http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-80.html
ウイルスバスター2008 の Microsoft Windows Vista Service Pack 2 への対応について
http://www.trendmicro.co.jp/support/news.asp?id=1247
Trend Micro InterScan Web Security Virtual Appliance 3.1 公開とサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1197
ゴールデンウィーク期間の問合せ窓口体制
http://www.trendmicro.co.jp/support/news.asp?id=1243
「プレステ3」での詐欺・有害サイト閲覧を防止、トレンドが提供開始
それぞれ年額1980円で提供、システムソフトのアップデートが必要
http://itpro.nikkeibp.co.jp/article/NEWS/20090427/329203/?ST=security
ウイルスプログラムに「ハムレット」の一節、狙いは対策ソフトの回避
作者はシェイクスピアのファン? テキストの挿入で“特徴”を変える
http://itpro.nikkeibp.co.jp/article/NEWS/20090427/329204/?ST=security
JVN#28020230 CGI RESCUE 製 Webメーラーにおける HTTP ヘッダインジェクションの脆弱性
http://jvn.jp/jp/JVN28020230/index.html
JVN#76370393 CGI RESCUE 製フォームメールにおけるメールの不正送信が可能な脆弱性
http://jvn.jp/jp/JVN76370393/index.html
JVN#11396739 CGI RESCUE 製簡易BBS におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN11396739/index.html
JVN#36982346 CGI RESCUE 製簡易BBS22 におけるメールの不正送信が可能な脆弱性
http://jvn.jp/jp/JVN36982346/index.html
JVNDB-2009-000024 CGI RESCUE 製 Webメーラーにおける HTTP ヘッダインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000024.html
JVNDB-2009-000023 CGI RESCUE 製フォームメールにおけるメールの不正送信が可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000023.html
JVNDB-2009-000022 CGI RESCUE 製簡易BBS におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000022.html
JVNDB-2009-000021 CGI RESCUE 製簡易BBS22 におけるメールの不正送信が可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000021.html
JVNDB-2009-001179 IBM WebSphere Application Server (WAS) の Web Services Security コンポーネントにおける XML デジタル署名仕様に関連した脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001179.html
JVNDB-2009-001178 IBM WebSphere Application Server (WAS) におけるファイル改ざんが可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001178.html
JVNDB-2009-001177 IBM WebSphere Application Server (WAS) における UsernameToken オブジェクトに関連する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001177.html
JVNDB-2009-001176 IBM WebSphere Application Server (WAS) の administrative console におけるセッションハイジャックの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001176.html
JVNDB-2009-001175 Symantec Veritas NetBackup Server / Enterprise Server の Veritas network daemon における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001175.html
JVNDB-2008-001567 Mozilla Firefox における任意のローカルファイルを読み取られる脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001567.html
JVNDB-2008-001566 複数の Mozilla 製品の CSSValue 配列データ構造に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001566.html
JVNDB-2008-001511 複数の Mozilla 製品における偽サイトの SSL 証明書を受け入れてしまう脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001511.html
JVNDB-2008-001510 Mozilla Firefox/SeaMonkey の file:// URL におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001510.html
JVNDB-2008-001509 Mozilla Firefox/SeaMonkey の .properties ファイルに関するメモリ領域の情報が漏えいする脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001509.html
JVNDB-2008-001507 Mozilla Firefox/SeaMonkey における任意のローカルファイルのアップロードを強制される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001507.html
JVNDB-2008-001506 Mozilla Firefox/SeaMonkey の JAR 署名処理における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001506.html
JVNDB-2008-001493 Mozilla Firefox/SeaMonkey の同一生成元ポリシーを回避されることによるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001493.html
JVNDB-2008-001492 複数の Mozilla 製品の画像処理における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001492.html
JVNDB-2008-001491 複数の Mozilla 製品の mozIJSSubScriptLoader.LoadScript() 関数における任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001491.html
JVNDB-2008-001490 複数の Mozilla 製品の XUL ドキュメント処理における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001490.html
+ MySQL Community Server 5.0.81 released
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-81.html
The latest snapshot for the stable Linux kernel tree is: 2.6.30-rc3-git1
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=summary
FreeBSD 7.2-RC1 Available
http://lists.freebsd.org/pipermail/freebsd-stable/2009-April/049464.html
Disk or diskgroup cannot be imported as a cluster disk group because it is not on a shared bus.
http://seer.entsupport.symantec.com/docs/323692.htm
NTP 4.2.5p167 Development release
http://archive.ntp.org/ntp4/ChangeLog-dev
MSL-2009-001: Samsung Missing Provisioning Authentication
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29095
CVE-2009-1190: Spring Framework Remote Denial of Service Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29096
Pragyan CMS: Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29098
SUSE-SA:2009:026: glib2
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29091
GLSA 200904-20: CUPS: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29094
RHSA-2009:0445-01: Critical: java-1.4.2-ibm security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29092
- RHSA-2009:0446-01: Important: mod_jk security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29093
Insider Threat Workshop
http://www.sei.cmu.edu/products/courses/p76.html
[ MDVSA-2009:096 ] printer-drivers
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29093
[ MDVSA-2009:095 ] ghostscript
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00241.html
Aruba Advisory ID: AID-42309 Management User Authentication Bypass Vulnerability When Using Publ
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00244.html
Juniper Advisory
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00240.html
MSL-2009-001 - Samsung Missing Provisioning Authentication
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00242.html
REMOTE SQL INJECTION (SQLi) VULNERABILITY--Photo-Rigma.BiZ v30-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00239.html
Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00238.html
Formshield Captcha - Older Version vulnerable to replay attacks
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00236.html
CVE-2009-1190: Spring Framework Remote Denial of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00235.html
WOOT09 call for papers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00234.html
[ GLSA 200904-20 ] CUPS: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00233.html
Google Chrome "ChromeHTML" URI Handler Vulnerability
http://secunia.com/advisories/34900/
CS DNS Lookup "ip" Command Injection Vulnerability
http://secunia.com/advisories/34899/
PJBlog3 "action.asp" SQL Injection Vulnerability
http://secunia.com/advisories/34897/
Spring Framework Regular Expressions Denial of Service Vulnerability
http://secunia.com/advisories/34892/
Gentoo update for cups
http://secunia.com/advisories/34891/
SUSE update for glib2
http://secunia.com/advisories/34890/
Red Hat update for java-1.4.2-ibm
http://secunia.com/advisories/34889/
Scorpio Framework "baseAdminSite" View Action Security Bypass
http://secunia.com/advisories/34888/
Movable Type Cross-Site Scripting Vulnerability
http://secunia.com/advisories/34886/
Symantec Brightmail Gateway Control Center Multiple Vulnerabilities
http://secunia.com/advisories/34885/
CS Whois Lookup "ip" Command Injection Vulnerability
http://secunia.com/advisories/34884/
DirectAdmin Database Backup and Restore Vulnerabilities // 229 views
http://secunia.com/advisories/34861/
Cisco ASA Input Validation Flaw in Clientless SSL VPN Feature Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Apr/1022122.html
Movable Type Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022121
Symantec Ghost EasySetup Wizard Lets Remote Users Deny Service
http://www.securitytracker.com/id?1022120
Google Chrome "ChromeHTML" URI Information Vulnerability
http://www.vupen.com/english/advisories/2009/1160
Debian apt Repository Signature Verification Vulnerability
http://www.securityfocus.com/bid/34630
Recover Data for Novell Netware '.SAV' File Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34693
FOWLCMS Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34690
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
SAP AG SAPgui KWEdit ActiveX Control Insecure Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34524
X10Media Automatic MP3 Search Engine 'admin/admin.php' Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34489
AbleSpace Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34512
HP Deskjet 6840 'refresh_rate.htm' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34480
ClamAV RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34344
Linksys WVC54GCA Wireless-G Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34714
ClamAV Prior to 0.95.1 Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34446
ClamAV Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34357
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Ghostscript 'CCITTFax' Decoding Filter Denial of Service Vulnerability
http://www.securityfocus.com/bid/34337
Ghostscript 'gdevpdtb.c' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34340
Ghostscript 'jbig2dec' JBIG2 Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34445
TYPO3 JobControl Extension Unspecified Cross-Site Scripting and SQL-Injection Vulnerabilities
http://www.securityfocus.com/bid/29828
TYPO3 CoolURI Extension SQL Injection Vulnerability
http://www.securityfocus.com/bid/29821
TYPO3 DCD GoogleMap Extension Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/29815
TYPO3 nepa-design.de Spam Protection Extension Unspecified Setting Manipulation Vulnerability
http://www.securityfocus.com/bid/29833
Mod_Perl Path_Info Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/23192
acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692
Acritum Femitter Server Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/34689
Flat Calendar 'add.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34688
aMule 'wxExecute()' Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/34683
Mani's Admin Plugin Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34685
RSMonials Joomla! Component Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/34684
Multiple Samsung Devices SMS Provisioning Messages Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34705
Xitami HTTP Server Multiple Socket HEAD Request Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34681
WebPortal CMS Multiple Remote and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/34687
New5starRating 'admin/control_panel_sample.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34680
Mahara User Profile Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34677
Elkagroup Image Gallery 'upload.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/34679
010 Editor File Parsing Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34662
Plone PlonePAS Unspecified Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34664
Microsoft Internet Explorer File Download Denial of Service Vulnerability
http://www.securityfocus.com/bid/34478
Google Chrome 'chromehtml:' Protocol Handler Same Origin Policy Bypass Vulnerability
http://www.securityfocus.com/bid/34704
Cisco ASA Appliance WebVPN Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34307
CS Whois Lookup 'ip' Parameter Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/34700
DSP Downloader 'ASX' File Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34712
Aruba Mobility Controller Public Key Based SSH Authentication Security Bypass Vulnerability
http://www.securityfocus.com/bid/34711
+ Juniper Networks ScreenOS 'about.html' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34710
Photo-Rigma.BiZ SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34709
FormShield 'CAPTCHA' Replay Security Bypass Vulnerability
http://www.securityfocus.com/bid/34708
Pragyan CMS Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34707
Absolute Form Processor XE 'userid' Parameter Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34706
PuterJam's Blog PJBlog3 'action.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34701
0 件のコメント:
コメントを投稿