RealSecure 7.0 Server Sensor XPU 29.041 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
Proventia Server for Linux XPU 29.041 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
Proventia M, MX Firmware 3.14 以上 / A, G, GX, MS シリーズ Firmware 1.4 以上 XPU 29.041 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
Agent Manager 6.9, Service Pack 7.140, 8.140, Proventia Desktop XPU V8.0.812.2381, V9.0.226.2381, Proventia Server for Windows 2.0.300.2381 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
Internet Scanner 7.0 SP2 XPU 7.2.68 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
SiteProtector 2.0 Database Service Pack 7.23 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
SiteProtector 2.0 Database Service Pack 7.22 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
SiteProtector 2.0 Database Service Pack 6.55 リリース
http://www.isskk.co.jp/offer/XPressUpdates_history.html
ソフトウエア等の脆弱性関連情報に関する届出状況
[2009年第1四半期(1月~3月)]
http://www.ipa.go.jp/security/vuln/report/vuln2009q1.html
Samba 3.2.11 リリース
http://us3.samba.org/samba/
JVNDB-2009-001160 JDK および JRE における Type1 フォントの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001160.html
JVNDB-2009-001159 JDK および JRE における GIF イメージの処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001159.html
JVNDB-2009-001158 JDK および JRE における PNG イメージおよび GIF イメージの処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001158.html
JVNDB-2009-001157 JDK および JRE における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001157.html
JVNDB-2009-001156 JDK および JRE におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001156.html
Solution 257408 : SUN ALERT WEEKLY SUMMARY REPORT - Week of 12-Apr-2009 to 18-Apr-2009
http://sunsolve.sun.com/search/document.do?assetkey=1-66-257408-1
Solution 257331 : Security Vulnerability in OpenSolaris SCTP Sockets May Allow Unprivileged Users to Panic the System
http://sunsolve.sun.com/search/document.do?assetkey=1-66-257331-1
Solution 256788 : Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause a Denial of Service (DoS) (Adobe Security Bulletin APSB09-04)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1
Qualys,Webアプリケーションのぜい弱性を検出するSaaS製品などを発表
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328743/?ST=security
RSA,暗号ライブラリ「RSA BSAFE」の無償版を公開
http://itpro.nikkeibp.co.jp/article/NEWS/20090421/328786/?ST=security
HP StorageWorks Storage Mirroring Bug Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022087
HP StorageWorks Storage Mirroring Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id?1022086
HP StorageWorks Storage Mirroring Grants Remote Users Access to the Target Application
http://www.securitytracker.com/id?1022085
HP Storage Essentials Secure NaviCLI Bug Grants Access to Remote Users
http://www.securitytracker.com/id?1022084
cpCommerce Input Validation Flaw in 'id_document' Lets Remote Users Inject SQL Commands
http://www.securitytracker.com/id?1022082
BlackBerry Enterprise Server Input Validation Flaw in MDS Connection Service Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022081
53801 : libmodplug src/load_med.cpp CSoundFile::ReadMed() Function MED File Handling Overflow
http://osvdb.org/show/osvdb/53801
SYM09-002 Symantec NetBackup の Communications Setup に特権昇格の脆弱性
http://www.symantec.com/region/jp/avcenter/security/content/2009.02.17.html
挙動監視モジュール(不正変更監視モジュール)に存在する脆弱性および脆弱性に対する修正プログラムの提供について
http://www.trendmicro.co.jp/support/news.asp?id=1245
DSA 1775-1 : New php-json-ext packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29045
SUSE-SA:2009:023: Mozilla Firefox 2
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29046
SUSE-SA:2009:022: Mozilla Firefox 3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29047
GLSA 200904-19: LittleCMS: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29035
GLSA 200904-18: udev: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29036
GLSA 200904-17: Adobe Reader: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29037
日立が自治体向け電子認証基盤、認証機能など切り出し可能に
http://itpro.nikkeibp.co.jp/article/NEWS/20090420/328777/?ST=security
Addonics NAS Adapter (bts.cgi) Remote DoS Exploit (post-auth)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00204.html
[security bulletin] HPSBMA02422 SSRT080146 rev.1 - HP StorageWorks Storage Mirroring, Remote Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00203.html
[security bulletin] HPSBMA02414 SSRT080185 rev.1 - HP Storage Essentials Running Secure NaviCLI, Remote Unauthorized Access, Gain Extended Privileges
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00202.html
Addendum :[TZO-09-2009] Avast bypass / evasion (Limited details)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00201.html
Windows Update (re-)installs outdated Flash ActiveX on Windows XP
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00200.html
Creasito e-commerce content manager Authentication Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00199.html
Multiple Remote Vulnerabilities--SQLi-(INSECURE-COOKIE-HANDLING)-LFI-
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00198.html
[SECURITY] [DSA 1775-1] New php-json-ext packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00192.html
Sungard Banner System XSS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00197.html
[ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00190.html
Multi-lingual E-Commerce System 0.2 Multiple Remote Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00196.html
Linksys WRT54GC - Admin Password Change (POC)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00195.html
[ GLSA 200904-18 ] udev: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00191.html
[ GLSA 200904-17 ] Adobe Reader: User-assisted execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00189.html
Cross-site Scripting vulnerability in Stronghold/2.3 Apache/1.2.6 C2NetUS/2007
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00194.html
CLAN TIGER CMS 1.1.1 (AUTH BYPASS) SQL-INJECTION
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00193.html
SUSE update for MozillaFirefox
http://secunia.com/advisories/34803/
libmodplug "CSoundFile::ReadMed()" Integer Overflow Vulnerability
http://secunia.com/advisories/34797/
Horde IMP / Groupware Webmail PGP Key Caching Vulnerability
http://secunia.com/advisories/34796/
ntop Access Log File Insecure Permissions Weakness
http://secunia.com/advisories/34793/
SUSE update for MozillaFirefox
http://secunia.com/advisories/34792/
Gentoo update for libsndfile
http://secunia.com/advisories/34791/
Gentoo update for acroread
http://secunia.com/advisories/34790/
Gentoo update for lcms
http://secunia.com/advisories/34782/
Gentoo update for udev
http://secunia.com/advisories/34771/
Tiny Blogr "txtUsername" SQL Injection
http://secunia.com/advisories/34768/
Malleo "module" Local File Inclusion Vulnerability
http://secunia.com/advisories/34766/
Enhanced CTorrent / dtorrent "btFiles::BuildFromMI()" Buffer Overflow
http://secunia.com/advisories/34752/
e-cart.biz Free Shopping Cart File Upload Vulnerability
http://secunia.com/advisories/34736/
Online Email Manager Insecure Cookie Handling Vulnerability
http://secunia.com/advisories/34717/
Phorum Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/advisories/34651/
Sun Security Update Fixes VERITAS NetBackup Security Bypass Issue
http://www.vupen.com/english/advisories/2009/1097
CTorrent "btFiles::BuildFromMI()" Function Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1093
Enhanced CTorrent "btFiles::BuildFromMI()" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1092
BlackBerry Attachment Service Multiple Memory Corruption Vulnerabilities
http://www.vupen.com/english/advisories/2009/1091
BlackBerry Enterprise Server Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1090
Apache Geronimo Cross Site Scripting and Directory Traversal Issues
http://www.vupen.com/english/advisories/2009/1089
KDE KPDF JBIG2 Processing Multiple Memory Corruption Vulnerabilities
http://www.vupen.com/english/advisories/2009/1077
Poppler Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/1076
Microsoft IAG 2007 ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34532
Malleo 'admin.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34588
e-cart 'admin/editor/image.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34590
Clantiger Clan CMS SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34589
Hot Project 'authenticate.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34593
CoolPlayer M3U File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30418
Multiple ESET Antivirus Products RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34582
Multiple BitDefender Security Products RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34580
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461
PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/33927
PHP 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33542
FFmpeg 'libavformat/4xm.c' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33502
xine-lib STTS QuickTime Atom Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34384
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
cTorrent and dTorrent Torrent File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34584
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
QuickerSite Multiple Vulnerabilities
http://www.securityfocus.com/bid/29524
Pligg 'id' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/28681
Tiny Blogr 'class.eport.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34581
libmodplug 's3m' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30801
Avast! Antivirus RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34578
eLitius 'admin/manage-admin.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34577
Apple Safari and Microsoft Windows Client-side Code Execution Vulnerability
http://www.securityfocus.com/bid/29445
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
Sun Solaris 'dircmp(1)' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/34316
Sun Solaris 'xscreensaver(1)' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34421
Online Email Manager Insecure Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34591
Online Guestbook Pro 'ogp_show.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34592
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
WebCollab 'tasks.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34576
cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
http://www.securityfocus.com/bid/33962
udev Path Encoding Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34539
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
libsndfile CAF Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33963
pam_ssh Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/34333
Microsoft Excel Malformed Object Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34413
Microsoft WordPad Word 97 Converter Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34470
Microsoft WinHTTP Integer Underflow Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34435
Microsoft Internet Explorer 'EMBED' Tag Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34424
Microsoft WordPad Text Converter Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/32718
Unspecified Fortinet Security Products Archive File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34583
CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34571
SPIP Security Bypass and Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34575
eZip Wizard Zip File Stack Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34044
Peercast.org PeerCast Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/17040
MagicISO CCD/Cue File Heap Overflow Vulnerability
http://www.securityfocus.com/bid/34574
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34185
Little CMS Monochrome Profiles Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34411
Adobe Acrobat and Reader Collab 'getIcon()' JavaScript Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34169
Adobe Acrobat and Reader PDF File Handling JBIG2 Image Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33751
Adobe Acrobat and Reader JBIG2 Image Processing Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/34229
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33990
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -01 to -06 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33598
Mozilla Firefox '_moveToEdgeShift' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34181
Mozilla Firefox XSL Parsing 'root' XML Tag Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34235
Symantec Veritas NetBackup Communication Setup Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33772
Microsoft Windows NTLM Credential Reflection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34439
Microsoft Internet Explorer Uninitialized Memory Variant One Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34423
Microsoft Internet Explorer Page Transition Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34438
RETIRED: Microsoft Windows Media Player MID File Parsing Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34534
Web Scribble Solutions webClassifieds Insecure Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34622
Groovy Media Player '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34621
SunGard Banner Student 'twbkwbis.P_SecurityQuestion' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34620
TotalCalendar 'manage_users.php' Remote Password Change Vulnerability
http://www.securityfocus.com/bid/34619
1by1 '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34618
TotalCalendar 'config.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/34617
Linksys WRT54GC 'administration.cgi' Access Validation Vulnerability
http://www.securityfocus.com/bid/34616
+ Linux Kernel CIFS 'serverDomain' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34615
e107 'usersettings.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34614
HP Storage Essentials Secure NaviCLI Unspecified Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34613
+ Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612
HP StorageWorks Storage Mirroring Software Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34611
FunGamez Local File Include and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34610
WB News Insecure Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34609
Seditio Events Plugin 'c' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34608
Addonics NAS Adapter 'bts.cgi' Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34607
Red Hat Stronghold Web Server Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34606
Creasito 'checkuser.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34605
EZ Webitor 'login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34604
WysGui 'settings.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34603
+ Linux Kernel 'inet6_hashtables.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34602
Adam Patterson Address Book 'upload-file.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34601
Multi-lingual E-Commerce System Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/34600
Flatnux Arbitrary File Upload and Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34599
Horde IMP and Groupware Webmail Cached PGP Key Spoofing Vulnerability
http://www.securityfocus.com/bid/34598
Linksys WVC54GCA Wireless-G 'SetupWizard.exe' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34596
0 件のコメント:
コメントを投稿