vulnerability

(redirected from Vulnerabilities)
Also found in: Dictionary, Thesaurus, Medical, Legal.

vulnerability

[‚vəl·nə·rə′bil·əd·ē]
(computer science)
A weakness in a computing system that can result in harm to the system or its operations, especially when this weakness is exploited by a hostile person or organization or when it is present in conjunction with particular events or circumstances.

Vulnerability

Vulgarity (See COARSENESS.)
Achilles
warrior vulnerable only in his heel. [Gk. Myth.: Zimmerman, 4]
Antaeus
only vulnerable if not touching ground. [Gk. and Rom. Myth.: Hall, 151]
Balder
conquerable only with mistletoe. [Norse Myth.: Walsh Classical, 43]
Diarmuid
Irish Achilles, killed through cunning Fionn’s deceit. [Irish Myth.: Jobes, 443; Parrinder, 79]
Maginot Line
French fortification zone along German border; thought impregnable before WWII. [Fr. Hist.: NCE, 1658]
Samson
strength derived from his hair; betrayed by Delilah. [O.T.: Judges 16]
Siegfried
vulnerable in only one spot on his back. [Ger. Opera: Wagner, Götterdämmerung, Westerman, 245]
Siegfried Line
German fortification zone opposite the Maginot Line between Germany and France. [Ger. Hist.: WB, 17: 370]
Superman
invulnerable except for Kryptonite. [TV: “The Adventures of Superman” in Terrace, I, 38; Comics: Horn, 642]

vulnerability

A security exposure in an operating system or other system software or application software component. Before the Internet became mainstream and exposed every organization in the world to every attacker on the planet, vulnerabilities surely existed, but were not as often exploited.

In light of this madness, mostly perpetrated against Microsoft products, the architecture of future operating systems has changed. Designing software to be bulletproof against attacks is like building a house where every square inch is fortified with steel and sensors that detect intrusions. Patching an existing operating system written by hundreds of programmers who were not dwelling on this issue when they wrote the code is an onerous job.

Security firms maintain databases of vulnerabilities based on version number of the software. If exploited, each vulnerability can potentially compromise the system or network. To search for vulnerabilities and exposures in the National Vulnerability Database (NVD), visit http://web.nvd.nist.gov/view/vuln/search?cid=1. See network security scanner and vulnerability disclosure.
References in periodicals archive ?
Vulnerability Research Market: High Severity Vulnerabilities by Top Reporting Sources (World), CY 2010
0 helps me and my development team find and fix vulnerabilities in our ASP.
Many vulnerability assessment tools require end-user configurations to select the type of device, operating systems, applications, and vulnerabilities that they want to detect.
An effective computer security program is designed around the concept of identifying computer vulnerabilities and providing computer system users with guidance on how to eliminate, or at least reduce, these vulnerabilities.
The Frost & Sullivan research points to the increasing number of vulnerabilities and the shrinking window between vulnerability and exploit.
In addition, the synchronized release of new and updated third-party products that support new operating systems will likely contribute to a record year for vulnerabilities in 2007.
Scuba by Imperva does not run exploits against the database or provide information useful to exploiting the vulnerabilities it finds.
Determina Vulnerability Protection Suite[TM] (VPS[TM]) is the only solution to address the root cause of attacks - the software vulnerabilities themselves.
Digital Bond has also identified numerous SCADA application and protocol vulnerabilities, including the vulnerability disclosed in US-CERT's first SCADA related vulnerability note.
AUSTIN, Texas -- TippingPoint, a division of 3Com and the leader in intrusion prevention, today announced the discovery and patch of two new vulnerabilities in Microsoft Internet Explorer disclosed through TippingPoint's Zero Day Initiative (ZDI).
eEye Digital Security([R]), a leading developer of network security and vulnerability management software solutions, as well as the industry's foremost contributor to security research and education, today announced that it is offering the industry's first vulnerability tracking site that focuses exclusively on zero-day vulnerabilities, or those vulnerabilities in which technical details regarding exploitation methods are in public circulation prior to the availability of a software patch.
the leading provider of on demand vulnerability management and policy compliance solutions, today announced the availability of a free network scanning service to help companies find and eliminate vulnerabilities listed in the annual SANS Top 20 update for 2006 that was announced earlier today.