[announce] Wicket 1.4-rc4 released
http://www.apache.org/dyn/closer.cgi/wicket/1.4-rc4
Microsoft Delivers New Wave of Technologies to Help Businesses Thrive in Today’s Economy
Company announces Windows 7 on track for holiday season; Windows Server 2008 R2 RC available today.
http://www.microsoft.com/presspass/press/2009/May09/05-11TechEd09PR.mspx
スパイウェア検索エンジン 5.2 (ビルド1035) 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1256
帰ってきた「画像スパム」、迷惑メール全体の16%に
米シマンテックが報告、新型インフルエンザ関連の迷惑メールも
http://itpro.nikkeibp.co.jp/article/NEWS/20090512/329834/?ST=security
企業の9割近くが「社内からの脅威」を懸念,しかし対策は不十分
http://itpro.nikkeibp.co.jp/article/NEWS/20090512/329833/?ST=security
MOTEXが不正アクセス監視ソフトの新版を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20090512/329788/?ST=security
JVN#19072922 EC-CUBE における SQL インジェクションの脆弱性
http://jvn.jp/jp/JVN19072922/index.html
JVNDB-2009-001207 Microsoft Windows の Windows HTTP サービスにおける証明書の検証処理に関する別の https web サイトになりすまし可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001207.html
JVNDB-2009-001206 Microsoft Windows の Windows HTTP サービスにおける NTLM 認証の処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001206.html
JVNDB-2009-001205 Microsoft Windows の Windows HTTP サービスにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001205.html
JVNDB-2009-001204 Microsoft Office の WordPerfect コンバーターにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001204.html
JVNDB-2009-001203 Microsoft Windows の Word 97 テキストコンバーターにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001203.html
JVNDB-2009-001202 Microsoft Windows の Word 6 テキストコンバーターにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001202.html
HPSBMA02348 SSRT080033 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01495949-2
HPSBMA02349 SSRT080043 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01496048-3
C.1.1. Release Notes for MySQL Enterprise 5.0.82 [MRU] (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-es-5-0-82.html
Bkis-08-2009 : Microchip MPLAB IDE Buffer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29214
Gmail/Google Doc-SA-05/11/2009: Gmail/Google Doc PDF Repurposing Integrated Attacks - Cookie Hijacking / Stealing
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29222
USN-774-1 : MoinMoin vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29213
DSA 1798-1 : New pango1.0 packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29212
Acer-SA-05/10/2009: Insufficient Authentication vulnerability in notebooks
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29223
TinyWebGallery-SA-05/10/2009: TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit http://www.criticalwatch.com/support/security-advisories.aspx?AID=29224
MDVSA-2009:109: quagga
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29215
SSA:2009-129-01: xpdf
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29210
DSA 1797-1 : New xulrunner packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29211
Google Services-SA-05/09/2009: Universal XSS in all Google Services
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29225
SSA:2009-128-01: gnutls
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29209
TZO-21-2009 : Fprot CAB bypass / evasion
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29216
TZO-20-2009 : AVG ZIP evasion / bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29217
TZO-17-2009-2: Trendmicro multiple bypass/evasions
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29218
HPSBUX02366 SSRT080120 rev.2: HPUX Running useradd(1M), Local Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29228
Rsync version 3.0.6 released
http://rsync.samba.org/ftp/rsync/src/rsync-3.0.6-NEWS
[SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00089.html
[security bulletin] HPSBMA02349 SSRT080043 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00087.html
[security bulletin] HPSBMA02348 SSRT080033 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00088.html
[oCERT-2009-004] AjaxTerm session id collision
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00085.html
[USN-774-1] MoinMoin vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00084.html
Five days left to find the oldest data loss incident
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00082.html
Advisory - Gmail/Google Doc PDF Repurposing Integrated Attacks - Cookie Hijacking / Stealing
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00081.html
[Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00078.html
[ MDVSA-2009:109 ] quagga
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00079.html
Insufficient Authentication vulnerability in Acer notebooks
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00077.html
[SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00076.html
TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00075.html
TinyWebGallery "lang" Local File Inclusion Vulnerability
http://secunia.com/advisories/35060/
MPLAB IDE Project File Processing Buffer Overflow Vulnerabilities
http://secunia.com/advisories/35054/
b2evolution Starrating Plugin SQL Injection Vulnerabilities
http://secunia.com/advisories/35053/
Fedora update for lcms
http://secunia.com/advisories/35048/
Debian update for xulrunner
http://secunia.com/advisories/35042/
Skip Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/35041/
Debian update for pango1.0
http://secunia.com/advisories/35038/
Slackware update for xpdf
http://secunia.com/advisories/35037/
Realty Web-Base admin.php SQL Injection Vulnerability
http://secunia.com/advisories/35033/
Luxbum "username" SQL Injection Vulnerability
http://secunia.com/advisories/35032/
Battle Blog uploadfile.asp Arbitrary File Upload Vulnerability
http://secunia.com/advisories/35023/
RTWebalbum "AlbumId" SQL Injection Vulnerability
http://secunia.com/advisories/35022/
QuiXplorer "lang" Local File Inclusion Vulnerability
http://secunia.com/advisories/35020/
Claroline "Referer" Header Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35019/
Dafolo DafoloControl ActiveX Control Multiple Vulnerabilities
http://secunia.com/advisories/35017/
Addonics NAS Adapter FTP Service Denial of Service Vulnerabilities
http://secunia.com/advisories/34965/
QuiXplorer "lang" Parameter Handling Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2009/1282
Luxbum "username" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1281
Battle Blog Administrative Interface Arbitrary File Upload Vulnerability
http://www.vupen.com/english/advisories/2009/1280
RTWebalbum "AlbumId" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1279
TinyWebGallery "lang" Parameter Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2009/1278
Pango "pango_glyph_string_set_size()" Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1269
Php Recommend 'admin.php' Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34909
QEMU Multiple Local Vulnerabilities
http://www.securityfocus.com/bid/23731
QEMU Security Bypass Vulnerability
http://www.securityfocus.com/bid/30604
KVM Block Device Backend Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/28001
Microsoft Windows DNS Server WPAD Access Validation Vulnerability
http://www.securityfocus.com/bid/33989
Tiger DMS Login SQL Injection Vulnerability
http://www.securityfocus.com/bid/34775
EasyPHP 'lang' Parameter Arbitrary File Overwrite Vulnerability
http://www.securityfocus.com/bid/34908
MicroTopic 'rating' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34907
Dacio's Image Gallery Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34906
AjaxTerm 'ajaxterm.js' Session Hijacking Vulnerability
http://www.securityfocus.com/bid/34903
HP OpenView Network Node Manager Directory Traversal and Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/28745
HP OpenView Network Node Manager 'OVAS.EXE' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/28569
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256
eggBlog 'select_image.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34905
Microchip MPLAB IDE '.mcp' File Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34897
openWYSIWYG 'addons/imagelibrary/select_image.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34904
TYPSoft FTP Server 'ABORT' Command Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34901
Mereo Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/34902
TinyWebGallery '/admin/_include/init.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/34892
The Tricky.net Joomla! Messaging Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/34365
Multiple F-PROT Products CAB File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34896
Multiple AVG Products RAR/ZIP Files Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34895
MoinMoin 'AttachFile.py' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34631
Dia 'PySys_SetArgv' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/33448
Sun xVM VirtualBox Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34080
Multiple Trend Micro Products RAR/ZIP/CAB Files Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34763
GnuTLS Prior to 2.6.6 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34783
Dafolo DafoloControl ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34900
Little CMS Monochrome Profiles Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34411
b2evolution Starrating Plugin Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/34899
SKIP Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34898
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
Quagga Autonomous System Number Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34817
Pango 'pango_glyph_string_set_size()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34870
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656
Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability
http://www.securityfocus.com/bid/33837
Drupal Taxonomy Vocabulary 'Help text' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34893
Oracle April 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/34461
PDF Silent HTTP Form Repurposing Attacks
http://www.securiteam.com/securityreviews/5MP0D00R5G.html
Grabit NZB File Parsing Stack Overflow
http://www.securiteam.com/windowsntfocus/5KP0B00R5W.html
IBM Tivoli Storage Manager Agent Service Buffer Overflows
http://www.securiteam.com/windowsntfocus/5LP0C00R5K.html
Vpopmail and QmailAdmin Email Quota Multiple Integer Overflows
http://www.securiteam.com/unixfocus/5OP0F00R5Q.html
Why Silent Updates Boost Security
http://www.securiteam.com/securityreviews/5NP0E00R5A.html
Pango Heap Allocation Size Calculations Integer Overflow
http://www.securiteam.com/unixfocus/5WP012KR5W.html
HP OpenView Network Node Manager (OV NNM) Denial of Service (DoS)
http://www.securiteam.com/unixfocus/5XP022KR5G.html
HPUX Running Useradd(1M) Local Unauthorized Access
http://www.securiteam.com/unixfocus/5ZP042KR5W.html
libwmf Packages Vulnerable to Denial of Service
http://www.securiteam.com/unixfocus/5YP032KR5G.html
0 件のコメント:
コメントを投稿