+ Solution 252767: A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges
http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1
+ RHSA-2009:0295-1 Moderate: net-snmp security update
http://rhn.redhat.com/errata/RHSA-2009-0295.html
Bkis-05-2009: PowerCHM Stack-based Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28775
Frog CMS-SA-03/26/2009: Frog CMS Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28776
Sun Java Runtine Environment (JRE) Type1 Font Parsing Integer Signedness Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=777
Sun Java Web Start (JWS) GIF Decoding Heap Corruption Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=778
Sun Java Runtine Environment (JRE) GIF Decoding Heap Corruption Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=779
Sun Java Web Start (JWS ) PNG Decoding Integer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=780
Sun Java Runtime Environment (JRE) Pack200 Decompression Integer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=781
[Bkis-05-2009] PowerCHM Stack-based Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-03/msg00240.html
Java Plug-in Bugs Lets Remote Users Gain Privileges
http://securitytracker.com/alerts/2009/Mar/1021920.html
Java Runtime Environment (JRE) Virtual Machine Lets Remote Users Read/Write Files and Execute Local Applications
http://securitytracker.com/alerts/2009/Mar/1021919.html
Java Runtime Environment (JRE) HTTP Server Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Mar/1021918.html
Java Runtime Environment (JRE) Flaws in Storing and Processing Temporary Font Files Let Remote Users Deny Service
http://securitytracker.com/alerts/2009/Mar/1021917.html
Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and Fonts Lets Remote Users Gain Privileges on the Target System
http://securitytracker.com/alerts/2009/Mar/1021913.html
RHSA-2009:0373-1 Moderate: systemtap security update
http://rhn.redhat.com/errata/RHSA-2009-0373.html
IBM WebSphere Application Server Insecure Permissions Vulnerability
http://www.vupen.com/english/advisories/2009/0854
Mozilla Firefox and Seamonkey XSLT Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2009/0853
Sun Java JDK/JRE Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/0852
Cisco IOS Multiple Denial of Service and Privilege Escalation Issues
http://www.vupen.com/english/advisories/2009/0851
OpenSSL Multiple Denial of Service and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/0850
Microsoft Windows Gzip Libraries Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/0849
PowerCHM HTML Help Project File Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/0848
Kerberos "spnego_gss_accept_sec_context()" Denial of Service Issue
http://www.vupen.com/english/advisories/2009/0847
ldns "ldns_rr_new_frm_str_internal()" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/0846
Compiz Fusion 'Expo' Plugin Security Bypass Vulnerability
http://www.securityfocus.com/bid/32712
PHPizabi 'modules/interact/file.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34255
WeBid 'upldgallery.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34254
pam-krb5 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33740
pam-krb5 'KRB5CCNAME' Environment Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33741
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
International Components for Unicode Invalid ISO Character Handling Vulnerability
http://www.securityfocus.com/bid/29488
Microsoft GDI+ EMF 'GpFont.SetData()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34250
FFmpeg 'libavformat/4xm.c' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33502
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Drupal Token Authentication Module Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34252
Drupal Wikitools Module Multiple Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34249
Squid Web Proxy Cache HTTP Version Number Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/33604
Squid Proxy Cache Update Reply Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/26687
Squid Web Proxy Cache 'arrayShrink()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/28693
Lua Unspecified Bytecode Verifier Security Vulnerability
http://www.securityfocus.com/bid/34237
ldns 'rr.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34233
Comparison Engine Power 'product.comparision.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34232
+ PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
NetworkManager Permission Enforcement Multiple Local Vulnrabilities
http://www.securityfocus.com/bid/33966
IncrediMail Script Execution Vulnerabilities
http://www.securityfocus.com/bid/34231
XAMPP for Windows 'adodb.php' Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/31472
Foxit Reader PDF Handling Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34035
Serv-U FTP Server 'MKD' Command Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34125
Net-SNMP 'snmpUDPDomain.c' Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33755
WordPress MU 'wp-includes/wpmu-functions.php' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/34075
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
SystemTap Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34260
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
IBM WebSphere Application Server for z/OS Multiple Vulnerabilities
http://www.securityfocus.com/bid/34259
Microsoft Windows Services for UNIX / Subsystem for UNIX-based Applications Multiple Vulnerabilities
http://www.securityfocus.com/bid/34258
eZip Wizard Zip File Stack Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34044
phpMyAdmin BLOB Streaming Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34253
phpMyAdmin 'export page' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34251
phpMyAdmin 'setup.php' PHP Code Injection Vulnerability
http://www.securityfocus.com/bid/34236
Drupal Feed Element Mapper Module Content Title Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34266
Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
http://www.securityfocus.com/bid/34265
CCCP Community Clan Portal Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34264
PowerCHM '.HHP' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34263
PhotoStand BASE64 Administrator Nickname Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34262
Blogplus Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34261
RHSA-2009:0373-1 Moderate: systemtap security update
http://rhn.redhat.com/errata/RHSA-2009-0373.html
JVNDB-2007-001196 複数の CA 製品における coffFiles フィールド値に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001196.html
JVNDB-2007-001195 複数の CA 製品におけるファイル名の処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001195.html
JVNDB-2009-001103 Microsoft Windows Vista における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001103.html
JVNDB-2009-001102 Adobe RoboHelp および RoboHelp Server におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001102.html
JVNDB-2009-001101 Adobe RoboHelp Server におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001101.html
JVNDB-2009-001037 Mozilla Firefox における INPUT 要素の処理に関連する任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001037.html
JVNDB-2009-001035 複数の Mozilla 製品における JavaScript エンジンに関連するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001035.html
JVNDB-2009-001034 複数の Mozilla 製品におけるレイアウトエンジンに関連するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001034.html
JVNDB-2008-002285 PHP の imageRotate 関数における任意のメモリ内容を読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002285.html
JVNDB-2008-002282 Dovecot の ACL プラグインにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002282.html
JVNDB-2008-002281 dovecot における ssl_key_password パラメータ値を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002281.html
JVNDB-2008-002260 PHP の ext/mbstring/libmbfl/filters/mbfilter_htmlent.c における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002260.html
JVNDB-2008-002259 PHP の ZipArchive::extractTo 関数における ZIP ファイルの処理に関するディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002259.html
JVNDB-2008-002258 PHP における safe_mode に関する任意のファイルを書込まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002258.html
JVNDB-2008-002257 PHP におけるグローバル変数の初期化処理に関する safe_mode の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002257.html
JVNDB-2008-001970 Adobe Flash Media Server (FMS) のデフォルト設定におけるビデオコンテンツをコピーされる脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001970.html
JVNDB-2008-001607 Apache Tomcat の HttpServletResponse.sendError メソッドに関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001607.html
JVNDB-2008-001606 Apache Tomcat の RequestDispatcher に関するディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001606.html
JVNDB-2008-001420 Apache Tomcat の host-manager におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001420.html
52887 : Forte Agent Address Book XML File Handling Overflow
http://osvdb.org/show/osvdb/52887
Linux Kernel 'keyctl_join_session_keyring()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/33339
0 件のコメント:
コメントを投稿