The latest prepatch for the stable Linux kernel tree is: 2.6.30-rc4
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.30-rc4
「ゼロデイ攻撃を防御、パターン不要」――純国産の対策ソフト発表
フォティーンフォティ技術研究所が開発、振る舞いからウイルスを検出
http://itpro.nikkeibp.co.jp/article/NEWS/20090430/329335/?ST=security
「豚インフルエンザ」便乗の迷惑メール出現、“便乗ドメイン”も続々
バイアグラの販売サイトなどに誘導、悪質サイトが出現する恐れもある
http://itpro.nikkeibp.co.jp/article/NEWS/20090430/329314/?ST=security
JVNDB-2009-001186 IBM DB2 における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001186.html
JVNDB-2009-001185 Microsoft Office PowerPoint に任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001185.html
JVNDB-2008-001954 Windows 上で動作する Mozilla Firefox/SeaMonkey における .url ショートカットファイルに関する同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001954.html
JVNDB-2008-001953 Mozilla Firefox における file: URI にクローム特権を割り当てる脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001953.html
JVNDB-2008-001952 複数の Mozilla 製品における Canvas 要素と HTTP リダイレクト処理に関する同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001952.html
JVNDB-2008-001949 Mozilla Firefox/SeaMonkey における Flash モジュールのチェックに関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001949.html
JVNDB-2008-001948 複数の Mozilla 製品における window.__proto__.__proto__ オブジェクトの改ざんに関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001948.html
JVNDB-2008-001782 Mozilla Thunderbird/SeaMonkey における news 記事のヘッダ処理に関するヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001782.html
JVNDB-2008-001760 Mozilla Firefox/SeaMonkey における XBM イメージファイルの処理に関する情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001760.html
JVNDB-2008-001758 複数の Mozilla 製品におけるディレクトリトラバーサルシーケンスの処理に関するディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001758.html
JVNDB-2008-001757 Linux 上の複数の Mozilla 製品における ".." 文字および URL エンコードされた "/" 文字の処理に関するディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001757.html
JVNDB-2008-001756 Mozilla Firefox における下位サロゲート文字の処理に関するクロスサイトスクリプティング防止機構を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001756.html
JVNDB-2008-001755 複数の Mozilla 製品における BOM 文字の処理に関するクロスサイトスクリプティング防止機構を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001755.html
54130 : Adobe Reader for Linux getAnnots() JavaScript Method PDF Handling Memory Corruption
http://osvdb.org/show/osvdb/54130
54129 : Adobe Reader for Linux customDictionaryOpen() JavaScript Method PDF Handling Memory
http://osvdb.org/show/osvdb/54129
54128 : WebSPELL picture.php id Parameter Traversal Arbitrary File Access
http://osvdb.org/show/osvdb/54128
54127 : Memcached / MemcacheDB stats maps Command Remote Information Disclosure
http://osvdb.org/show/osvdb/54127
54126 : @mail webadmin/admin.php Multiple Parameter XSS
http://osvdb.org/show/osvdb/54126
JBC Explorer Auth.Inc.PHP Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/26332
HPSBMA02400 SSRT080144 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01646081-2
+ Solution 241646 : Security Vulnerability in GNU tar May Lead to Arbitrary Code Execution or Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-241646-1
+ Solution 257708 : Security Vulnerabilities in DTrace (dtrace(1M)) ioctl(2) Handlers May Lead to a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-257708-1
- RHSA-2009:0451-2 Important: kernel-rt security and bug fix update
https://rhn.redhat.com/errata/RHSA-2009-0451.html
+ Linux Kernel Bug in exit_notify() Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Apr/1022141.html
+ Multiple Trend Micro Products RAR/ZIP/CAB Files Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34763
Postfix 2.7 Snapshot 20090428
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.7-20090428.HISTORY
Rakudo Perl 6 development release #16
http://use.perl.org/articles/09/04/29/1649217.shtml
DBD::Oracle 1.23 released
http://www.cpan.org/modules/by-module/DBD/DBD-Oracle-1.23.readme
NTP 4.2.4p7-RC4 released
http://archive.ntp.org/ntp4/ChangeLog-stable-rc
NTP 4.2.5p168 development released
http://archive.ntp.org/ntp4/ChangeLog-dev
Solution 257868 : SUN ALERT WEEKLY SUMMARY REPORT - Week of 19-Apr-2009 to 25-Apr-2009
http://sunsolve.sun.com/search/document.do?assetkey=1-66-257868-1
Cross-Site Scripting Vulnerability in Citrix Web Interface
http://support.citrix.com/article/CTX120697
Security Update to Citrix License Server
http://support.citrix.com/article/CTX120742
DSA 1781-1: New ffmpeg-debian packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29127
DSA 1782-1: New mplayer packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29128
DSA 1783-1: New mysql-dfsg-5.0 packages fix multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29129
RHSA-2009:0451-02: Important: kernel-rt security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29130
SEC Consult Security Advisory <>: Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29134
SSA:2009-118-01: mozilla-firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29125
Vendor Security Advisories
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29136
TZO-17-2009: Trendmicro multiple bypass/evasions
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29137
Addendum: TZO-17-2009: Trendmicro multiple bypass/evasions
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29138
DSA 1780-1: New libdbd-pg-perl packages fix potential code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29126
HPSBUX02366 SSRT080120 rev.1: HPUX Running useradd(1M), Local Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29139
iDefense Security Advisory 04.28.09: TIBCO SmartSockets Stack Buffer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29132
MIM:InfiniX-SA-04/28/2009: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29140
MDVSA-2009:101: xpdf
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29124
Positron Security Advisory #2009-001: Memcached and MemcacheDB ASLR Bypass Weakness
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29133
OpenView-SA-04/28/2009: HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29119
Errata: TZO-13-2009: Avira Antivir generic CAB evasion / bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29131
ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29135
DDIVRT-2009-24: Precidia Ether232 Memory Corruption
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29118
HPSBMA02424 SSRT080125 rev.1: HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29120
EZ-blog-SA-04/27/2009: SQL INJECTION (SHELL UPLOAD)--EZ-blog Beta2-->
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29123
MDVSA-2009:098: krb5
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29108
MDVSA-2009:099: openafs
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29109
RHSA-2009:0449-01: Critical: firefox security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29113
TZO-13-2009: Avira Antivir generic CAB evasion / bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29114
TZO-14-2009: Comodo Antivirus RAR evasion
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29115
TZO-15-2009: Aladdin eSafe generic bypass - Forced release
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29116
USN-761-2: PHP vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29110
USN-766-1: acpid vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29111
USN-767-1: FreeType vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29112
人間を使う「画像認証」破りサービス、1000件当たり1ドルで解読
もはや一つのビジネス、Googleのスポンサーリンクにも表示
http://itpro.nikkeibp.co.jp/article/NEWS/20090428/329293/?ST=security
PUBLIC ADVISORY: 04.29.09 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786
PUBLIC ADVISORY: 04.28.09 TIBCO SmartSockets Stack Buffer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=785
[security bulletin] HPSBMA02400 SSRT080144 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00289.html
iDefense Security Advisory 04.29.09: Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00283.html
SQL INJECTION (SQLi) VULNERABILITY--ProjectCMS v1.0 Beta Final-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00286.html
Addendum: [TZO-17-2009]Trendmicro multiple bypass/evasions
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00284.html
[TZO-17-2009]Trendmicro multiple bypass/evasions
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00288.html
[TZO-16-2009] Nod32 CAB bypass/evasion
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00287.html
Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00282.html
[SECURITY] [DSA 1783-1] New mysql-dfsg-5.0 packages fix multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00281.html
[SECURITY] [DSA 1782-1] New mplayer packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00280.html
[SECURITY] [DSA 1781-1] New ffmpeg-debian packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00278.html
[ MDVA-2009:057 ] usermode
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00277.html
[ MDVSA-2009:101 ] xpdf
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00276.html
ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00285.html
Positron Security Advisory #2009-001: Memcached and MemcacheDB ASLR Bypass Weakness
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00279.html
iDefense Security Advisory 04.28.09: TIBCO SmartSockets Stack Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00273.html
[USN-765-1] Firefox and Xulrunner vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00272.html
[SECURITY] [DSA 1780-1] New libdbd-pg-perl packages fix potential code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00275.html
Errata: [TZO-13-2009] Avira Antivir generic CAB evasion / bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00261.html
MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00270.html
one shot remote root for linux?
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00269.html
[security bulletin] HPSBUX02366 SSRT080120 rev.1 - HPUX Running useradd(1M), Local Unauthorized
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00262.html
security tools list
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00263.html
Secunia Research: HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00264.html
[ MDVSA-2009:099 ] openafs
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00259.html
[USN-767-1] FreeType vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00266.html
[USN-766-1] acpid vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00271.html
[USN-761-2] PHP vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-04/msg00267.html
RHBA-2009:0454-1 hts bug fix update
http://rhn.redhat.com/errata/RHBA-2009-0454.html
Vulnerability Note VU#970180 Adobe Reader and Acrobat customDictionaryOpen() and getAnnots() JavaScript vulnerabilities
http://www.kb.cert.org/vuls/id/970180
Citrix Licensing License Server Unspecified Vulnerabilities
http://secunia.com/advisories/34937/
+ Symantec Log Viewer Script Insertion Vulnerabilities
http://secunia.com/advisories/34936/
+ Symantec Products Reporting Server URL Handling Weakness
http://secunia.com/advisories/34935/
Ubuntu update for php5
http://secunia.com/advisories/34933/
MemcacheDB "stats maps" Information Disclosure Weakness
http://secunia.com/advisories/34932/
HP-UX "useradd" Unauthorised Access
http://secunia.com/advisories/34931/
LevelOne AMG-2000 Proxy "Host:" Security Bypass
http://secunia.com/advisories/34926/
WebSPELL "picture.php" Information Disclosure
http://secunia.com/advisories/34921/
Red Hat update for kernel-rt
http://secunia.com/advisories/34917/
memcached "'stats maps" Information Disclosure Weakness
http://secunia.com/advisories/34915/
TIBCO SmartSockets Buffer Overflow Vulnerability
http://secunia.com/advisories/34911/
Ubuntu update for firefox-3.0 and xulrunner-1.9
http://secunia.com/advisories/34910/
Debian update for ffmpeg
http://secunia.com/advisories/34905/
Citrix Web Interface Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/34868/
+ Symantec Products Alert Management System 2 Multiple Vulnerabilities
http://secunia.com/advisories/34856/
Slackware update for mozilla-firefox
http://secunia.com/advisories/34851/
Debian update for mplayer
http://secunia.com/advisories/34845/
Sun Solaris DTrace ioctl Handlers Denial of Service
http://secunia.com/advisories/34836/
@mail "admin.php" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/34403/
Fedora update for libmodplug
http://secunia.com/advisories/34930/
Fedora update for prewikka
http://secunia.com/advisories/34928/
libmodplug "PATinst()" Buffer Overflow Vulnerability
http://secunia.com/advisories/34927/
Adobe Reader for Linux JavaScript Methods Memory Corruption
http://secunia.com/advisories/34924/
MataChat "nickname" and "color" Script Insertion Vulnerabilities
http://secunia.com/advisories/34922/
Red Hat update for firefox
http://secunia.com/advisories/34919/
Citrix Web Interface Input Validation Hole Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022145
Citrix License Server Unspecified Bugs in Licensing Management Console Have Unspecified Impact
http://www.securitytracker.com/id?1022144
Solaris DTrace ioctl Hanlder Flaws Let Local Users Deny Service
http://www.securitytracker.com/id?1022143
Linux Kernel Bug in exit_notify() Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id?1022141
memcached Discloses Application Memory Contents and Information to Remote Users
http://www.securitytracker.com/id?1022140
Adobe Reader Bugs in getAnnots() and spell.customDictionaryOpen() Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022139
Symantec Endpoint Protection Bug in Reporting Server Lets Remote Users Display Arbitrary Messages
http://securitytracker.com/alerts/2009/Apr/1022138.html
Symantec Client Security Bug in Reporting Server Lets Remote Users Display Arbitrary Messages
http://securitytracker.com/alerts/2009/Apr/1022137.html
Symantec Anti Virus Corporate Edition Bug in Reporting Server Lets Remote Users Display Arbitrary Messages
http://securitytracker.com/alerts/2009/Apr/1022136.html
+ Security Advisories Relating to Symantec Products - Symantec Reporting Server Improper URL Handling Exposure
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_00
Symantec Endpoint Protection Input Validation Flaw in Log Viewer Permits Remote HTML Injection Attacks
http://securitytracker.com/alerts/2009/Apr/1022135.html
+ Security Advisories Relating to Symantec Products - Symantec Log Viewer JavaScript Injection Vulnerabilities
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_01
Symantec Anti Virus Input Validation Flaw in Log Viewer Permits Remote HTML Injection Attacks
http://www.securitytracker.com/id?1022134
Norton Internet Security Input Validation Flaw in Log Viewer Permits Remote HTML Injection Attacks
http://www.securitytracker.com/id?1022133
Symantec Endpoint Protection Bugs in Alert Management System 2 Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022132
+ Security Advisories Relating to Symantec Products - Symantec Alert Management System 2 multiple vulnerabilities
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02
Symantec Client Security Bugs in Alert Management System 2 Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022131
Symantec Anti Virus Corporate Edition Bugs in Alert Management System 2 Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022130
TIBCO SmartSockets Stack Overflow in RTserver Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022129
HP-UX Bug in 'useradd' Command Lets Local Users Gain Access to Files and Directories
http://www.securitytracker.com/id?1022128
Citrix License Server Management Console Unspecified Vulnerability
http://www.vupen.com/english/advisories/2009/1207
Citrix Web Interface Unspecified Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/1206
HP-UX "useradd" Command Local Unauthorized Access Vulnerability
http://www.vupen.com/english/advisories/2009/1205
Symantec Products Alert Management System 2 Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2009/1204
Symantec Products Log Viewer Feature Script Injection Vulnerabilities
http://www.vupen.com/english/advisories/2009/1203
Symantec Products Reporting Server Message Manipulation Weakness
http://www.vupen.com/english/advisories/2009/1202
Juniper Netscreen ScreenOS Information Disclosure Weakness
http://www.vupen.com/english/advisories/2009/1201
Libmodplug "PATinst()" Instrument Name Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1200
Sun Solaris DTrace IOCTL Handlers Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1199
TIBCO SmartSockets UDP Remote Stack Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1198
MemcacheDB "stats maps" Remote Information Disclosure Weakness
http://www.vupen.com/english/advisories/2009/1197
Memcached "stats maps" Remote Information Disclosure Weakness
http://www.vupen.com/english/advisories/2009/1196
Adobe Reader and Acrobat JavaScript Memory Corruption Vulnerabilities
http://www.vupen.com/english/advisories/2009/1189
IBM Tivoli Workload Scheduler Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/1188
HP OpenView NNM "ovalarmsrv" Remote Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1187
Sumatra PDF MuPDF "loadexponentialfunc()" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1186
MuPDF "loadexponentialfunc()" Function Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1185
Mozilla Firefox "nsTextFrame::ClearTextRun()" Memory Corruption Issue
http://www.vupen.com/english/advisories/2009/1180
IBM Tivoli Continuous Data Protection for Files Insecure Default Permissions Vulnerability
http://www.securityfocus.com/bid/26293
doop Index.php Local File Include Vulnerability
http://www.securityfocus.com/bid/26075
Kaspersky Online Scanner KAVWebScan.DLL ActiveX Control Format String Vulnerability
http://www.securityfocus.com/bid/26004
NVClock Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/25052
Apache Tomcat Accept-Language Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/24524
Linux Kernel CPUSet Tasks Memory Leak Information Disclosure Vulnerability
http://www.securityfocus.com/bid/24389
+ Sun Java Web Start Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/23728
Roxio CinePlayer SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/23412
Microsoft Windows Vista Neighbor Discovery Spoofing Vulnerability
http://www.securityfocus.com/bid/23293
Adobe Acrobat and Reader Unspecified Remote Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34768
Cisco IOS Multiple Features UDP Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/34245
Linux Kernel 'do_splice_from()' Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/31903
Cisco IOS NAT Skinny Call Control Protocol Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/31359
Cisco IOS AIC HTTP Transit Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/31354
ProjectCMS 'sn' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34767
HP Enterprise Discovery Unspecified Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/30865
HP OpenView Network Node Manager HTTP Request Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33147
Samba Group Mappings File Insecure Permissions Local Security Vulnerability
http://www.securityfocus.com/bid/30837
Ruby REXML Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/30802
JBoss Enterprise Application Platform Information Disclosure Vulnerability
http://www.securityfocus.com/bid/30540
Apple Safari Automatic File Launch Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/29835
Multiple ESET Products CAB File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34764
GNU Tar Invalid Headers Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/16764
LevelOne AMG-2000 Security Bypass Vulnerability
http://www.securityfocus.com/bid/34760
Linux Kernel RLIMIT_CPU Zero Limit Handling Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/29004
Linksys WRT54G Wireless-G Router Multiple Remote Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/28381
JBC Explorer Auth.Inc.PHP Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/26332
TorrentTrader 'msg' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/28082
GFL SDK Library Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/27514
TikiWiki CMS 'tiki-listmovies.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/27008
0 件のコメント:
コメントを投稿