads and lighting products. The companies ceased all sales within the United States of the products that violated federal energy conservation standards.

375

Manufacturers of Noncompliant Products Agree to Civil Penalties to Resolve  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Manufacturers of Noncompliant Products Agree to Civil Penalties to Manufacturers of Noncompliant Products Agree to Civil Penalties to Resolve Enforcement Actions Manufacturers of Noncompliant Products Agree to Civil Penalties to Resolve Enforcement Actions July 1, 2013 - 11:17am Addthis The Department of Energy has settled civil penalty actions it initiated against nine companies for the manufacture and sale in the United States of products that fail to meet federal energy conservation standards. The covered consumer products and commercial/industrial equipment found in violation included automatic commercial ice makers, distribution transformers, external power supplies, showerheads and lighting products. The companies ceased all sales within the United States of the products that violated federal energy conservation standards.

376

An avalanche-photodiode-based photon-number-resolving detector  

E-Print Network (OSTI)

Avalanche photodiodes are widely used as practical detectors of single photons.1 Although conventional devices respond to one or more photons, they cannot resolve the number in the incident pulse or short time interval. However, such photon number resolving detectors are urgently needed for applications in quantum computing,2-4 communications5 and interferometry,6 as well as for extending the applicability of quantum detection generally. Here we show that, contrary to current belief,3,4 avalanche photodiodes are capable of detecting photon number, using a technique to measure very weak avalanches at the early stage of their development. Under such conditions the output signal from the avalanche photodiode is proportional to the number of photons in the incident pulse. As a compact, mass-manufactured device, operating without cryogens and at telecom wavelengths, it offers a practical solution for photon number detection.

B. E. Kardynal; Z. L. Yuan; A. J. Shields

2008-07-02T23:59:59.000Z

377

Argonne CNM News: Time-Resolved Measurements Show Colloidal Nanoplatelets  

NLE Websites -- All DOE Office Websites (Extended Search)

Time-Resolved Measurements Show Colloidal Nanoplatelets Act Like Quantum Wells Time-Resolved Measurements Show Colloidal Nanoplatelets Act Like Quantum Wells TEM image of CdSe nanoplatelets Schematic and transmission electron microscope (TEM) image of CdSe nanoplatelets with a thickness of 5 monolayers. The relaxation of high-energy carriers (electrons and holes) in colloidal nanoplatelets have been measured by researchers in the Nanophotonics Group at the Center for Nanoscale Materials, working with colleagues at the University of Chicago. The measurements show that the carriers behave like carriers in quantum wells. Quantum wells have found widespread application in optoelectronics, and the new results suggest that colloidal nanoplatelets should find similar applications, with the added advantage that they can be produced at low cost and in large quantities.

378

State-Resolved Rotational Excitation in HD + HD Collisions  

Science Journals Connector (OSTI)

A novel pulsed-molecular-beam technique has been used to measure differential cross sections for state-resolved rotational transitions in HD + HD collisions. Inelastic transition probabilities are reported for the rotation-energy-level transitions JAJB=00?JA?JB?=(10, 01), 11, and (20, 02) at a center-of-mass scattering angle at 90° and at several collision energies. A brief description of the apparatus is provided.

W. Ronald Gentry and Clayton F. Giese

1977-11-14T23:59:59.000Z

379

Thought Experiment to resolve the Black Hole Information Paradox  

E-Print Network (OSTI)

We propose a combination of two mechanisms that can resolve the black hole information paradox. The first process is that the black hole shrinks by a first order transition, since we assume the entropy is discontinuous. The black hole disappears. The second type of processes conserves unitarity. We assume that within the black hole micro-reversible quantum mechanical processes take place. These are ordinary particle processes, e.g. the decay of an electron and a positron into two photons.

Kay zum Felde

2014-07-22T23:59:59.000Z

380

Photon-number-resolving detector with 10 bits of resolution  

SciTech Connect

A photon-number-resolving detector with single-photon resolution is described and demonstrated. It has 10 bits of resolution, does not require cryogenic cooling, and is sensitive to near ir wavelengths. This performance is achieved by flood illuminating a 32x32 element In{sub x}Ga{sub 1-x}AsP Geiger-mode avalanche photodiode array that has an integrated counter and digital readout circuit behind each pixel.

Jiang, Leaf A.; Dauler, Eric A.; Chang, Joshua T

2007-06-15T23:59:59.000Z

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


381

Time-Resolved Study of Bonding in Liquid Carbon  

NLE Websites -- All DOE Office Websites (Extended Search)

Time-Resolved Study of Bonding in Liquid Carbon Print Time-Resolved Study of Bonding in Liquid Carbon Print We are accustomed to observing carbon in its elemental form as a solid, ranging from the soft "lead" in pencils to the precious gemstone in diamond rings. While considerable attention has been focused on solid forms of carbon, the properties of liquid carbon are much more difficult to measure accurately. The very strong bonding between carbon atoms that gives diamonds their hardness also makes carbon very difficult to melt, requiring temperatures above 5000 K at pressures above 100 bar. Maintaining such conditions in a laboratory is a challenge that has hampered efforts to fully understand the chemical bonding properties of this biologically, industrially, and environmentally important element. At the ALS, researchers have found a way to rapidly heat a carbon sample and contain the resulting liquid long enough to perform picosecond time-resolved x-ray absorption spectroscopy. The technique provides a way to measure the bonding properties of liquid carbon at near-solid densities that can then be compared with results from molecular dynamics simulations.

382

Time-Resolved Study of Bonding in Liquid Carbon  

NLE Websites -- All DOE Office Websites (Extended Search)

Time-Resolved Study of Bonding in Liquid Carbon Print Time-Resolved Study of Bonding in Liquid Carbon Print We are accustomed to observing carbon in its elemental form as a solid, ranging from the soft "lead" in pencils to the precious gemstone in diamond rings. While considerable attention has been focused on solid forms of carbon, the properties of liquid carbon are much more difficult to measure accurately. The very strong bonding between carbon atoms that gives diamonds their hardness also makes carbon very difficult to melt, requiring temperatures above 5000 K at pressures above 100 bar. Maintaining such conditions in a laboratory is a challenge that has hampered efforts to fully understand the chemical bonding properties of this biologically, industrially, and environmentally important element. At the ALS, researchers have found a way to rapidly heat a carbon sample and contain the resulting liquid long enough to perform picosecond time-resolved x-ray absorption spectroscopy. The technique provides a way to measure the bonding properties of liquid carbon at near-solid densities that can then be compared with results from molecular dynamics simulations.

383

Time-Resolved Study of Bonding in Liquid Carbon  

NLE Websites -- All DOE Office Websites (Extended Search)

Time-Resolved Study of Bonding in Liquid Carbon Print Time-Resolved Study of Bonding in Liquid Carbon Print We are accustomed to observing carbon in its elemental form as a solid, ranging from the soft "lead" in pencils to the precious gemstone in diamond rings. While considerable attention has been focused on solid forms of carbon, the properties of liquid carbon are much more difficult to measure accurately. The very strong bonding between carbon atoms that gives diamonds their hardness also makes carbon very difficult to melt, requiring temperatures above 5000 K at pressures above 100 bar. Maintaining such conditions in a laboratory is a challenge that has hampered efforts to fully understand the chemical bonding properties of this biologically, industrially, and environmentally important element. At the ALS, researchers have found a way to rapidly heat a carbon sample and contain the resulting liquid long enough to perform picosecond time-resolved x-ray absorption spectroscopy. The technique provides a way to measure the bonding properties of liquid carbon at near-solid densities that can then be compared with results from molecular dynamics simulations.

384

LOCA with consequential or delayed LOOP accidents: Unique issues, plant vulnerability, and CDF contributions  

SciTech Connect

A loss-of-coolant accident (LOCA) can cause a loss-of-offsite power (LOOP) wherein the LOOP is usually delayed by few seconds or longer. Such an accident is called LOCA with consequential LOOP, or LOCA with delayed LOOP (here, abbreviated as LOCA/LOOP). This paper analyzes the unique conditions that are associated with a LOCA/LOOP, presents a model, and quantifies its contribution to core damage frequency (CDF). The results show that the CDF contribution can be a dominant contributor to risk for certain plant designs, although boiling water reactors (BWRs) are less vulnerable than pressurized water reactors (PWRs).

Martinez-Guridi, G.; Samanta, P.; Chu, L.; Yang, J.

1998-08-01T23:59:59.000Z

385

Genomic and biochemical approaches in the discovery of mechanisms for selective neuronal vulnerability to oxidative stress  

E-Print Network (OSTI)

ral ssBioMed CentBMC Neuroscience Open AcceResearch article Genomic and biochemical approaches in the discovery of mechanisms for selective neuronal vulnerability to oxidative stress Xinkun Wang*1,2, Asma Zaidi2,3, Ranu Pal1,2, Alexander S Garrett4...: Daiichi Sankyo Inc., Two Hilton Court, Parsippany, NJ 07054, USA Email: Xinkun Wang* - xwang@ku.edu; Asma Zaidi - azaidi@kcumb.edu; Ranu Pal - ranupal@ku.edu; Alexander S Garrett - asg@stowers- institute.org; Rogelio Braceras - rbraceras@dsus.com; Xue...

Wang, Xinkun; Zaidi, Asma; Pal, Ranu; Garrett, Alexander S.; Braceras, Rogelio; Chen, Xue-wen; Michaelis, Mary L.; Michaelis, Elias K.

2009-02-19T23:59:59.000Z

386

FRONTIER, MAGNETIC, ELLIPSOMETRIC AND TIME-RESOLVED INFRARED SPECTROSCOPY (FIS + MET)  

E-Print Network (OSTI)

FRONTIER, MAGNETIC, ELLIPSOMETRIC AND TIME-RESOLVED INFRARED SPECTROSCOPY (FIS + MET) SCIENTIFIC-resolved Frontier Infrared Spectroscopy (FIS) and Magnetic, Ellipsometric and Time-Resolved Infrared Spectroscopy Beamline Team STAFF Larry Carr: MET lead beamline scientist Zhenxian Liu (CIW): FIS lead beamline scientist

Ohta, Shigemi

387

Optimization strategies for the vulnerability analysis of the electric power grid.  

SciTech Connect

Identifying small groups of lines, whose removal would cause a severe blackout, is critical for the secure operation of the electric power grid. We show how power grid vulnerability analysis can be studied as a mixed integer nonlinear programming (minlp) problem. Our analysis reveals a special structure in the formulation that can be exploited to avoid nonlinearity and approximate the original problem as a pure combinatorial problem. The key new observation behind our analysis is the correspondence between the Jacobian matrix (a representation of the feasibility boundary of the equations that describe the flow of power in the network) and the Laplacian matrix in spectral graph theory (a representation of the graph of the power grid). The reduced combinatorial problem is known as the network inhibition problem, for which we present a mixed integer linear programming formulation. Our experiments on benchmark power grids show that the reduced combinatorial model provides an accurate approximation, to enable vulnerability analyses of real-sized problems with more than 10,000 power lines.

Meza, Juan C. (Lawrence Berkeley National Laboratory); Pinar, Ali; Lesieutre, Bernard (Lawrence Berkeley National Laboratory); Donde, Vaibhav (ABB Inc., Raleigh NC)

2009-03-01T23:59:59.000Z

388

Climate Change Vulnerability and Resilience: Current Status and Trends for Mexico  

SciTech Connect

Climate change alters different localities on the planet in different ways. The impact on each region depends mainly on the degree of vulnerability that natural ecosystems and human-made infrastructure have to changes in climate and extreme meteorological events, as well as on the coping and adaptation capacity towards new environmental conditions. This study assesses the current resilience of Mexico and Mexican states to such changes, as well as how this resilience will look in the future. In recent studies (Moss et al. 2000, Brenkert and Malone 2005, Malone and Brenket 2008, Ibarrarán et al. 2007), the Vulnerability-Resilience Indicators Model (VRIM) is used to integrate a set of proxy variables that determine the resilience of a region to climate change. Resilience, or the ability of a region to respond to climate variations and natural events that result from climate change, is given by its adaptation and coping capacity and its sensitivity. On the one hand, the sensitivity of a region to climate change is assessed, emphasizing its infrastructure, food security, water resources, and the health of the population and regional ecosystems. On the other hand, coping and adaptation capacity is based on the availability of human resources, economic capacity and environmental capacity.

Ibarraran , Maria E.; Malone, Elizabeth L.; Brenkert, Antoinette L.

2008-12-30T23:59:59.000Z

389

Time-resolved fluorescence decay measurements for flowing particles  

DOE Patents (OSTI)

Time-resolved fluorescence decay measurements for flowing particles. An apparatus and method for the measurement and analysis of fluorescence for individual cells and particles in flow are described, wherein the rapid measurement capabilities of flow cytometry and the robust measurement and analysis procedures of time-domain fluorescence lifetime spectroscopy are combined. A pulse-modulated cw laser is employed for excitation of the particles. The characteristics and the repetition rate of the excitation pulses can be readily adjusted to accommodate for fluorescence decays having a wide range of lifetimes.

Deka, Chiranjit (Miami, FL); Steinkamp, John A. (Los Alamos, NM)

1999-01-01T23:59:59.000Z

390

Time-resolved fluorescence decay measurements for flowing particles  

DOE Patents (OSTI)

Time-resolved fluorescence decay measurements are disclosed for flowing particles. An apparatus and method for the measurement and analysis of fluorescence for individual cells and particles in flow are described, wherein the rapid measurement capabilities of flow cytometry and the robust measurement and analysis procedures of time-domain fluorescence lifetime spectroscopy are combined. A pulse-modulated CW laser is employed for excitation of the particles. The characteristics and the repetition rate of the excitation pulses can be readily adjusted to accommodate for fluorescence decays having a wide range of lifetimes. 12 figs.

Deka, C.; Steinkamp, J.A.

1999-06-01T23:59:59.000Z

391

Vibrationally resolved photoelectron-spin-polarization spectroscopy of HI molecules  

Science Journals Connector (OSTI)

The photoemission from HI is studied separately for different vibrational levels of the ?2 final ionic states using spin-resolved photoelectron spectroscopy with circularly polarized light. Constant-ionic-state measurements of the cross sections ? and the polarization parameters A indicate that all channels are strongly influenced by autoionization resonances. By combining these data, sums of partial contributions to ? are analyzed in detail to obtain specific information on the coupling of the resonances to the outgoing partial waves ??. Apart from generally similar trends, the results show pronounced variations for different vibrational levels.

N. Böwering; M. Salzmann; M. Müller; H.-W. Klausing; U. Heinzmann

1992-01-01T23:59:59.000Z

392

Variational theory for site resolved protein folding free energy surfaces  

E-Print Network (OSTI)

We present a microscopic variational theory for the free energy surface of a fast folding protein that allows folding kinetics to be resolved to the residue level using Debye-Waller factors as local order parameters. We apply the method to lambda-repressor and compare with site directed mutagenesis experiments. The formation of native structure and the free energy profile along the folding route are shown to be well described by the capillarity approximation but with some fine structure due to local folding topology.

John J. Portman; Shoji Takada; Peter G. Wolynes

1999-01-18T23:59:59.000Z

393

The Dark Energy Survey: Prospects for Resolved Stellar Populations  

Wide angle and deep surveys, regardless of their primary purpose, always sample a large number of stars in the Galaxy and in its satellite system. We here make a forecast of the expected stellar sample resulting from the Dark Energy Survey and the perspectives that it will open for studies of Galactic structure and resolved stellar populations in general. An estimated 1.2 x 10{sup 8} stars will be sampled in DES grizY filters in the southern equatorial hemisphere. This roughly corresponds to 20% of all DES sources. Most of these stars belong to the stellar thick disk and halo of the Galaxy.

Rossetto, Bruno M [Rio de Janeiro Observ.; Santiago, Basilio X [Rio Grande do Sul U.; Rio de Janeiro Observ.; Girardi, Leo [Padua Observ.; Rio de Janeiro Observ.; Camargo, Julio I.B. [Rio de Janeiro Observ.; Balbinot, Eduardo [Rio Grande do Sul U.; Rio de Janeiro Observ.; da Costa, Luiz N [Rio de Janeiro Observ.; Yanny, Brian [Fermilab; Maia, Marcio A.G. [Rio de Janeiro Observ.; Makler, Martin [Rio de Janeiro, CBPF; Rio de Janeiro Observ.; Ogando, Ricardo L.C. [Rio de Janeiro Observ.; Pellegrini, Paulo S [Rio de Janeiro Observ.; Rio de Janeiro Observ.

2011-05-06T23:59:59.000Z

394

Experimental Time Resolved Electron Beam Temperature Measurements Using Bremsstrahlung Diagnostics  

SciTech Connect

Electron beam temperature, {beta}{perpendicular} (= v{perpendicular}/v), is important to control for the development of high dose flash radiographic bremsstrahlung sources. At high voltage (> 5 MV) increasing electron beam temperature has a serious deleterious effect on dose production. The average and time resolved behavior of beam temperature was measured during radiographic experiments on the HERMES III accelerator (10 MV, 50 kA, 70 ns). A linear array of thermoluminescent dosimeters (TLDs) were used to estimate the time integrated average of beam temperature. On and off-axis photoconducting diamond (PCD) detectors were used to measure the time resolved bremsstrahlung dose rate, which is dependent on beam energy and temperature. The beam temperature can be determined by correlating PCD response with accelerator voltage and current and also by analyzing the ratio of PCD amplitudes on and off axis. This ratio is insensitive to voltage and current and thus, is more reliable than utilizing absolute dose rate. The data is unfolded using comparisons with Monte Carlo simulations to obtain absolute beam temperatures. The data taken on HERMES III show abrupt increases in {beta}{perpendicular} midway through the pulse indicating rapid onset of beam instability.

Menge, P.R.; Maenchen, J.E.; Mazarakis, M.G.; Rosenthal, S.E.

1999-06-25T23:59:59.000Z

395

The CLIMIX model: A tool to create and evaluate spatially-resolved scenarios of photovoltaic and wind power development  

Science Journals Connector (OSTI)

Abstract Renewable energies arise as part of both economic development plans and mitigation strategies aimed at abating climate change. Contrariwise, most renewable energies are potentially vulnerable to climate change, which could affect in particular solar and wind power. Proper evaluations of this two-way climate–renewable energy relationship require detailed information of the geographical location of the renewable energy fleets. However, this information is usually provided as total amounts installed per administrative region, especially with respect to future planned installations. To help overcome this limiting issue, the objective of this contribution was to develop the so-called CLIMIX model: a tool that performs a realistic spatial allocation of given amounts of both photovoltaic (PV) and wind power installed capacities and evaluates the energy generated under varying climate conditions. This is done over a regular grid so that the created scenarios can be directly used in conjunction with outputs of climate models. First, we used the 0.44° resolution grid defined for the EURO-CORDEX project and applied the CLIMIX model to spatially allocate total amounts of both unreported 2012 and future 2020 PV and wind power installations in Europe at the country level. Second, we performed a validation exercise using the various options for estimating PV and wind power production under the created scenarios that are included in the model. The results revealed an acceptable agreement between the estimated and the recorded power production values in every European country. Lastly, we estimated increases in power production derived from the future deployment of new renewable units, often obtaining non-direct relationships. This latter further emphasizes the need of accurate spatially-resolved PV and wind power scenarios in order to perform reliable estimations of power production.

S. Jerez; F. Thais; I. Tobin; M. Wild; A. Colette; P. Yiou; R. Vautard

2015-01-01T23:59:59.000Z

396

GAO-06-838R Contract Management: DOD Vulnerabilities to Contracting Fraud, Waste, and Abuse  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Accountability Office Accountability Office ington, DC 20548 Wash July 7, 2006 The Honorable John Warner Chairman The Honorable Carl Levin Ranking Member Committee on Armed Services United States Senate The Honorable Duncan Hunter Chairman The Honorable Ike Skelton Ranking Member Committee on Armed Services House of Representatives Subject: Contract Management: DOD Vulnerabilities to Contracting Fraud, Waste, and Abuse In recent years, the Department of Defense (DOD) has increasingly relied on goods and services provided by the private sector under contract. Since fiscal year 2000, DOD's contracting for goods and services has nearly doubled, and this trend is expected to continue. In fiscal year 2005 alone, DOD obligated nearly $270 billion on contracts for goods and services. Given the

397

February 13, 1995, Board announcement of a Public Meeting on the DOE Plutonium Vulnerability Study  

NLE Websites -- All DOE Office Websites (Extended Search)

§552b), §552b), notice is hereby given of the following Board meeting and staff briefing: FEDERAL REGISTER CITATION OF PREVIOUS ANNOUNCEMENT: Previously announced in the February 14, 1995, Federal Register. PREVIOUSLY ANNOUNCED TIME AND DATE OF THE MEETING: 2:00 p.m., February 21, 1995. CHANGES IN THE MEETING: The Board is broadening the scope of matters to be considered by adding the following information: The Board will also convene a panel of nationally-recognized experts to discuss the DOE Plutonium Vulnerability Study and to address questions that may arise from the results of this study. CONTACT PERSON FOR MORE INFORMATION: Robert M. Andersen, General Counsel, Defense Nuclear Facilities Safety Board, 625 Indiana Avenue, N.W., Suite 700, Washington, D.C. 20004, (202) 208-6387.

398

Chemistry Resolved Kinetic Flow Modeling of TATB Based Explosives  

SciTech Connect

Detonation waves in insensitive, TATB based explosives are believed to have multi-time scale regimes. The initial burn rate of such explosives has a sub-microsecond time scale. However, significant late-time slow release in energy is believed to occur due to diffusion limited growth of carbon. In the intermediate time scale concentrations of product species likely change from being in equilibrium to being kinetic rate controlled. They use the thermo-chemical code CHEETAH linked to an ALE hydrodynamics code to model detonations. They term their model chemistry resolved kinetic flow as CHEETAH tracks the time dependent concentrations of individual species in the detonation wave and calculates EOS values based on the concentrations. A HE-validation suite of model simulations compared to experiments at ambient, hot, and cold temperatures has been developed. They present here a new rate model and comparison with experimental data.

Vitello, P A; Fried, L E; Howard, W M; Levesque, G; Souers, P C

2011-07-21T23:59:59.000Z

399

2D-3D transition of gold cluster anions resolved  

Science Journals Connector (OSTI)

Small gold cluster anions Aun? are known for their unusual two-dimensional (2D) structures, giving rise to properties very different from those of bulk gold. Previous experiments and calculations disagree about the number of gold atoms nc where the transition to 3D structures occurs. We combine trapped ion electron diffraction and state of the art electronic structure calculations to resolve this puzzle and establish nc=12. It is shown that theoretical studies using traditional generalized gradient functionals are heavily biased towards 2D structures. For a correct prediction of the 2D-3D crossover point it is crucial to use density functionals yielding accurate jellium surface energies, such as the Tao-Perdew-Staroverov-Scuseria (TPSS) functional or the Perdew-Burke-Ernzerhof functional modified for solids (PBEsol). Further, spin-orbit effects have to be included, and large, flexible basis sets employed. This combined theoretical-experimental approach is promising for larger gold and other metal clusters.

Mikael P. Johansson; Anne Lechtken; Detlef Schooss; Manfred M. Kappes; Filipp Furche

2008-05-19T23:59:59.000Z

400

Spectrally resolved motional Stark effect measurements on ASDEX Upgrade  

SciTech Connect

A spectrally resolved Motional Stark Effect (MSE) diagnostic has been installed at ASDEX Upgrade. The MSE data have been fitted by a forward model providing access to information about the magnetic field in the plasma interior [R. Reimer, A. Dinklage, J. Geiger et al., Contrib. Plasma Phys. 50, 731–735 (2010)]. The forward model for the beam emission spectra comprises also the fast ion D{sub ?} signal [W. W. Heidbrink and G. J. Sadler, Nucl. Fusion 34, 535–615 (1994)] and the smearing on the CCD-chip. The calculated magnetic field data as well as the revealed (dia)magnetic effects are consistent with the results from equilibrium reconstruction solver. Measurements of the direction of the magnetic field are affected by unknown and varying polarization effects in the observation.

Reimer, R.; Dinklage, A.; Wolf, R. [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Teilinstitut Greifswald, Wendelsteinstraße 1, 17491 Greifswald (Germany)] [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Teilinstitut Greifswald, Wendelsteinstraße 1, 17491 Greifswald (Germany); Fischer, R.; Hobirk, J.; Löbhard, T.; Mlynek, A.; Reich, M. [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Boltzmannstraße 2, 85748 Garching (Germany)] [Max-Planck-Institut für Plasmaphysik, EURATOM Association, Boltzmannstraße 2, 85748 Garching (Germany); Sawyer, L. [Department of Physics and Astronomy, University of Sheffield, Sheffield S3 7RH (United Kingdom)] [Department of Physics and Astronomy, University of Sheffield, Sheffield S3 7RH (United Kingdom); Collaboration: ASDEX Upgrade

2013-11-15T23:59:59.000Z

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


401

Theoretical description of spin-resolved appearance potential spectroscopy  

Science Journals Connector (OSTI)

A theoretical description of spin-resolved appearance potential spectroscopy is presented on the basis of a single-particle description of the underlying electronic structure. The final expression for the signal intensity turns out to be essentially a cross-section-weighted self-convolution of the density of states above the Fermi energy, in close analogy to the result for core-valence-valence Auger electron spectroscopy. Application of the formalism presented to bcc Fe and fcc Ni leads to results in very satisfying agreement with corresponding experimental data. Because this is achieved only by treating the involved transition matrix elements in a proper way, their properties are discussed in some detail.

H. Ebert and V. Popescu

1997-11-15T23:59:59.000Z

402

Rotationally resolved threshold photoionization of H{sub 2}S  

SciTech Connect

With the recent development of zero kinetic energy threshold photoelectron spectroscopy (ZEKE-PES) it is now possible to take advantage of the high resolution capabilities of laser radiation and measure the rotational distributions of many small cations produced via photoionization. We have used threshold photoelectron spectroscopy in conjunction with a VUV laser source to probe the rotational distributions of several molecular cations following one- photon VUV photoionization. Spectra are obtained by the delayed, pulsed field ionization (PFI) method which is a variant of the ZEKE- PES technique. In this paper, we report on the rotationally-resolved threshold photoelectron spectra of the non-linear triatomic H{sub 2}S. These measurements are an extension of our earlier study on H{sub 2}O which provided the first look at the symmetry properties of allowed rotational transitions in the photoionization of non-linear molecules.

Wiedmann, R.T.; White, M.G.

1991-12-31T23:59:59.000Z

403

Rotationally resolved threshold photoionization of H sub 2 S  

SciTech Connect

With the recent development of zero kinetic energy threshold photoelectron spectroscopy (ZEKE-PES) it is now possible to take advantage of the high resolution capabilities of laser radiation and measure the rotational distributions of many small cations produced via photoionization. We have used threshold photoelectron spectroscopy in conjunction with a VUV laser source to probe the rotational distributions of several molecular cations following one- photon VUV photoionization. Spectra are obtained by the delayed, pulsed field ionization (PFI) method which is a variant of the ZEKE- PES technique. In this paper, we report on the rotationally-resolved threshold photoelectron spectra of the non-linear triatomic H{sub 2}S. These measurements are an extension of our earlier study on H{sub 2}O which provided the first look at the symmetry properties of allowed rotational transitions in the photoionization of non-linear molecules.

Wiedmann, R.T.; White, M.G.

1991-01-01T23:59:59.000Z

404

Spatially Resolved STIS Spectroscopy of Betelgeuse's Outer Atmosphere  

E-Print Network (OSTI)

We present spatially resolved spectra observed with HST-STIS of the upper chromosphere and dust envelope of Alpha Orionis (M2 Iab). In the fall of 2002 a set of five high-resolution near-UV spectra was obtained by scanning at intensity peak-up position and four off-limb target positions up to one arcsecond, using a small aperture, to investigate the thermal conditions and flow dynamics in the outer atmosphere of this important nearby cool supergiant star. Based on Mg II h & k, Fe II 2716 A, C II 2327 A, and Al II ] 2669 A emission lines we provide the first evidence for the presence of warm chromospheric plasma at least 1 arcsecond away from the star at ~40 R* (1 R*~700 Rsun). The STIS spectra reveal that Betelgeuse's upper chromosphere extends far beyond the circumstellar H alpha envelope of ~5 R*, determined from previous ground-based imaging. The flux in the broad and self-absorbed resonance lines of Mg II decreases by a factor of ~700 compared to the flux at chromospheric disk center. We observe strong asymmetry changes in the Mg II h and Si I resonance line profiles when scanning off-limb, signaling the outward acceleration of gas outflow in the upper chromosphere. From the radial intensity distributions of Fe I and Fe II emission lines we determine the radial non-LTE iron ionization balance. We compute that the local kinetic gas temperatures of the warm chromospheric gas component in the outer atmosphere exceed 2600 K, when assuming local gas densities of the cool gas component we determine from radiative transfer models that fit the 9.7 um silicate dust emission feature. The spatially resolved STIS spectra directly demonstrate that warm chromospheric plasma co-exisists with cool gas in Betelgeuse's circumstellar dust envelope.

A. Lobel; J. Aufdenberg; A. K. Dupree; R. L. Kurucz; R. P. Stefanik; G. Torres

2003-12-03T23:59:59.000Z

405

Women and Sustainability: Creating Community based literacy for climate solutions Women are particularly vulnerable to economic downturns and the impacts of climate change may  

E-Print Network (OSTI)

Accord (2009) acknowledges disproportionate impacts of climate change on women in developing countries are particularly vulnerable to economic downturns and the impacts of climate change may increase that vulnerability. Water is the biggest limiting factor in Colorado and climate change is anticipated to reduce its

Boone, Randall B.

406

Tropical coasts are highly vulnerable to climatic pressures, the future impacts of which are projected to propagate  

E-Print Network (OSTI)

Tropical coasts are highly vulnerable to climatic pressures, the future impacts of which are projected to propagate through the natural and human components of coastal systems. One single event (e the resilience of the whole system. Risks related to climate change are frequently examined in isolation through

Boyer, Edmond

407

Limiting sediment deposition on roadways: topographic controls on vulnerable roads and cost analysis of planting grass buffer  

E-Print Network (OSTI)

Limiting sediment deposition on roadways: topographic controls on vulnerable roads and cost and summer storms lead to large scale sediment deposition on roadways, and cleanup costs are a major concern characteristics which control sediment deposition on roadways in order to compare the cost of planting grass

Boyer, Edmond

408

Combining particle-tracking and geochemical data to assess public supply well vulnerability to arsenic and uranium q  

E-Print Network (OSTI)

. Bhattacharya, Associate Editor Keywords: Vulnerability Particle-tracking Arsenic Uranium Classification tree through aquifer systems and also through specific redox and pH zones within aquifers. Time were generally strongest for variables computed for distinct redox zones. Classification tree analysis

409

Hydrodynamic simulation of movement of larval fishes in western Lake Erie and their vulnerability to power plant entrainment  

Science Journals Connector (OSTI)

A three-dimensional, time-dependent transport model for yellow perch larvae in western Lake Erie is presented. The model is used to predict the vulnerability of larvae spawned in different sections of Michigan waters to entrainment by the Detroit Edison ...

John F. Paul; Richard L. Patterson

1977-12-01T23:59:59.000Z

410

The waters of Southeastern Wisconsin are vast but vulnerable. We depend on our waters for drinking water, irrigation, industry, transportation,  

E-Print Network (OSTI)

The waters of Southeastern Wisconsin are vast but vulnerable. We depend on our waters for drinking for drinking water is rising in the United States and around the world due to population growth. At the same water, irrigation, industry, transportation, power production, recreation and scenic beauty

Saldin, Dilano

411

E-Print Network 3.0 - angled-resolved photoelectron spectroscopy...  

NLE Websites -- All DOE Office Websites (Extended Search)

state was visible by angle-resolved valence band photoelectron spectroscopy, and that the LEED... -dependence of the ... Source: Ortega, Enrique - Donostia International Physics...

412

Protein crystallography with spallation neutrons: collecting and processing wavelength-resolved Laue protein data  

Science Journals Connector (OSTI)

Methods for collecting and processing wavelength-resolved Laue data at the protein crystallography station at Los Alamos Neutron Science Center have been developed.

Langan, P.

2004-03-17T23:59:59.000Z

413

Human Cardiac High-Energy Phosphate Metabolite Concentrationsby ID-Resolved NMR Spectroscopy  

E-Print Network (OSTI)

Human Cardiac High-Energy Phosphate Metabolite Concentrationsby ID-Resolved NMR Spectroscopy Paul A myocytes can contribute no metabolite signal to the observed spectrum, the hypoth- esis

Atalar, Ergin

414

EGR Spatial Uniformity & Cylinder-Resolved Transients-Measurements using an Absorption Spectroscopy Probe  

Energy.gov (U.S. Department of Energy (DOE))

This poster describes development and application of an EGR probe for assessing steady-state spatial uniformity and cylinder-resolved EGR dynamics.

415

E-Print Network 3.0 - applying spatially resolved Sample Search...  

NLE Websites -- All DOE Office Websites (Extended Search)

Mining, Modelling and Management, Vol. 1, No. 1, 2008 103 A relational perspective on spatial data mining Summary: that must be resolved before the relational approach can be...

416

E-Print Network 3.0 - angle-resolved photoemission extended Sample...  

NLE Websites -- All DOE Office Websites (Extended Search)

photoemission evidence for a Gd(0001) surface state Dongqi Lia, C.W. Hutchings... April 1991. Available online 31 July 2002. Abstract From angle resolved photoemission we have...

417

Solar Energy Conversion Processes in Nanostructured Materials Studied via Time-Resolved THz Spectroscopy  

Science Journals Connector (OSTI)

We discuss time-resolved THz spectroscopy measurements for three important solar energy conversion approaches; (1) electronically coupled semiconductor nanocrystals, (2) a bulk...

Beard, Matt; Blackburn, Jeffery; Heben, Michael; Ai, Xin; Rumbles, Garry; Ellingson, Randy J; Nozik, Arthur J

418

E-Print Network 3.0 - antibody-based time-resolved fluorescence...  

NLE Websites -- All DOE Office Websites (Extended Search)

Pt-coproporphyrin; Homo- geneous immunoassay; Polychlorinated dibenzo-p-dioxins; Time-resolved... a monoclonal antibody-based ELISA test (5-8). The optimized assay...

419

Spectrally Resolved Magnetic Resonance Imaging of the XenonBiosensor  

SciTech Connect

Due to its ability to non-invasively record images, as well as elucidate molecular structure, nuclear magnetic resonance is the method of choice for applications as widespread as chemical analysis and medical diagnostics. Its detection threshold is, however, limited by the small polarization of nuclear spins in even the highest available magnetic fields. This limitation can, under certain circumstances, be alleviated by using hyper-polarized substances. Xenon biosensors make use of the sensitivity gain of hyperpolarized xenon to provide magnetic resonance detection capability for a specific low-concentration target. They consist of a cryptophane cage, which binds one xenon atom, and which has been connected via a linker to a targeting moiety such as a ligand or antibody. Recent work has shown the possibility of using the xenon biosensor to detect small amounts of a substance in a heterogeneous environment by NMR. Here, we demonstrate that magnetic resonance (MR) provides the capability to obtain spectrally and spatially resolved images of the distribution of immobilized biosensor, opening the possibility for using the xenon biosensor for targeted imaging.

Hilty, Christian; Lowery, Thomas; Wemmer, David; Pines, Alexander

2005-07-15T23:59:59.000Z

420

PERSPECTIVE Resolving the biodiversity paradox James S. Clark,1,2,3  

E-Print Network (OSTI)

IDEA AND PERSPECTIVE Resolving the biodiversity paradox James S. Clark,1,2,3 * Mike Dietze,1 The paradox of biodiversity involves three elements, (i) mathematical models predict that species must differ-dimensional tradeoffs nor neutrality can resolve the biodiversity paradox, in part by showing that they do not properly

Agarwal, Pankaj K.

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


421

Time-Resolved Small-Angle Neutron Scattering Study of Polyethylene Crystallization from Solution  

E-Print Network (OSTI)

Time-Resolved Small-Angle Neutron Scattering Study of Polyethylene Crystallization from Solution-resolved small-angle neutron scattering (TR-SANS), the crystal- lization kinetics of polyethylene from deuterated of polyethylene crystallization from xylene solutions. One unique feature of this experimentation is that both

Wang, Howard "Hao"

422

Cloud Tracking in Cloud-Resolving Models R. S. Plant1  

E-Print Network (OSTI)

Cloud Tracking in Cloud-Resolving Models R. S. Plant1 1 Department of Meteorology, University. INTRODUCTION In recent years Cloud Resolving Models (CRMs) have become an increasingly important tool for CRM data, which allows one to investigate statistical prop- erties of the lifecycles of the "clouds

Plant, Robert

423

Guidelines for conducting vulnerability assessments. [Susceptibility of programs to unauthorized use of resources  

SciTech Connect

The US General Accounting Office and executive agency Inspectors General have reported losses of millions of dollars in government funds resulting from fraud, waste and error. The Administration and the Congress have initiated determined efforts to eliminate such losses from government programs and activities. Primary emphasis in this effort is on the strengthening of accounting and administrative controls. Accordingly, the Office of Management and Budget (OMB) issued Circular No. A-123, Internal Control Systems, on October 28, 1981. The campaign to improve internal controls was endorsed by the Secretary of Energy in a memorandum to Heads of Departmental Components, dated March 13, 1981, Subject: Internal Control as a Deterrent to Fraud, Waste and Error. A vulnerability assessment is a review of the susceptibility of a program or function to unauthorized use of resources, errors in reports and information, and illegal or unethical acts. It is based on considerations of the environment in which the program or function is carried out, the inherent riskiness of the program or function, and a preliminary evaluation as to whether adequate safeguards exist and are functioning.

Not Available

1982-06-01T23:59:59.000Z

424

Development of an ASTM standard guide on performing vulnerability assessments for nuclear facilities  

SciTech Connect

This paper describes an effort undertaken by subcommittee C26.12 (Safeguards) of the American Society for Testing and Materials (ASTM) to develop a standard guide for performing vulnerability assessments (VAs). VAs are performed to determine the effectiveness of safeguards and security systems for both domestic and international nuclear facilities. These assessments address a range of threats, including theft of nuclear material and sabotage, and use an array of methods. The approach to performing and documenting VAs is varied and is largely dependent upon the tools used to perform them. This diversity can lead to tools being misused, making validation of VAs more difficult. The development of a standard guide for performing VAs would, if generally accepted, alleviate these concerns. ASTM provides a forum for developing guides that includes a high level of peer review to assure that the result is acceptable to all potential users. Additionally, the ASTM is widely recognized for setting standards, and endorsement by the Society may increase the likelihood of acceptance by the nuclear community. The goal of this work is to develop a guide that is independent of the tools being used to perform the VA and applicable to the spectrum of threats described above.

Wilkey, D.D.

1995-09-01T23:59:59.000Z

425

A comparison of threats, vulnerabilities and management approaches in global seagrass bioregions  

Science Journals Connector (OSTI)

Global seagrass habitats are threatened by multiple anthropogenic factors. Effective management of seagrasses requires information on the relative impacts of threats; however, this information is rarely available. Our goal was to use the knowledge of experts to assess the relative impacts of anthropogenic activities in six global seagrass bioregions. The activities that threaten seagrasses were identified at an international seagrass workshop and followed with a web-based survey to collect seagrass vulnerability information. There was a global consensus that urban/industrial runoff, urban/port infrastructure development, agricultural runoff and dredging had the greatest impact on seagrasses, though the order of relative impacts varied by bioregion. These activities are largely terrestrially based, highlighting the need for marine planning initiatives to be co-ordinated with adjacent watershed planning. Sea level rise and increases in the severity of cyclones were ranked highest relative to other climate change related activities, but overall the five climate change activities were ranked low and experts were uncertain of their effects on seagrasses. The experts' preferred mechanism of delivering management outcomes were processes such as policy development, planning and consultation rather than prescriptive management tools. Our approach to collecting expert opinion provides the required data to prioritize seagrass management actions at bioregional scales.

Alana Grech; Katie Chartrand-Miller; Paul Erftemeijer; Mark Fonseca; Len McKenzie; Michael Rasheed; Helen Taylor; Rob Coles

2012-01-01T23:59:59.000Z

426

3.06 - Vulnerability of Solar Energy Resources under Climate Variability  

Science Journals Connector (OSTI)

Abstract Energy plays a very important role in society. It has been one of the main drivers in the organization of civilization and, before that, in evolution. The availability of relatively inexpensive energy could solve many other problems, for example supplying fresh water through desalination. An economy based on solar energy has been the dream of many for many years. It would be great to only depend on the freely distributed energy of the sun, which is available everywhere. While solar energy might include a wide range of potential energy sources, the solar energy considered here is restricted to solar concentrators, solar photovoltaics, and artificial solar chemical processes. After these are considered, both the related uncertainties and the possible range of climate variability are explored. Characteristics of the various technologies, uncertainties, and potential climate effects are also identified. An analysis explores the solar energy technologies, uncertainties, and vulnerabilities related to climate. Finally, an integrated analysis method of real options analysis provides a potential semiquantitative framework for discussion and interpretation.

D.J. LePoire

2013-01-01T23:59:59.000Z

427

A Detailed Survey on Various Aspects of SQL Injection: Vulnerabilities, Innovative Attacks, and Remedies  

E-Print Network (OSTI)

In today's world, Web applications play a very important role in individual life as well as in any country's development. Web applications have gone through a very rapid growth in the recent years and their adoption is moving faster than that was expected few years ago. Now-a-days, billions of transactions are done online with the aid of different Web applications. Though these applications are used by hundreds of people, in many cases the security level is weak, which makes them vulnerable to get compromised. In most of the scenarios, a user has to be identified before any communication is established with the backend database. An arbitrary user should not be allowed access to the system without proof of valid credentials. However, a crafted injection gives access to unauthorized users. This is mostly accomplished via SQL Injection input. In spite of the development of different approaches to prevent SQL injection, it still remains an alarming threat to Web applications. In this paper, we present a detailed ...

Kindy, Diallo Abdoulaye

2012-01-01T23:59:59.000Z

428

DOE Resolves Nearly One-Third of 27 Recently Filed Civil Penalty Cases |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolves Nearly One-Third of 27 Recently Filed Civil Penalty Resolves Nearly One-Third of 27 Recently Filed Civil Penalty Cases DOE Resolves Nearly One-Third of 27 Recently Filed Civil Penalty Cases September 23, 2010 - 5:14pm Addthis The Department has successfully resolved eight of the 27 enforcement cases brought just two weeks ago against companies for selling products without properly certifying their compliance with the Department's conservation standards. The swift resolution of nearly one-third of these cases reflects the central goal of the Department's enforcement effort - compliance with all aspects of the Department's regulations to ensure that consumers have the information they need to buy energy and cost saving products. Each of the eight companies responded promptly to the Department's notice, cooperated fully to resolve all issues, and committed to certifying

429

RESOLVED MAGNETIC FIELD MAPPING OF A MOLECULAR CLOUD USING GPIPS  

SciTech Connect

We present the first resolved map of plane-of-sky magnetic field strength for a quiescent molecular cloud. GRSMC 45.60+0.30 subtends 40 Multiplication-Sign 10 pc at a distance of 1.88 kpc, masses 16,000 M{sub Sun }, and exhibits no star formation. Near-infrared background starlight polarizations were obtained for the Galactic Plane Infrared Polarization Survey using the 1.8 m Perkins telescope and the Mimir instrument. The cloud area of 0.78 deg{sup 2} contains 2684 significant starlight polarizations for Two Micron All Sky Survey matched stars brighter than 12.5 mag in the H band. Polarizations are generally aligned with the cloud's major axis, showing an average position angle dispersion of 15 {+-} 2 Degree-Sign and polarization of 1.8 {+-} 0.6%. The polarizations were combined with Galactic Ring Survey {sup 13}CO spectroscopy and the Chandrasekhar-Fermi method to estimate plane-of-sky magnetic field strengths, with an angular resolution of 100 arcsec. The average plane-of-sky magnetic field strength across the cloud is 5.40 {+-} 0.04 {mu}G. The magnetic field strength map exhibits seven enhancements or 'magnetic cores'. These cores show an average magnetic field strength of 8.3 {+-} 0.9 {mu}G, radius of 1.2 {+-} 0.2 pc, intercore spacing of 5.7 {+-} 0.9 pc, and exclusively subcritical mass-to-flux ratios, implying their magnetic fields continue to suppress star formation. The magnetic field strength shows a power-law dependence on gas volume density, with slope 0.75 {+-} 0.02 for n{sub H{sub 2}} {>=}10 cm{sup -3}. This power-law index is identical to those in studies at higher densities, but disagrees with predictions for the densities probed here.

Marchwinski, Robert C.; Pavel, Michael D.; Clemens, Dan P., E-mail: robmarch@bu.edu, E-mail: pavelmi@bu.edu, E-mail: clemens@bu.edu [Institute for Astrophysical Research, Boston University, 725 Commonwealth Ave, Boston, MA 02215 (United States)

2012-08-20T23:59:59.000Z

430

RESOLVING THE RADIO SOURCE BACKGROUND: DEEPER UNDERSTANDING THROUGH CONFUSION  

SciTech Connect

We used the Karl G. Jansky Very Large Array to image one primary beam area at 3 GHz with 8'' FWHM resolution and 1.0 {mu}Jy beam{sup -1} rms noise near the pointing center. The P(D) distribution from the central 10 arcmin of this confusion-limited image constrains the count of discrete sources in the 1 < S({mu}Jy) < 10 range. At this level, the brightness-weighted differential count S {sup 2} n(S) is converging rapidly, as predicted by evolutionary models in which the faintest radio sources are star-forming galaxies; and Almost-Equal-To 96% of the background originating in galaxies has been resolved into discrete sources. About 63% of the radio background is produced by active galactic nuclei (AGNs), and the remaining 37% comes from star-forming galaxies that obey the far-infrared (FIR)/radio correlation and account for most of the FIR background at {lambda} Almost-Equal-To 160 {mu}m. Our new data confirm that radio sources powered by AGNs and star formation evolve at about the same rate, a result consistent with AGN feedback and the rough correlation of black hole and stellar masses. The confusion at centimeter wavelengths is low enough that neither the planned Square Kilometre Array nor its pathfinder ASKAP EMU survey should be confusion limited, and the ultimate source detection limit imposed by 'natural' confusion is {<=}0.01 {mu}Jy at {nu} = 1.4 GHz. If discrete sources dominate the bright extragalactic background reported by ARCADE 2 at 3.3 GHz, they cannot be located in or near galaxies and most are {<=}0.03 {mu}Jy at 1.4 GHz.

Condon, J. J.; Cotton, W. D.; Fomalont, E. B.; Kellermann, K. I. [National Radio Astronomy Observatory, 520 Edgemont Road, Charlottesville, VA 22903 (United States); Miller, N. [Department of Astronomy, University of Maryland, College Park, MD 20742-2421 (United States); Perley, R. A. [National Radio Astronomy Observatory, P.O. Box 0, Socorro, NM 87801 (United States); Scott, D.; Vernstrom, T.; Wall, J. V. [Department of Physics and Astronomy, University of British Columbia, Vancouver, BC V6T 1C1 (Canada)

2012-10-10T23:59:59.000Z

431

Spatially Resolved Galaxy Star Formation and its Environmental Dependence I  

E-Print Network (OSTI)

We use the photometric information contained in individual pixels of 44,964 (0.019effects of environment on galaxy star formation (SF). We use the pixel-z technique, which combines stellar population synthesis models with photometric redshift template fitting on the scale of individual pixels in galaxy images. Spectral energy distributions are constructed, sampling a wide range of properties such as age, star formation rate (SFR), dust obscuration and metallicity. By summing the SFRs in the pixels, we demonstrate that the distribution of total galaxy SFR shifts to lower values as the local density of surrounding galaxies increases, as found in other studies. The effect is most prominent in the galaxies with the highest star formation, and we see the break in the SFR-density relation at a local galaxy density of $\\approx 0.05 $(Mpc/h)$^{-3}$. Since our method allows us to spatially resolve the SF distribution within galaxies, we can calculate the mean SFR of each galaxy as a function of radius. We find that on average the mean SFR is dominated by SF in the central regions of galaxies, and that the trend for suppression of SFR in high density environments is driven by a reduction in this nuclear SF. We also find that the mean SFR in the outskirts is largely independent of environmental effects. This trend in the mean SFR is shared by galaxies which are highly star forming, while those which are weakly star forming show no statistically significant correlation between their environment and the mean SFR at any radius.

Niraj Welikala; Andrew J. Connolly; Andrew M. Hopkins; Ryan Scranton; Alberto Conti

2007-12-25T23:59:59.000Z

432

Efficient data IO for a Parallel Global Cloud Resolving Model  

SciTech Connect

Execution of a Global Cloud Resolving Model (GCRM) at target resolutions of 2-4 km will generate, at a minimum, 10s of Gigabytes of data per variable per snapshot. Writing this data to disk without creating a serious bottleneck in the execution of the GCRM code while also supporting efficient post-execution data analysis is a significant challenge. This paper discusses an Input/Output (IO) application programmer interface (API) for the GCRM that efficiently moves data from the model to disk while maintaining support for community standard formats, avoiding the creation of very large numbers of files, and supporting efficient analysis. Several aspects of the API will be discussed in detail. First, we discuss the output data layout which linearizes the data in a consistent way that is independent of the number of processors used to run the simulation and provides a convenient format for subsequent analyses of the data. Second, we discuss the flexible API interface that enables modelers to easily add variables to the output stream by specifying where in the GCRM code these variables are located and to flexibly configure the choice of outputs and distribution of data across files. The flexibility of the API is designed to allow model developers to add new data fields to the output as the model develops and new physics is added and also provides a mechanism for allowing users of the GCRM code itself to adjust the output frequency and the number of fields written depending on the needs of individual calculations. Third, we describe the mapping to the NetCDF data model with an emphasis on the grid description. Fourth, we describe our messaging algorithms and IO aggregation strategies that are used to achieve high bandwidth while simultaneously writing concurrently from many processors to shared files. We conclude with initial performance results.

Palmer, Bruce J.; Koontz, Annette S.; Schuchardt, Karen L.; Heikes, Ross P.; Randall, David A.

2011-11-26T23:59:59.000Z

433

Angle-resolved photoemission spectroscopy (ARPES) studies of cuprate superconductors  

SciTech Connect

This dissertation is comprised of three different angle-resolved photoemission spectroscopy (ARPES) studies on cuprate superconductors. The first study compares the band structure from two different single layer cuprates Tl{sub 2}Ba{sub 2}CuO{sub 6+{delta}} (Tl2201) T{sub c,max} {approx} 95 K and (Bi{sub 1.35}Pb{sub 0.85})(Sr{sub 1.47}La{sub 0.38})CuO{sub 6+{delta}} (Bi2201) T{sub c,max} {approx} 35 K. The aim of the study was to provide some insight into the reasons why single layer cuprate's maximum transition temperatures are so different. The study found two major differences in the band structure. First, the Fermi surface segments close to ({pi},0) are more parallel in Tl2201 than in Bi2201. Second, the shadow band usually related to crystal structure is only present in Bi2201, but absent in higher T{sub c} Tl2201. The second study looks at the different ways of doping Bi{sub 2}Sr{sub 2}CaCu{sub 2}O{sub 8+{delta}} (Bi2212) in-situ by only changing the post bake-out vacuum conditions and temperature. The aim of the study is to systematically look into the generally overlooked experimental conditions that change the doping of a cleaved sample in ultra high vacuum (UHV) experiments. The study found two major experimental facts. First, in inadequate UHV conditions the carrier concentration of Bi2212 increases with time, due to the absorption of oxygen from CO{sub 2}/CO molecules, prime contaminants present in UHV systems. Second, in a very clean UHV system at elevated temperatures (above about 200 K), the carrier concentration decreases due to the loss of oxygen atoms from the Bi-O layer. The final study probed the particle-hole symmetry of the pseudogap phase in high temperature superconducting cuprates by looking at the thermally excited bands above the Fermi level. The data showed a particle-hole symmetric pseudogap which symmetrically closes away from the nested FS before the node. The data is consistent with a charge density wave (CDW) origin of the pseudogap, similar to STM checkerboard patterns in the pseudogap state.

Palczewski, Ari Deibert

2010-12-15T23:59:59.000Z

434

The Dark Energy Survey: Prospects for Resolved Stellar Populations  

Science Journals Connector (OSTI)

Wide angle and deep surveys, regardless of their primary purpose, always sample a large number of stars in the Galaxy and in its satellite system. Here we make a forecast of the expected stellar sample resulting from the Dark Energy Survey (DES) and the perspectives that it will open for studies of Galactic structure and resolved stellar populations in general. An estimated 1.2 ? 108 stars will be sampled in DES grizY filters in the southern equatorial hemisphere. This roughly corresponds to 20% of all DES sources. Most of these stars belong to the stellar thick disk and halo of the Galaxy. DES will probe low-mass stellar and sub-stellar objects at depths from three to eight times larger than those in the Sloan Digital Sky Survey (SDSS). The faint end of the main sequence (MS) will be densely sampled beyond 10 kpc. The slope of the low mass end of the stellar initial mass function (IMF) will be constrained to within a few hundredths of dex, even in the thick disk and halo. In the sub-stellar mass regime, the IMF slope will be potentially constrained to within dlog (m)/dlog m 0.1. About 3 ? 104 brown dwarf candidates and at least 7.6 ? 105 white dwarf candidates will be selected, the latter embedded into the thick disk and halo, for future follow-up. The stellar halo flattening will also be constrained to within a few percent. DES will probe the MS of new Milky Way satellites and halo clusters for distances out to 120 kpc, therefore yielding stellar surface density contrasts 1.6-1.7 times larger than those attainable with SDSS. It will also allow detection of these objects in the far reaches of the stellar halo, substantially increasing the number and quality of probes to the Galactic potential. Combined with northern samples, such as the SDSS, the DES stellar sample will yield constraints on the structure and stellar populations of Galactic components in unprecedented detail. In particular, the combined sample from both hemispheres will allow detailed studies of halo and thick disk asymmetries and triaxiality.

Bruno M. Rossetto; Basílio X. Santiago; Léo Girardi; Julio I. B. Camargo; Eduardo Balbinot; Luiz N. da Costa; Brian Yanny; Marcio A. G. Maia; Martin Makler; Ricardo L. C. Ogando; Paulo S. Pellegrini; Beatriz Ramos; Fernando de Simoni; R. Armstrong; E. Bertin; S. Desai; N. Kuropatkin; H. Lin; J. J. Mohr; D. L. Tucker

2011-01-01T23:59:59.000Z

435

Westinghouse Pays $50,000 Civil Penalty to Resolve Light Bulb Efficiency  

NLE Websites -- All DOE Office Websites (Extended Search)

Westinghouse Pays $50,000 Civil Penalty to Resolve Light Bulb Westinghouse Pays $50,000 Civil Penalty to Resolve Light Bulb Efficiency Violations Westinghouse Pays $50,000 Civil Penalty to Resolve Light Bulb Efficiency Violations December 13, 2010 - 2:12pm Addthis The Department of Energy has successfully resolved the enforcement case against Westinghouse Lighting Corporation for failure to certify its light bulbs as compliant with DOE's federal efficiency requirements and for the sale of at least 29,000 general service fluorescent and medium base compact fluorescent lamps that used more energy than permitted by law. This case reflects DOE's renewed commitment to enforce the federal efficiency requirements systematically and fairly to level the competitive playing field and to ensure that American consumers are buying products that

436

U-039: ISC Update: BIND 9 Resolver crashes after logging an error in  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

9: ISC Update: BIND 9 Resolver crashes after logging an error 9: ISC Update: BIND 9 Resolver crashes after logging an error in query.c U-039: ISC Update: BIND 9 Resolver crashes after logging an error in query.c November 16, 2011 - 2:30pm Addthis PROBLEM: ISC Update: BIND 9 Resolver crashes after logging an error in query.c. PLATFORM: Versions of BIND, 9.4-ESV, 9.6-ESV, 9.7.x, 9.8.x ABSTRACT: A remote server can cause the target connected client to crash. Organizations across the Internet are reporting crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crash after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset))" Multiple versions are reported as being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and

437

Resolving Cancer Heterogeneity by Single Cell Sequencing (7th Annual SFAF Meeting, 2012)  

ScienceCinema (OSTI)

Xun Xu on "Resolving Cancer Heterogeneity by Single Cell Sequencing" at the 2012 Sequencing, Finishing, Analysis in the Future Meeting held June 5-7, 2012 in Santa Fe, New Mexico.

Xu, Xun [BGI

2013-02-11T23:59:59.000Z

438

Time-, Energy-, and Phase-Resolved Second-Harmonic Generation at Semiconductor Interfaces  

Science Journals Connector (OSTI)

Time-, Energy-, and Phase-Resolved Second-Harmonic Generation at Semiconductor Interfaces ... We report the development of a femtosecond spectral interferometry technique for second-harmonic generation with time, energy, and phase resolution. ...

C. A. Nelson; J. Luo; A. K.-Y. Jen; R. B. Laghumavarapu; D. L. Huffaker; X.-Y. Zhu

2014-11-12T23:59:59.000Z

439

Proceedings of the Fourteenth International Conference on Time-Resolved Vibrational Spectroscopy (TRVS XIV)  

E-Print Network (OSTI)

Abstracts of presentations made at the Fourteenth International Conference on Time-Resolved Vibrational Spectroscopy (TRVS XIV) held May 9-14, 2009 in Meredith, New Hampshire. TRVS is a series of biennial conferences ...

Tokmakoff, Andrei

2011-08-31T23:59:59.000Z

440

Evaluation of Long-Term Cloud-Resolving Modeling with ARM Data  

NLE Websites -- All DOE Office Websites (Extended Search)

Evaluation of Long-Term Cloud-Resolving Modeling with ARM Data Zeng, Xiping NASAGSFC Tao, Wei-Kuo NASAGoddard Space Flight Center Zhang, Minghua State University of New York at...

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


441

The indexing ambiguity in serial femtosecond crystallography (SFX) resolved using an expectation maximization algorithm  

Science Journals Connector (OSTI)

An expectation maximization algorithm is implemented to resolve the indexing ambiguity which arises when merging data from many crystals in protein crystallography, especially in cases where partial reflections are recorded in serial femtosecond crystallography (SFX) at XFELs.

Liu, H.

2014-09-23T23:59:59.000Z

442

Temperature and TimeResolved XRay Powder Diffraction X14A EERE sponsored PRT beamline  

E-Print Network (OSTI)

Temperature and TimeResolved XRay Powder Diffraction X14A EERE sponsored PRT beamline Objective, in ambience or with gas flow Capabilities: X14A, EERE-sponsored PRT beamline · High photon flux: typically 9x

Ohta, Shigemi

443

Time-Resolved Infrared Spectral Photography Studies of Shock-Induced Chemistry in CS2  

Science Journals Connector (OSTI)

Experiments using time-resolved infrared spectral photography (TRISP) in the 6–8.5 µm range to study explosively driven shocks in liquid CS2 are described. In this range, the temporal resolution of the TRISP syst...

A. M. Renlund; S. A. Sheffield; W. M. Trott

1986-01-01T23:59:59.000Z

444

Intensification of precipitation extremes with warming in a cloud resolving model  

E-Print Network (OSTI)

A cloud-resolving model is used to investigate the effect of warming on high percentiles of precipitation (precipitation extremes) in the idealized setting of radiative-convective equilibrium. While this idealized setting ...

Muller, Caroline

445

Time-resolved protein nanocrystallography using an X-ray free...  

NLE Websites -- All DOE Office Websites (Extended Search)

Time-resolved protein nanocrystallography using an X-ray free-electron laser Authors: Aquila, A., Hunter, M. S., Doak, R. B., Kirian, R. A., Fromme, P., White, T. A., Andreasson,...

446

A mobile UHV-system designed for femtosecond time, energy and spin resolved photoelectron spectroscopy  

Science Journals Connector (OSTI)

We report on the design and tests of a completely mobile photoemission end station for femtosecond time, energy and spin resolved magnetodynamics experiments. The setup is designed for the use at free-electron la...

Thomas Michlmayr; Andreas Fognini; Thomas Bähler…

2013-06-01T23:59:59.000Z

447

High Mass Accuracy and High Mass Resolving Power FT-ICR Secondary...  

NLE Websites -- All DOE Office Websites (Extended Search)

small molecules and fragments. For the first time, ultra-high mass resolving power SIMS has been demonstrated, with m?m50% > 3,000,000. Higher spatial resolution...

448

Diurnal Cycle of Precipitation in the Tropics Simulated in a Global Cloud-Resolving Model  

Science Journals Connector (OSTI)

This study analyzes the diurnal cycle of precipitation simulated in a global cloud-resolving model (GCRM) named the Nonhydrostatic Icosahedral Atmospheric Model (NICAM). A 30-day integration of NICAM successfully simulates the precipitation ...

Tomonori Sato; Hiroaki Miura; Masaki Satoh; Yukari N. Takayabu; Yuqing Wang

2009-09-01T23:59:59.000Z

449

E-Print Network 3.0 - aur spatially resolved Sample Search Results  

NLE Websites -- All DOE Office Websites (Extended Search)

(e.g. 16; Aur K4 Ib) and provides spatial information on the density... to constrain the wind acceleration. Spatially resolved spectra will continue to be a fruitful line of...

450

E-Print Network 3.0 - angle-resolved two-dimensional mapping...  

NLE Websites -- All DOE Office Websites (Extended Search)

Rettig... in an energy- and angle-resolved manner. To achieve this, a field free drift tube with an acceptance angle... of 22 is combined with two-dimensional position-sensitive...

451

3D Atmospheric Radiative Transfer for Cloud System-Resolving Models: Forward Modelling and Observations  

SciTech Connect

Utilization of cloud-resolving models and multi-dimensional radiative transfer models to investigate the importance of 3D radiation effects on the numerical simulation of cloud fields and their properties.

Howard Barker; Jason Cole

2012-05-17T23:59:59.000Z

452

U-038: BIND 9 Resolver crashes after logging an error in query.c |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

8: BIND 9 Resolver crashes after logging an error in query.c 8: BIND 9 Resolver crashes after logging an error in query.c U-038: BIND 9 Resolver crashes after logging an error in query.c November 16, 2011 - 8:37am Addthis PROBLEM: BIND 9 Resolver crashes after logging an error in query.c. PLATFORM: Multiple version of BIND 9. Specific versions under investigation ABSTRACT: A remote server can cause the target connected client to crash. Organizations across the Internet are reporting crashes interrupting service on BIND 9 nameservers performing recursive queries. Affected servers crash after logging an error in query.c with the following message: "INSIST(! dns_rdataset_isassociated(sigrdataset))" Multiple versions are reported as being affected, including all currently supported release versions of ISC BIND 9. ISC is actively investigating the root cause and

453

Heterogeneous mixtures of elliptical particles: Directly resolving local and global properties and responses  

Science Journals Connector (OSTI)

In our earlier papers, Prosperetti's seminal Physalis method for fluid flows was extended to directly resolve electric fields in finite-sized particles and to investigate accurately the mutual fluid-particle, particle-particle, and particle-boundary ... Keywords: Directly resolving particles, Discontinuous interface condition, Elliptical particles, Elongated rod-like particle, Force and torque on particles, Heterogeneous functional materials, Interactions, Local charge distribution, Orientation and anisotropy, Singularity in elliptic coordinates

Qianlong Liu; Kenneth L. Reifsnider

2013-02-01T23:59:59.000Z

454

Vulnerability of the Superficial Zone of Immature Articular Cartilage to Compressive Injury  

SciTech Connect

The zonal composition and functioning of adult articular cartilage causes depth-dependent responses to compressive injury. In immature cartilage, shear and compressive moduli as well as collagen and sulfated glycosaminoglycan (sGAG) content also vary with depth. However, there is little understanding of the depth-dependent damage caused by injury. Since injury to immature knee joints most often causes articular cartilage lesions, this study was undertaken to characterize the zonal dependence of biomechanical, biochemical, and matrix-associated changes caused by compressive injury. Disks from the superficial and deeper zones of bovine calves were biomechanically characterized. Injury to the disks was achieved by applying a final strain of 50% compression at 100%/second, followed by biomechanical recharacterization. Tissue compaction upon injury as well as sGAG density, sGAG loss, and biosynthesis were measured. Collagen fiber orientation and matrix damage were assessed using histology, diffraction-enhanced x-ray imaging, and texture analysis. Injured superficial zone disks showed surface disruption, tissue compaction by 20.3 {+-} 4.3% (mean {+-} SEM), and immediate biomechanical impairment that was revealed by a mean {+-} SEM decrease in dynamic stiffness to 7.1 {+-} 3.3% of the value before injury and equilibrium moduli that were below the level of detection. Tissue areas that appeared intact on histology showed clear textural alterations. Injured deeper zone disks showed collagen crimping but remained undamaged and biomechanically intact. Superficial zone disks did not lose sGAG immediately after injury, but lost 17.8 {+-} 1.4% of sGAG after 48 hours; deeper zone disks lost only 2.8 {+-} 0.3% of sGAG content. Biomechanical impairment was associated primarily with structural damage. The soft superficial zone of immature cartilage is vulnerable to compressive injury, causing superficial matrix disruption, extensive compaction, and textural alteration, which results in immediate loss of biomechanical function. In conjunction with delayed superficial sGAG loss, these changes may predispose the articular surface to further softening and tissue damage, thus increasing the risk of development of secondary osteoarthritis.

Rolauffs, R.; Muehleman, C; Li, J; Kurz, B; Kuettner, K; Frank, E; Grodzinsky, A

2010-01-01T23:59:59.000Z

455

Resolving to Make Earth Day Last All Year | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolving to Make Earth Day Last All Year Resolving to Make Earth Day Last All Year Resolving to Make Earth Day Last All Year March 21, 2011 - 1:31pm Addthis Amy Foster Parish What was your New Year's resolution this year? Maybe you resolved to get back into the gym and finally lose those last pesky pounds. Maybe, like me, you resolved to finally break down and buy that new furnace. Or maybe you liked Chris' idea, and you resolved do whatever you could to save energy and money this year. When we talk about saving energy throughout the year, it's easy to forget that we're not just energy users when we're at home. Many of us spend a large part of our days at work, and the energy we use there is significant. According to ENERGY STAR®, the energy needed to support just one office worker for a day produces twice as much greenhouse gas emissions as that

456

Resolving to Make Earth Day Last All Year | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolving to Make Earth Day Last All Year Resolving to Make Earth Day Last All Year Resolving to Make Earth Day Last All Year March 21, 2011 - 4:49pm Addthis Amy Foster Parish What was your New Year's resolution this year? Maybe you resolved to get back into the gym and finally lose those last pesky pounds. Maybe, like me, you resolved to finally break down and buy that new furnace. Or maybe you liked Chris' idea, and you resolved do whatever you could to save energy and money this year. When we talk about saving energy throughout the year, it's easy to forget that we're not just energy users when we're at home. Many of us spend a large part of our days at work, and the energy we use there is significant. According to ENERGY STAR, the energy needed to support just one office worker for a day produces twice as much greenhouse gas emissions as that

457

Resolving to Make Earth Day Last All Year | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolving to Make Earth Day Last All Year Resolving to Make Earth Day Last All Year Resolving to Make Earth Day Last All Year March 21, 2011 - 1:31pm Addthis Amy Foster Parish What was your New Year's resolution this year? Maybe you resolved to get back into the gym and finally lose those last pesky pounds. Maybe, like me, you resolved to finally break down and buy that new furnace. Or maybe you liked Chris' idea, and you resolved do whatever you could to save energy and money this year. When we talk about saving energy throughout the year, it's easy to forget that we're not just energy users when we're at home. Many of us spend a large part of our days at work, and the energy we use there is significant. According to ENERGY STAR®, the energy needed to support just one office worker for a day produces twice as much greenhouse gas emissions as that

458

DOE Resolves Nearly One-Third of 27 Recently Filed Civil Penalty Cases |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

One-Third of 27 Recently Filed Civil Penalty One-Third of 27 Recently Filed Civil Penalty Cases DOE Resolves Nearly One-Third of 27 Recently Filed Civil Penalty Cases September 23, 2010 - 5:14pm Addthis The Department has successfully resolved eight of the 27 enforcement cases brought just two weeks ago against companies for selling products without properly certifying their compliance with the Department's conservation standards. The swift resolution of nearly one-third of these cases reflects the central goal of the Department's enforcement effort - compliance with all aspects of the Department's regulations to ensure that consumers have the information they need to buy energy and cost saving products. Each of the eight companies responded promptly to the Department's notice, cooperated fully to resolve all issues, and committed to certifying

459

Cloud-Resolving Model Simulation and Mosaic Treatment of Subgrid Cloud-Radiation Interaction  

NLE Websites -- All DOE Office Websites (Extended Search)

Cloud-Resolving Model Simulation and Mosaic Treatment Cloud-Resolving Model Simulation and Mosaic Treatment of Subgrid Cloud-Radiation Interaction X. Wu Department of Geological and Atmospheric Sciences Iowa State University Ames, Iowa X.-Z. Liang Illinois State Water Survey University of Illinois at Urbana-Champaign Champaign, Illinois Introduction Improving the representation of cloud-radiation interaction is a major challenge for the global climate simulation. The development of cloud-resolving models (CRMs) and the extensive Atmospheric Radiation Measurements (ARMs) provide a unique opportunity for shading some lights on this problem. Current general circulation models (GCMs) predict cloud cover fractions and hydrometeor concentra- tions only in individual model layers, where clouds are assumed to be horizontally homogeneous in a

460

Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action |  

NLE Websites -- All DOE Office Websites (Extended Search)

Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action November 23, 2010 - 6:34pm Addthis The Department of Energy has settled the civil penalty action it initiated against Air-Con International for Air-Con's sale of air conditioners in the United States that used more energy than allowed by federal law. On September 20, 2010, based on Air-Con's responses to a DOE subpoena, DOE ordered Air-Con to stop selling noncompliant air conditioners in the United States and proposed civil penalties for the noncompliant units sold by the company. Air-Con promptly ceased U.S. sales of the noncompliant models. In the settlement announced today, DOE agreed to accept a civil penalty of $10,000, after considering factors set forth in DOE's penalty guidance,

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


461

Resolve to Save Energy in the New Year | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolve to Save Energy in the New Year Resolve to Save Energy in the New Year Resolve to Save Energy in the New Year December 30, 2008 - 4:00am Addthis Allison Casey Senior Communicator, NREL What are your New Year's Resolutions? It's that time again to make your list and decide how January 1st will be the day you start your new and improved life! [end the infomercial voiceover] In all seriousness, it seems that most New Year's Resolutions are abandoned sometime around mid-February, in spite of our best intentions. But it doesn't have to be that way. I know and you know that your resolutions are important, as shown by USA.gov's list of popular New Year's resolutions. My guess is that one of the most popular resolutions this year will be to save money. If saving money is one of your resolutions, have you considered

462

Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action |  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action Air-Con Agrees to Pay Civil Penalty to Resolve Enforcement Action November 23, 2010 - 6:34pm Addthis The Department of Energy has settled the civil penalty action it initiated against Air-Con International for Air-Con's sale of air conditioners in the United States that used more energy than allowed by federal law. On September 20, 2010, based on Air-Con's responses to a DOE subpoena, DOE ordered Air-Con to stop selling noncompliant air conditioners in the United States and proposed civil penalties for the noncompliant units sold by the company. Air-Con promptly ceased U.S. sales of the noncompliant models. In the settlement announced today, DOE agreed to accept a civil penalty of $10,000, after considering factors set forth in DOE's penalty guidance,

463

Resolve to Save Energy in the New Year | Department of Energy  

Energy.gov (U.S. Department of Energy (DOE)) Indexed Site

Resolve to Save Energy in the New Year Resolve to Save Energy in the New Year Resolve to Save Energy in the New Year December 30, 2008 - 4:00am Addthis Allison Casey Senior Communicator, NREL What are your New Year's Resolutions? It's that time again to make your list and decide how January 1st will be the day you start your new and improved life! [end the infomercial voiceover] In all seriousness, it seems that most New Year's Resolutions are abandoned sometime around mid-February, in spite of our best intentions. But it doesn't have to be that way. I know and you know that your resolutions are important, as shown by USA.gov's list of popular New Year's resolutions. My guess is that one of the most popular resolutions this year will be to save money. If saving money is one of your resolutions, have you considered

464

Monte Carlo simulation of nitrogen dissociation based on state-resolved cross sections  

SciTech Connect

State-resolved analyses of N + N{sub 2} are performed using the direct simulation Monte Carlo (DSMC) method. In describing the elastic collisions by a state-resolved method, a state-specific total cross section is proposed. The state-resolved method is constructed from the state-specific total cross section and the rovibrational state-to-state transition cross sections for bound-bound and bound-free transitions taken from a NASA database. This approach makes it possible to analyze the rotational-to-translational, vibrational-to-translational, and rotational-to-vibrational energy transfers and the chemical reactions without relying on macroscopic properties and phenomenological models. In nonequilibrium heat bath calculations, the results of present state-resolved DSMC calculations are validated with those of the master equation calculations and the existing shock-tube experimental data for bound-bound and bound-free transitions. In various equilibrium and nonequilibrium heat bath conditions and 2D cylindrical flows, the DSMC calculations by the state-resolved method are compared with those obtained with previous phenomenological DSMC models. In these previous DSMC models, the variable soft sphere, phenomenological Larsen-Borgnakke, quantum kinetic, and total collision energy models are considered. From these studies, it is concluded that the state-resolved method can accurately describe the rotational-to-translational, vibrational-to-translational, and rotational-to-vibrational transfers and quasi-steady state of rotational and vibrational energies in nonequilibrium chemical reactions by state-to-state kinetics.

Kim, Jae Gang, E-mail: jaegkim@umich.edu; Boyd, Iain D., E-mail: iainboyd@umich.edu [Department of Aerospace Engineering, University of Michigan, 1320 Beal Avenue, Ann Arbor, Michigan 48109-2140 (United States)

2014-01-15T23:59:59.000Z

465

A Method for Estimating the Financial Impact of Cyber Information Security Breaches Utilizing the Common Vulnerability Scoring System and Annual Loss Expectancy  

E-Print Network (OSTI)

0.900 Functional (F) F 0.950 High (H) H 1.000 Remediation Level (T_RL) Official Fix (OF) OF 0.870 Temporary Fix (TF) TF 0.900 Workaround (W) W 0.950 Unavailable (U) U 1.000 Report Confidence (T_RC) Unconfirmed (UC) UC 0.900 Uncorroborated (UR) UR 0... is theoretical. Remediation Level (T_RL) – Metric to describe the currently available mitigation options. Report Confidence (T_RC) – Metric to describe the degree of confidence in the reported vulnerability. Often, vulnerabilities are announced sans...

Lindsey, Michael B.

2010-05-14T23:59:59.000Z

466

Photon-number-resolved heralded-photon source for improved quantum key distribution  

SciTech Connect

We have suppressed multiphoton probability of a heralded-photon source, which is vital for quantum key distribution with a higher secure key generation rate. It is accomplished by utilizing a practical photon-number-resolving detector for triggering resulting in an important step for improved practical quantum key distribution. Heralded-photon source and a practical photon-number-resolving detector capable of real-time processed multiphoton rejection are stably operable at room temperature and enable us to generate a secure key at a distance as long as an ideal single photon source is used.

Horikiri, Tomoyuki [Department of Physics, Graduate School of Science, University of Tokyo, 7-3-1 Hongo, Bunkyo, Tokyo 113-0033 (Japan); Institute of Laser Science and Department of Applied Physics and Chemistry, University of Telecommunications, Chofu-ga-oka 1-5-1, Chofu, Tokyo 182-8585 (Japan); Takeno, Yuishi [Department of Physics, Graduate School of Science, University of Tokyo, 7-3-1 Hongo, Bunkyo, Tokyo 113-0033 (Japan); Yabushita, Atsushi [Department of Electrophysics, Faculty of Science, National Chiao Tung University, 1001 Ta Hsueh Road, Hsinchu, Taiwan 300 (China); Kobayashi, Takayoshi [ICORP, JST, 4-1-8 Honcho, Kawaguchi, Saitama (Japan); Institute of Laser Science and Department of Applied Physics and Chemistry, University of Telecommunications, Chofu-ga-oka 1-5-1, Chofu, Tokyo 182-8585 (Japan); Department of Electrophysics, Faculty of Science, National Chiao Tung University, 1001 Ta Hsueh Road, Hsinchu, Taiwan 300 (China); Institute of Laser Engineering, Osaka University, Yamadagaoka 2-6, Suita, Osaka 565-0871 (Japan)

2007-07-15T23:59:59.000Z

467

Modelling the effect of nuclear motion on the attosecond time-resolved photoelectron spectra of ethylene  

E-Print Network (OSTI)

Using time dependent density functional theory (TDDFT) we examine the energy, angular and time-resolved photoelectron spectra (TRPES) of ethylene in a pump-probe setup. To simulate TRPES we expose ethylene to an ultraviolet (UV) femtosecond pump pulse, followed by a time delayed extreme ultraviolet (XUV) probe pulse. Studying the photoemission spectra as a function of this delay provides us direct access to the dynamic evolution of the molecule's electronic levels. Further, by including the nuclei's motion, we provide direct chemical insight into the chemical reactivity of ethylene. These results show how angular and energy resolved TRPES could be used to directly probe electron and nucleus dynamics in molecules.

Crawford-Uranga, Alison; Mowbray, Duncan John; Kurth, Stefan; Rubio, Angel

2014-01-01T23:59:59.000Z

468

Time-Resolved Measurements of Near-Infrared Pulse Induced Ultrafast Optical Modulation of Quantum Cascade Lasers  

Science Journals Connector (OSTI)

We temporally resolve ultrafast modulation of quantum cascade lasers (QCLs) using a near-infrared pump mid-infrared probe technique. We compare interband and intersubband transition...

Cai, Hong; Liu, Sheng; Lalanne, Elaine; Guo, Dingkai; Chen, Xing; Wang, Xiaojun; Choa, Fow-Sen; Johnson, Anthony M

469

A Monte Carlo simulation based two-stage adaptive resonance theory mapping approach for offshore oil spill vulnerability index classification  

Science Journals Connector (OSTI)

Abstract In this paper, a Monte Carlo simulation based two-stage adaptive resonance theory mapping (MC-TSAM) model was developed to classify a given site into distinguished zones representing different levels of offshore Oil Spill Vulnerability Index (OSVI). It consisted of an adaptive resonance theory (ART) module, an ART Mapping module, and a centroid determination module. Monte Carlo simulation was integrated with the TSAM approach to address uncertainties that widely exist in site conditions. The applicability of the proposed model was validated by classifying a large coastal area, which was surrounded by potential oil spill sources, based on 12 features. Statistical analysis of the results indicated that the classification process was affected by multiple features instead of one single feature. The classification results also provided the least or desired number of zones which can sufficiently represent the levels of offshore OSVI in an area under uncertainty and complexity, saving time and budget in spill monitoring and response.

Pu Li; Bing Chen; Zelin Li; Xiao Zheng; Hongjing Wu; Liang Jing; Kenneth Lee

2014-01-01T23:59:59.000Z

470

Eddy-resolving Lidar Measurements and Numerical Simulations of the Convective Internal Boundary Layer  

E-Print Network (OSTI)

in speed. The vertical gradient of wind-speed decreases offshore because of strong vertical mixing caused correlation functions and winds derived from horizontal (PPI) and vertical (RHI) scans of the VIL during Lake.4 0.5 0.6 0.7 DOWNSTREAM WIND SPEEDS FROM RHI SCANS ON 13 JANUARY 1998 SPATIALLY RESOLVED 5-m WINDS

Eloranta, Edwin W.

471

UNIVERSITY OF CALIFORNIA, Effects of Vertically-Resolved Solar Heating, Snow Aging, and Black  

E-Print Network (OSTI)

UNIVERSITY OF CALIFORNIA, IRVINE Effects of Vertically-Resolved Solar Heating, Snow Aging formats: Committee Chair University of California, Irvine 2007 ii #12;To my parents, John and Cindy. iii, albedo, snow grain size, and absorbing impurities. . 8 2.1 Solar absorption profiles prescribed by CLM

Zender, Charles

472

Scanning photoelectron microscope for nanoscale three-dimensional spatial-resolved electron spectroscopy for chemical analysis  

E-Print Network (OSTI)

spectroscopy for chemical analysis K. Horiba, Y. Nakamura, N. Nagamura, S. Toyoda, H. Kumigashira et al-level alignment at noble metal/organic interfaces Appl. Phys. Lett. 99, 183302 (2011) Note: Heated sample platform three-dimensional spatial-resolved electron spectroscopy for chemical analysis K. Horiba,1,2,3,a) Y

Miyashita, Yasushi

473

Spatially resolved non-invasive chemical stimulation for modulation of signalling in reconstructed neuronal networks  

Science Journals Connector (OSTI)

...Spatially resolved non-invasive chemical stimulation for modulation...Localized non-invasive on-chip chemical stimulation of micropatterned...and N Voelker2004A biochip platform for cell transfection assaysBiosens...and M Nishizawa2005Localized chemical stimulation of cellular micropatterns...

2006-01-01T23:59:59.000Z

474

The Chandra Survey of Outflows in AGN with Resolved Spectroscopy (SOARS)  

E-Print Network (OSTI)

The Chandra Survey of Outflows in AGN with Resolved Spectroscopy (SOARS) Dan Evans (Elon University), Matteo Guainazzi (ESAC), Martin Ward (Durham), Ric Davies (MPE), James Reeves (Keele), Kim Weaver (GSFC. 2009; Bianchi, Evans et al. 2010) NLR in a Type 2 AGN #12;10 15 20 Wavelength (Ă?) 5x10-5 1x10-4 2x10

Evans, Dan

475

The Chandra Survey of Outflows in AGN with Resolved Spectroscopy (SOARS)  

E-Print Network (OSTI)

The Chandra Survey of Outflows in AGN with Resolved Spectroscopy (SOARS) Dan Evans (CfA and Elon (Durham), Ric Davies (MPE), James Reeves (Keele), Mike Crenshaw (GSU), Steve Kraemer (CUA), Kim Weaver, Evans et al. 2010) NLR in a Type 2 AGN Largest observable structure from soft X-rays to near

Evans, Dan

476

Compact cryogenic Kerr microscope for time-resolved studies of electron spin transport in microstructures  

E-Print Network (OSTI)

Compact cryogenic Kerr microscope for time-resolved studies of electron spin transport A compact cryogenic Kerr microscope for operation in the small volume of high-field magnets is described-temperature optical microscope, elec- tromagnet and cryogenic cell with cold finger to measure continuous-wave cw

van der Wal, Caspar H.

477

Conformational Substates of Myoglobin Intermediate Resolved by Picosecond Xray Solution Scattering  

E-Print Network (OSTI)

Conformational Substates of Myoglobin Intermediate Resolved by Picosecond Xray Solution Scattering: Conformational substates of proteins are generally considered to play important roles in regulating protein with the conformational substates using picosecond X-ray solution scattering. By applying kinetic analysis considering all

Ihee, Hyotcherl

478

Temporally resolved ion velocity distribution measurements in a radio-frequency plasma sheath  

E-Print Network (OSTI)

and within a radio-frequency (RF) biased plasma sheath is studied experimentally with a pulsed laserTemporally resolved ion velocity distribution measurements in a radio-frequency plasma sheath B; therefore, radio-frequency (RF) biases which result in zero net electrical current to the substrate

California at Los Angles, University of

479

Quantifying and Resolving Remote Memory Access Contention on Hardware DSM Multiprocessors  

E-Print Network (OSTI)

Quantifying and Resolving Remote Memory Access Contention on Hardware DSM Multiprocessors Dimitrios contributions: It pro- poses a new methodology for quantifying remote memory access contention on hardware DSM each DSM node to each page in memory. A trace of the memory accesses of the pro- gram obtained

Nikolopoulos, Dimitris

480

Source apportionment of time-and size-resolved ambient particulate matter , Philip K. Hopke b,  

E-Print Network (OSTI)

International Airport were analyzed for the elemental composition using synchrotron X-ray fluorescence Airport emission sources Size- and time-resolved particulate matter samples collected using eight-stage Davis Rotating-drum Universal- size-cut Monitoring (DRUM) impactors at the Washington-Dulles

Navasca, Carmeliza

Note: This page contains sample records for the topic "resolving vulnerability u-098" from the National Library of EnergyBeta (NLEBeta).
While these samples are representative of the content of NLEBeta,
they are not comprehensive nor are they the most current set.
We encourage you to perform a real-time search of NLEBeta
to obtain the most current and comprehensive results.


481

Time-Resolved Magnetic Flux and AC-Current Distributions in Superconducting YBCO Thin Films and  

E-Print Network (OSTI)

Time-Resolved Magnetic Flux and AC-Current Distributions in Superconducting YBCO Thin Films and Multifilament Ran Yang College of William & Mary, Department of Applied Science, 2008 Field: Surface and Interface Science, Degree: Ph.D. Advisor: Gunter Luepke, Associate Professor of Applied Science Abstract

Shaw, Leah B.

482

Testing the Fixed Anvil Temperature Hypothesis in a Cloud-Resolving Model  

Science Journals Connector (OSTI)

Using cloud-resolving simulations of tropical radiative–convective equilibrium, it is shown that the anvil temperature changes by less than 0.5 K with a 2-K change in SST, lending support to the fixed anvil temperature (FAT) hypothesis. The ...

Zhiming Kuang; Dennis L. Hartmann

2007-05-01T23:59:59.000Z

483

Spatially resolved lasers using a glassy cholesteric liquid crystal film with lateral pitch gradient  

E-Print Network (OSTI)

Spatially resolved lasers using a glassy cholesteric liquid crystal film with lateral pitch crystal CLC lasers, a lateral pitch gradient was introduced by thermally activated diffusion across efficiencies, 0.2%­1.5%, are superior to those reported to date for gradient-pitch CLC lasers. © 2011 American

Chen, Shaw H.

484

Time-Resolved EPR Study of Singlet Oxygen in the Gas Phase Marco Ruzzi,  

E-Print Network (OSTI)

Time-Resolved EPR Study of Singlet Oxygen in the Gas Phase Marco Ruzzi, Elena Sartori, Alberto States ABSTRACT: X-band EPR spectra of singlet O2(1 g) and triplet O2(3 g - ) were observed in the gas, and perfluoronaphthalene in the gas phase. The EPR spectrum of O2(1 g) was also observed under microwave discharge

Turro, Nicholas J.

485

Time-resolved study of the symmetric SN2-reaction I Roland Wester,a)  

E-Print Network (OSTI)

Time-resolved study of the symmetric SN2-reaction IĂ? ÂżCH3I Roland Wester,a) Arthur E. Bragg, Alison of negative ions has been applied to study the title reaction as a model system for gas phase SN2 reactions dynamics are expected for entrance channel complex formed in the first step of a gas phase SN2 reaction

Neumark, Daniel M.

486

From concentric eyewall to annular hurricane: A numerical study with the cloud-resolved WRF model  

E-Print Network (OSTI)

(secondary eyewall) in coincidence with a local tangential wind max- imum around the pre-existing eyewallFrom concentric eyewall to annular hurricane: A numerical study with the cloud-resolved WRF model Research and Forecasting (WRF) model, the transformation from a non- AH to an AH through a concentric

Wang, Bin

487

Cloud system resolving model simulations of tropical cloud systems observed during the Tropical  

E-Print Network (OSTI)

the Weather Research and Forecasting (WRF) model. The WRF model is configured with a highest-resolving domain convection. The second regime is a monsoon break, which contains intense localized systems that are rep-based observational systems including a polarimetric weather radar, cloud radar, wind profilers, radi- ation

Jakob, Christian

488

Reducing the Vulnerability of Societies to Water Related Risks at the Basin Scale (Proceedings of the third International Symposium on Integrated Water Resources  

E-Print Network (OSTI)

), generated from evaporation, and advective (Pa), generated from atmospheric moisture. The recycling ratio components of the regional water cycle are: Qin and Qout the incoming and outgoing atmospheric moistureReducing the Vulnerability of Societies to Water Related Risks at the Basin Scale (Proceedings

Haak, Hein