Solution 250826 : Security Vulnerability in OpenSSL due to Improper Usage of Signature
http://sunsolve.sun.com/search/document.do?assetkey=1-66-250826-1
Solution 255848 : A Security Vulnerability in the Sun Java System Directory Server May Allow Users to Probe for Filenames and View Limited Content of Files
http://sunsolve.sun.com/search/document.do?assetkey=1-66-255848-1
Microsoft,次期セキュリティ製品「Forefront 2.0」のリリースを延期
http://itpro.nikkeibp.co.jp/article/NEWS/20090416/328556/?ST=security
「車名で検索したら偽ソフト」――キーワードの“乗っ取り”相次ぐ
悪質リンクが100万件以上、SEOを駆使して偽ソフト配布サイトへ誘導
http://itpro.nikkeibp.co.jp/article/NEWS/20090416/328514/?ST=security
WindowsやOfficeなどに危険な脆弱性が多数、すぐにパッチの適用を
「緊急」が5件、Excelやワードパッドの「ゼロデイ脆弱性」にも対応
http://itpro.nikkeibp.co.jp/article/NEWS/20090416/328513/?ST=security
JVNTA09-105A Oracle 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-105A/
JVNTA09-104A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-104A/index.html
JVN#82744714 LovPop.net 製 apricot.php におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN82744714/index.html
JVNDB-2009-000019 LovPop.net 製 apricot.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000019.html
JVNDB-2009-001146 Linux kernel のコンソール選択機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001146.html
JVNDB-2009-001145 HP-UX VRTSodm および VRTSvxfs における root 権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001145.html
JVNDB-2009-001144 IBM WebSphere Application Server における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001144.html
JVNDB-2009-001143 libvirt の proxyReadClientSocket 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001143.html
JVNDB-2008-002307 libvirt におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002307.html
Fedora update for pam
http://secunia.com/advisories/34733/
Red Hat update for ghostscript
http://secunia.com/advisories/34732/
PostgreSQL 8.4 Beta 1 Released
http://www.postgresql.org/about/news.1074
About Patch 3 for SRM 1.0 Update 1
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010053&sliceId=1&docTypeID=DT_KB_1_1
Minimum firmware requirement for a NetXen card
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010040&sliceId=1&docTypeID=DT_KB_1_1
+ RHEA-2009:0422-1 tzdata enhancement update
http://rhn.redhat.com/errata/RHEA-2009-0422.html
Excel-SA-04/15/2009: Microsoft Office Excel Remote Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28981
SEC Consult SA-20090415-0: Multiple Vulnerabilities in Novell Teaming
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28986
DivX-SA-04/15/2009: DivX Web Player Stream Format Chunk Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28982
SAP-SA-04/15/2009: SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28983
Oracle-SA-04/15/2009: Oracle BEA WebLogic Server Plug-ins Integer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28984
Oracle-SA-04/15/2009: Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28985
USN-757-1: Ghostscript vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28972
DSECRG-09-037: abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28988
GLSA 200904-13: Ventrilo: Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28978
GLSA 200904-14: F-PROT Antivirus: Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28979
iDefense Security Advisory 04.14.09: Microsoft Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28977
Zervit-SA-04/14/2009: Zervit Webserver Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=28989
IBM AIX muxatmd Buffer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=784
US-CERT Technical Cyber Security Alert TA09-105A -- Oracle Updates for Multiple Vuln
http://www.derkeiler.com/Mailing-Lists/Cert/2009-04/msg00001.html
[USN-758-1] udev vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00146.html
XSS with mod_perl perl_status utility
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00145.html
[USN-757-1] Ghostscript vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00138.html
SEC Consult SA-20090415-1 :: Nortel Application Gateway 2000 Password Disclosure Vulnerabili
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00144.html
SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell Teaming
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00142.html
Secunia Research: Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00143.html
Secunia Research: Oracle BEA WebLogic Server Plug-ins Integer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00139.html
Secunia Research: SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00137.html
Secunia Research: DivX Web Player Stream Format Chunk Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00140.html
HITBSecConf2009 - Malaysia: Call for Papers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00141.html
Microsoft Office Excel Remote Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00136.html
Zervit Webserver Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00135.html
53680 : SAP GUI (sapgui) KWEdit ActiveX (KWEDIT.DLL) SaveDocumentAs() Method Arbitrary File Write
http://osvdb.org/show/osvdb/53680
Vulnerability Note VU#789121 Microsoft Whale Intelligent Application Gateway Whale Client Components ActiveX control stack buffer overflows
http://www.kb.cert.org/vuls/id/789121
Fedora update for pam
http://secunia.com/advisories/34733/
Red Hat update for ghostscript
http://secunia.com/advisories/34732/
Oracle BEA WebLogic Portal Privilege Escalation
http://secunia.com/advisories/34730/
Linux-PAM Minimum Password Age Security Bypass Weakness
http://secunia.com/advisories/34728/
phpMyAdmin Setup Script PHP Code Injection Vulnerability
http://secunia.com/advisories/34727/
Red Hat update for ghostscript
http://secunia.com/advisories/34726/
GuestCal "lang" Local File Inclusion Vulnerability
http://secunia.com/advisories/34721/
Aqua CMS SQL Injection Vulnerabilities
http://secunia.com/advisories/34720/
Mini-stream Shadow Stream Recorder Playlist Processing Buffer Overflow
http://secunia.com/advisories/34719/
@Mail Email Body Script Insertion Vulnerability
http://secunia.com/advisories/34704/
Gentoo f-prot Corrupt ELF Headers Denial of Service
http://secunia.com/advisories/34700/
Gentoo update for ventrilo-server-bin
http://secunia.com/advisories/34696/
Nortel Application Gateway 2000 Password Disclosure Vulnerability
http://secunia.com/advisories/34695/
Oracle Products Multiple Vulnerabilities
http://secunia.com/advisories/34693/
FreznoShop "id" SQL Injection Vulnerability
http://secunia.com/advisories/34691/
SABnzbd Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/34537/
WikkaWiki Multiple Vulnerabilities
http://secunia.com/advisories/34321/
Oracle BEA WebLogic Products Multiple Vulnerabilities
http://secunia.com/advisories/34074/
Zazzle Store Builder "gridPage" and "gridSort" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/34009/
DivX Web Player Stream Format Chunk Buffer Overflow
http://secunia.com/advisories/33196/
SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method
http://secunia.com/advisories/32869/
Nortel Application Gateway 2000 Discloses Passwords to Remote Users
http://www.securitytracker.com/id?1022064
Novell Teaming Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022063
SAP GUI KWEdit ActiveX Control Lets Remote Users Modify Files
http://www.securitytracker.com/id?1022062
DivX Web Player Heap Overflow in Processing Stream Format Chunks Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022061
IBM Tivoli Continuous Data Protection for Files Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022060
DivX Web Player Stream Format Chunk Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1044
SAP GUI KWEdit ActiveX Control Insecure Method Vulnerability
http://www.vupen.com/english/advisories/2009/1043
Oracle and BEA Products Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/1042
Xoops Glossary Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/7356
Mini-stream Software RM-MP3 Converter '.pls' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34514
F-PROT Antivirus for Linux ELF File Scanning Denial of Service Vulnerability
http://www.securityfocus.com/bid/32753
Redaxscript 'language' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/34476
GNU screen Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/34521
Ventrilo 'type 0' Packet NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/30675
OpenBSD PF Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34482
Multiple Mini-stream Software Products '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34494
Steamcast Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/33898
Podcast Generator 'core/admin/delete.php' Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/34317
Turnkey eBook Store 'keywords' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34324
TeX Live '.bib' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34509
GraphicsMagick Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/29583
NanoCMS '/data/pagesdata.txt' Password Hash Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34508
Sun Solaris Kerberos Incremental Propagation Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34139
Avaya SIP Enablement Services (SES) Server Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/28687
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Ghostscript 'gdevpdtb.c' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34340
Ghostscript 'jbig2dec' JBIG2 Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34445
Ghostscript 'CCITTFax' Decoding Filter Denial of Service Vulnerability
http://www.securityfocus.com/bid/34337
PHP Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/30649
PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31612
PHP ZipArchive::extractTo() '.zip' Files Directory Traversal Vulnerability
http://www.securityfocus.com/bid/32625
PHP 'mbstring' Extension Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32948
PHP 'imageRotate()' Uninitialized Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33002
PHP 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33542
PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/33927
ClamAV Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34357
Develop It Easy Event Calendar Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/32148
- Microsoft WordPad Word 97 Converter Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34470
http://www.microsoft.com/technet/security/Bulletin/MS09-010.mspx
- Microsoft Excel Malformed Object Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34413
http://www.microsoft.com/technet/security/Bulletin/MS09-009.mspx
- Microsoft WinHTTP Integer Underflow Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34435
http://www.microsoft.com/technet/security/Bulletin/MS09-013.mspx
- Microsoft IAG 2007 ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34532
- Microsoft Windows Media Player MID File Parsing Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34534
osCommerce 'oscid' Session Fixation Vulnerability
http://www.securityfocus.com/bid/34348
RETIRED: osCommerce 'create_account.php' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/31209
Banshee DAAP Extension 'apps/web/vs_diag.cgi' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34507
LightNEasy Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/28801
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
VMware Hosted Products VMSA-2009-0005 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34373
ASP Product Catalog 'search.asp' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34504
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461
BulletProof FTP Client '.bps' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33024
TorK Multiple Privoxy Insecure Default Configuration Vulnerabilities
http://www.securityfocus.com/bid/26386
Multiple HTTP Proxy HTTP Host Header Incorrect Relay Behavior Vulnerability
http://www.securityfocus.com/bid/33858
LinPHA Prior to 1.3.4 Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34500
Multiple XEngineSoft Products Login Parameters Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34493
ClamAV Prior to 0.95.1 Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34446
FreznoShop 'product_details.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34496
Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34383
Liferay Portal Login Script Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/26470
Liferay Portal Forgot-Password Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/26606
e107 User Journals Plugin 'userjournals.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34495
Yellow Duck Weblog 'include/languages/check.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34492
PGP Desktop 'pgpdisk.sys' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34490
Retired: Revista Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34505
People-Trak Login SQL Injection Vulnerability
http://www.securityfocus.com/bid/34491
X10Media Automatic MP3 Search Engine 'admin/admin.php' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34489
Access Analyzer CGI Unspecified Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34315
PrecisionID Data Matrix Barcode ActiveX Control Multiple Arbitrary File Overwrite Vulnerabilities
http://www.securityfocus.com/bid/34322
Nortel Networks Communication Server 1000 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/28691
Maya Studio eo-video Playlist File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30717
PGP Desktop 'PGPwded.sys' Local Code Execution Vulnerability
http://www.securityfocus.com/bid/32991
Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/33492
Horde Turba Contact Manager '/imp/test.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/31168
HTML Email Creator HTML Tags Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34487
SilverStripe 'filename' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34485
Flatnuke 'level' Parameter Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34486
Fortinet FortiClient VPN Connection Name Local Format String Vulnerability
http://www.securityfocus.com/bid/34343
FreeBSD netgraph and bluetooth Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/32976
Mozilla Firefox XSL Parsing 'root' XML Tag Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34235
Mozilla Firefox XUL Parser Start Tags Denial of Service Vulnerability
http://www.securityfocus.com/bid/34522
Nortel Application Gateway 2000 'adminDownloads.htm' Password Disclosure Vulnerability
http://www.securityfocus.com/bid/34520
Mozilla Firefox '_moveToEdgeShift' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34181
Adobe Acrobat and Reader JBIG2 Image Processing Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/34229
Adobe Acrobat and Reader 8.1.2 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/32100
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33751
Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34169
Adobe Reader Unspecified Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/29420
IBM Proventia RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34345
IBM Tivoli Continuous Data Protection for Files Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34513
Apple Safari and Microsoft Windows Client-side Code Execution Vulnerability
http://www.securityfocus.com/bid/29445
CCK Comment Reference Edit Form HTML Injection Vulnerability
http://www.securityfocus.com/bid/34547
Localization Client Drupal Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/34546
Drupal Printer, e-mail and PDF versions Module Content Title HTML Injection Vulnerability
http://www.securityfocus.com/bid/34545
IBM AIX 'usr/sbin/muxatmd' Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34543
udev Path Encoding Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34539
FreeWebShop 'startmodules.inc.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34538
Job2C 'adtype' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34537
udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536
Job2C Profile Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34535
Novell Teaming User Enumeration Weakness and Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34531
Zervit 'http.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34530
@Mail and @Mail WebMail Email Body HTML Injection Vulnerability
http://www.securityfocus.com/bid/34529
WikkaWiki Security Bypass Vulnerability
http://www.securityfocus.com/bid/34528
Zazzle Store Builder Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34525
SAP AG SAPgui KWEdit ActiveX Control Insecure Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34524
DivX Web Player 'STRF' Chunk Processing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34523
HITBSecConf2009 - Malaysia: Call for Papers
http://www.securityfocus.com/archive/82/502703/30/0/flat
0 件のコメント:
コメントを投稿