脆弱性対策情報データベースJVN iPediaの登録状況
[2009年第1四半期(1月~3月)]
http://www.ipa.go.jp/security/vuln/report/JVNiPedia2009q1.html
製品開発者の発信する脆弱性対策情報の自動収集の試行について
http://www.ipa.go.jp/security/vuln/jvnrss.html
54097 : CGI Rescue FORM2MAIL Unspecified Arbitrary Email Relaying
http://osvdb.org/show/osvdb/54097
54096 : CGI Rescue MiniBBS2 Unspecified Arbitrary Email Relaying
http://osvdb.org/show/osvdb/54096
54095 : CGI Rescue MiniBBS Unspecified XSS
http://osvdb.org/show/osvdb/54095
54094 : CGI Rescue Web Mailer Unspecified XSS
http://osvdb.org/show/osvdb/54094
54091 : AXIGEN Mail Server Web Interface Email Message XSS
http://osvdb.org/show/osvdb/54091
JVNDB-2009-001184 Linux kernel の sock_getsockopt 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001184.html
JVNDB-2009-001183 Linux kernel の skfp_ioctl 関数におけるドライバの統計情報をリセットされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001183.html
JVNDB-2009-001182 Linux kernel の eCryptfs サブシステムにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001182.html
JVNDB-2009-001181 Linux kernel の clone システムコールにおける親プロセスへ任意のシグナルを送信可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001181.html
JVNDB-2009-001180 Sun Solaris の dircmp スクリプトにおける競合状態の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001180.html
JVNDB-2008-001759 Mozilla Firefox/SeaMonkey における onmousedown アクションの処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001759.html
JVNDB-2008-001754 複数の Mozilla 製品の nsXMLDocument::OnChannelRedirect 関数における任意の JavaScript を実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001754.html
JVNDB-2008-001753 Mozilla Firefox の feedWriter における任意のスクリプトを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001753.html
JVNDB-2008-001752 Mozilla Firefox/SeaMonkey における URL 構文解析実装に関するスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001752.html
JVNDB-2008-001751 複数の Mozilla 製品の MathML コンポーネントにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001751.html
JVNDB-2008-001750 Mozilla Firefox におけるグラフィックレンダリングに関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001750.html
JVNDB-2008-001749 Mozilla Firefox におけるレイアウトエンジンに関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001749.html
JVNDB-2008-001748 複数の Mozilla 製品における JavaScript エンジンに関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001748.html
JVNDB-2008-001747 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001747.html
JVNDB-2008-001746 Mozilla Firefox の XPConnect コンポーネントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001746.html
JVNDB-2008-001745 複数の Mozilla 製品 の XPConnect コンポーネントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001745.html
file "cdf_read_sat()" Buffer Overflow Vulnerability
http://secunia.com/advisories/34881/
Mozilla Firefox Bug in nsTextFrame::ClearTextRun() May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Apr/1022126.html
HP OpenView Network Node Manager Unspecified Bug Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Apr/1022125.html
RHBA-2009:0448-1 caching-nameserver bug fix update
http://rhn.redhat.com/errata/RHBA-2009-0448.html
+ Linux kernel 2.6.29.2 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29.2
Troubleshooting the boot failure of a Linux virtual machine converted from a physical computer
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1010241&sliceId=1&docTypeID=DT_KB_1_1
RHSA-2009:0449-1 Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2009-0449.html
DSA 1779-1 : New apt packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29104
SSA:2009-116-01: slackware-security cups
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29102
SSA:2009-116-02: bitchx EOLed in Slackware
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29103
Photo-Rigma.BiZ: REMOTE SQL INJECTION (SQLi) VULNERABILITY-- Photo-Rigma.BiZ v30--
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29105
AID-42309 : Management User Authentication Bypass Vulnerability When Using Public Key Based SSH Authentication
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29107
MDVSA-2009:095: ghostscript
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29099
MDVSA-2009:096: MDVSA-2009:096 printer-drivers
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29100
MDVSA-2009:097: MDVSA-2009:097 clamav
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29101
[security bulletin] HPSBMA02424 SSRT080125 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00258.html
DDIVRT-2009-24 Precidia Ether232 Memory Corruption
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00256.html
[ MDVSA-2009:096-1 ] printer-drivers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00255.html
[ MDVSA-2009:098 ] krb5
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00257.html
[TZO-15-2009] Aladdin eSafe generic bypass - Forced release
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00251.html
[TZO-14-2009] Comodo Antivirus RAR evasion
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00254.html
[TZO-13-2009] Avira Antivir generic CAB evasion / bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00250.html
T209: Call for Papers 2009 (Helsinki / Finland)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00248.html
SQL INJECTION (SHELL UPLOAD)--EZ-blog Beta2-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00252.html
Remote iodinetd DoS vulnerability on Debian Lenny
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00247.html
[SECURITY] [DSA 1779-1] New apt packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00253.html
MataChat Cross-Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00249.html
[ MDVSA-2009:097 ] clamav
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00246.html
[ MDVSA-2009:097 ] clamav
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00245.html
[ MDVSA-2009:096 ] printer-drivers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00243.html
「見た目がシンプルすぎる?」マイクロソフト謹製ソフトをかたるボット
インストール画面にはスペルミスや文法上の誤り、だまされないように注意
http://itpro.nikkeibp.co.jp/article/NEWS/20090427/329263/?ST=security
CGI Rescue MiniBBS Cross-Site Scripting Vulnerability
http://secunia.com/advisories/34887/
SDP Downloader ASX Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/34883/
CGI Rescue MiniBBS2 Security Bypass Vulnerability
http://secunia.com/advisories/34875/
Debian update for apt
http://secunia.com/advisories/34874/
OrangeHRM Cross-Site Scripting and Security Bypass
http://secunia.com/advisories/34873/
Slackware bitchx Multiple Vulnerabilities
http://secunia.com/advisories/34870/
CGI Rescue FORM2MAIL Security Bypass Vulnerability
http://secunia.com/advisories/34869/
Aruba Mobility Controller Public Key SSH Authentication Security Bypass
http://secunia.com/advisories/34864/
CGI Rescue Web Mailer HTTP Header Injection Vulnerability
http://secunia.com/advisories/34862/
Fedora update for glib2
http://secunia.com/advisories/34854/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/34849/
Linksys WRT54GC "administration.cgi" Security Bypass Vulnerability
http://secunia.com/advisories/34805/
Linksys WVC54GCA Multiple Vulnerabilities
http://secunia.com/advisories/34767/
Apache ActiveMQ Web Console Script Insertion Vulnerabilities
http://secunia.com/advisories/34745/
AXIGEN Mail Server Script Insertion Vulnerability
http://secunia.com/advisories/34402/
Aruba Mobility Controller Public Key-based SSH Authentication Bug Lets Remote Users Access the System
http://securitytracker.com/alerts/2009/Apr/1022124.html
Juniper NetScreen ScreenOS Discloses Firmware Version Information to Remote Users
http://securitytracker.com/alerts/2009/Apr/1022123.html
VooDoo cIRCle Security Update Fixes OpenSSL Security Bypass Issues
http://www.vupen.com/english/advisories/2009/1175
Aruba Mobility Controller Key SSH Authentication Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/1174
Linkys WVC54GCA Security Bypass and Information Disclosure
http://www.vupen.com/english/advisories/2009/1173
Linksys WRT54GC "administration.cgi" Password Manipulation Issue
http://www.vupen.com/english/advisories/2009/1172
SDP Downloader ASX File Handling Heap Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1171
Popcorn POP3 Reponse Processing Remote Heap Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1170
Cisco ASA WebVPN Clientless Mode Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/1169
Movable Type Uspecified Data Handling Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/1168
+ HPSBUX02366 SSRT080120 rev.1 - HPUX Running useradd(1M), Local Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01539431-1
OpenAFS Error Codes Remote Denial of Service Vulnerabiliy
http://www.securityfocus.com/bid/34404
OpenAFS Unix Cache Manager Heap-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34407
FreeType Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34550
PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/33927
acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692
Multiple China-on-site.com Products Username and Password SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/32810
Invision Power Board Multiple HTML-Injection and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34725
Axigen Mail Server HTML Injection Vulnerability
http://www.securityfocus.com/bid/34716
OrangeHRM Multiple Cross Site Scripting and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/34715
HP OpenView Network Node Manager Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34738
PHP-Nuke Sections Module 'artid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/27958
SDP Downloader 'ASX' File Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34712
Zoom Player Malformed ZPL File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/27007
chuggnutt.com HTML to Plain Text Conversion Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/32799
LightBlog Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/31851
Adobe Reader 'getAnnots()' Javascript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34736
Belkin Bulldog Plus Web Service Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34033
Multiple Avira AntiVir Products CAB File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34723
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
COMTREND CT-536 and HG-536 Routers Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/32975
libvirt 'libvirt_proxy.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33724
Ghostscript Multiple Input Validation and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34184
Ghostscript 'CCITTFax' Decoding Filter Denial of Service Vulnerability
http://www.securityfocus.com/bid/34337
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
BitchX IRC MODE Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25462
BitchX Hook.C Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/24579
BitchX E_HOSTNAME Function Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/26326
Scorpio Framework 'baseAdminSite' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34702
Absolute Form Processor XE 'userid' Parameter Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34706
Pragyan CMS Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34707
Photo-Rigma.BiZ SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34709
Aruba Mobility Controller Public Key Based SSH Authentication Security Bypass Vulnerability
http://www.securityfocus.com/bid/34711
Juniper Networks ScreenOS 'about.html' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34710
PuterJam's Blog PJBlog3 'action.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34701
Popcorn POP3 Response Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34699
Home Web Server Graphical User Interface Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34698
OCS Inventory NG Server Prior to 1.02 Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/34694
CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34571
CUPS Insufficient 'Host' Header Validation Weakness
http://www.securityfocus.com/bid/34665
FormShield 'CAPTCHA' Replay Security Bypass Vulnerability
http://www.securityfocus.com/bid/34708
Movable Type Prior to Version 4.25 Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/34703
RETIRED: Absolute File Send .Net Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/32002
SunGard Banner Student 'twbkwbis.P_SecurityQuestion' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34620
CS Whois Lookup 'ip' Parameter Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/34700
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
RealNetworks RealPlayer MP3 File Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34719
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/32608
CGI Rescue FORM2MAIL and MiniBBS2 Security Bypass Vulnerability
http://www.securityfocus.com/bid/34717
CGI Rescue MiniBBS Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34718
Linksys WVC54GCA Wireless-G Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34714
Linksys WVC54GCA Wireless-G 'adm/file.cgi' Multiple Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/34713
Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability
http://www.securityfocus.com/bid/33837
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656
Debian apt Repository Signature Verification Vulnerability
http://www.securityfocus.com/bid/34630
Multiple Samsung Devices SMS Provisioning Messages Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34705
Mozilla Firefox 'nsTextFrame::ClearTextRun()' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34743
Multiple Precidia Devices Unspecified Memory Corruption and Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/34742
Thickbox Gallery 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34741
Adobe Reader 'spell.customDictionaryOpen()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34740
IceWarp Merak Mail Server 'Base64FileEncode()' Stack-Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34739
Comodo Internet Security RAR File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34737
Multiple Teraway Products Unauthorized Access and Cookie Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/34735
Flatchat 'pmscript.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34734
ECShop 'user.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34733
Dew-NewPHPLinks 'index.php' Local File Include and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34732
iodine 'iodined' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34731
LightBlog PHP Code Injection And Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/34730
EZ-Blog 'public/specific.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34729
Aladdin eSafe Unspecified Archive File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34726
OpenCart 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34724
MataChat 'input.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34722
DWebPro Directory Traversal Vulnerability and Arbitrary File Disclosure Vulnerability
http://www.securityfocus.com/bid/34721
Destiny Media Player '.rdl' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34720
0 件のコメント:
コメントを投稿