- HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01697543-1
+ InterScan VirusWall スタンダードエディション 6.02 Linux版 Patch 1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1260
JVNTA09-132A Microsoft Office PowerPoint に複数の脆弱性
http://jvn.jp/cert/JVNTA09-132A/index.html
JVNTA09-133B Adobe Reader および Acrobat における脆弱性
http://jvn.jp/cert/JVNTA09-133B/index.html
JVNTA09-133A Apple 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-133A/index.html
若者の7割弱がアカウント不正アクセスにトライ,ハッキング・ツール試用経験者も
http://itpro.nikkeibp.co.jp/article/Research/20090514/330004/?ST=security
JVNDB-2009-001216 Microsoft Windows の ThreadPool クラスにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001216.html
JVNDB-2009-001215 Microsoft Windows の RPCSS サービスにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001215.html
JVNDB-2009-001214 Microsoft Windows の WMI プロバイダーにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001214.html
JVNDB-2009-001213 Microsoft Office Excel におけるスプレッドシートに関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001213.html
- RHSA-2009:0478-01: Critical: acroread security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29251
- RHSA-2009:0479-01: Moderate: perl-DBD-Pg security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29252
- RHSA-2009:0480-01: Important: poppler security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29253
+ Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34934
+ Sun Java Runtime Environment ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34931
[ntp:announce] NTP 4.2.4p7-RC7 Released
http://www.ntp.org/downloads.html
HPSBUX02366 SSRT080120 rev.1 - useradd(1M)を実行するHP-UX、ローカル未許可アクセス
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01734323-1
MDVSA-2009:111: firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29242
MDVSA-2009:111-1: firefox update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29243
USN-776-2: KVM regression
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29246
APPLE-SA-2009-05-12: Safari 3.2.3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29247
APPLE-SA-2009-05-12: Safari 4 Public Beta Security Update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29248
APPLE-SA-2009-05-12: Security Update 2009-002 / Mac OS X v10.5.7
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29249
iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Buffer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29262
iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Heap Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29263
iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29264
iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT 4.0 Importer Multiple Stack Buffer Overflow Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29265
iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29266
iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29267
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Build List Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29268
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Notes Container Heap Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29269
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Integer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29270
RHSA-2009:0479-1: Moderate: perl-DBD-Pg security update
http://rhn.redhat.com/errata/RHSA-2009-0479.html
RHSA-2009:0480-1: Important: poppler security update
http://rhn.redhat.com/errata/RHSA-2009-0480.html
[ MDVSA-2009:112 ] ipsec-tools
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00129.html
US-CERT Technical Cyber Security Alert TA09-133B -- Adobe Reader and Acrobat JavaScript Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2009-05/msg00002.html
US-CERT Technical Cyber Security Alert TA09-133A -- Apple Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2009-05/msg00001.html
Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal vulnerability poc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00128.html
maxcms2.0 creat new admin exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00127.html
[USN-776-2] KVM regression
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00123.html
[ MDVSA-2009:111-1 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00120.html
[ MDVSA-2009:111 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00117.html
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00118.html
[ MDVSA-2009:110 ] squirrelmail
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00122.html
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Notes Container Heap Corruption Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00119.html
iDefense Security Advisory 05.12.09: Microsoft PowerPoint Build List Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00121.html
アップル、Mac OS Xのソフトウエアアップデートを公開
http://itpro.nikkeibp.co.jp/article/NEWS/20090514/329977/?ST=security
「不正なログインを早期に発見」、ヤフーがセキュリティの新サービス
ログインがあると登録アドレスにメール、ログインのロック機能も提供
http://itpro.nikkeibp.co.jp/article/NEWS/20090514/329914/?ST=security
パターン不要の「ゼロデイ攻撃」対策ソフト、国内ベンチャーが初披露
フォティーンフォティ技術研究所の「FFR yarai」、4種類のエンジンを搭載
http://itpro.nikkeibp.co.jp/article/NEWS/20090514/329968/?ST=security
Adobe ReaderとAcrobatに危険な脆弱性、アップデートの適用を
悪質なPDFファイルを開くだけで被害の恐れ、攻撃ファイルが既に出現
http://itpro.nikkeibp.co.jp/article/NEWS/20090514/329966/?ST=security
PowerPointの「緊急」パッチ公開、ゼロデイ攻撃に対処
2009年5月のセキュリティ情報は1件、Mac版のパッチは準備中
http://itpro.nikkeibp.co.jp/article/NEWS/20090514/329965/?ST=security
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
http://secunia.com/advisories/35074/
Mini-stream CastRipper Playlist Processing Buffer Overflow
http://secunia.com/advisories/35069/
Matt Wright FormMail Cross-Site Scripting and HTTP Response Splitting
http://secunia.com/advisories/35068/
BIGACE "username" SQL Injection Vulnerability
http://secunia.com/advisories/35063/
Ubuntu update for kvm
http://secunia.com/advisories/35062/
Mac OS X CFF Font and Cscope Source File Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022218
Mac OS X Disk Image Processing Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022217
Mac OS X Help Viewer Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022216
Mac OS X Finder and Spotlight Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022215
Mac OS X CFNetwork May Send Secure Cookies Over Non-encrypted Connections
http://www.securitytracker.com/id?1022214
Dokeos Remote SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1300
BIGACE CMS "username" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/1299
Apple Safari for Mac and Windows Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/1298
Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/1297
SquirrelMail Multiple Cross Site Scripting and Security Bypass Issues
http://www.vupen.com/english/advisories/2009/1296
OpenSC "pkcs11-tool" RSA Keys Generation Security Weakness
http://www.vupen.com/english/advisories/2009/1295
SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities
http://www.securityfocus.com/bid/34916
Cscope Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34805
Apple Mac OS X 2009-002 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34926
Apple Mac OS X CFNetwork 'Set-Cookie' Headers Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34951
Apple Mac OS X Help Viewer HTML Document Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34952
Apple Mac OS X Help Viewer Cascading Style Sheets Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34950
Apple Safari 'feed:' URI Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34925
Apple Safari WebKit SVGList Objects Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34924
McAfee GroupShield for Microsoft Exchange X-header Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34949
IPsec-Tools Prior to 0.7.2 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34765
Quagga Autonomous System Number Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34817
Apple Mac OS X Compact Font Format (CFF) Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34947
Apple Mac OS X Telnet Stack Overflow Vulnerability
http://www.securityfocus.com/bid/34948
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
BigACE 'username' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34920
Pango 'pango_glyph_string_set_size()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34870
IBM Tivoli Storage Manager Multiple Vulnerabilities
http://www.securityfocus.com/bid/34803
Drupal Taxonomy Vocabulary 'Help text' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34893
Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/33827
Libpng Library Unknown Chunk Handler Vulnerability
http://www.securityfocus.com/bid/28770
Apple Mac OS X Local 'login' Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34941
Apple Mac OS X Disk Image Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34942
DirectAdmin '/CMD_DB' Restore Action Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34678
IPsec-Tools Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/30657
GNOME Evolution '~/.evolution/mail/local' File Permission Vulnerability
http://www.securityfocus.com/bid/34921
Ruby Multiple Security Bypass and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/30644
Ruby REXML Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/30802
Ruby 'OCSP_basic_verify()' X.509 Certificate Verification Vulnerability
http://www.securityfocus.com/bid/33769
Ruby 'regex.c' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/30682
Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34934
libxml XML Entity Name Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31126
Dokeos Multiple Remote Input Validation Vulnerabilities
http://www.securityfocus.com/bid/34928
CUPS and Xpdf JBIG2 Symbol Dictionary Processing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34791
OpenSSL 'EVP_VerifyFinal' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33150
Multiple Vendor OpenSSL 'DSA_verify' Function Signature Verification Vulnerability
http://www.securityfocus.com/bid/33151
Apple Mac OS X SpotLight Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34939
Microsoft PowerPoint Paragraph Data Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34833
Apple Mac OS X PICT Image Handling Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34938
CUPS Insufficient 'Host' Header Validation Weakness
http://www.securityfocus.com/bid/34665
FreeType Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34550
FreeType TT_Load_Simple_Glyph() TTF File Integer Overflow Vulnerability
http://www.securityfocus.com/bid/24074
FreeType TTF File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/18326
FreeBSD Malformed ICMPv6 Packet Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/31004
QEMU VNC 'monitor.c' Insecure Password Vulnerability
http://www.securityfocus.com/bid/33020
QEMU 'vl.c' Security Bypass Vulnerability
http://www.securityfocus.com/bid/29101
QEMU and KVM VNC Server Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/32910
QEMU Security Bypass Vulnerability
http://www.securityfocus.com/bid/30604
QEMU Multiple Local Vulnerabilities
http://www.securityfocus.com/bid/23731
MIT Kerberos 'NegTokenInit' Token Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34257
MIT Kerberos SPNEGO and ASN.1 Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/34408
MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34409
Apple Mac OS X QuickDraw PICT Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34937
PHP 5 'posix_access()' Function 'safe_mode' Bypass Directory Traversal Vulnerability
http://www.securityfocus.com/bid/29797
PHP 'chdir()' and 'ftok()' 'safe_mode' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/29796
PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31612
PHP Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/30649
PHP 'mbstring' Extension Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32948
PHP 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33542
PHP 'rfc822_write_address()' Function Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/29829
PHP 'imageRotate()' Uninitialized Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33002
Apple Mac OS X Launch Services Denial of Service Vulnerability
http://www.securityfocus.com/bid/34932
Sun Java Runtime Environment ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34931
Microsoft PowerPoint Sound Data (CVE-2009-1128) Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/34837
Microsoft PowerPoint Sound Data (CVE-2009-1129) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34839
Microsoft PowerPoint Sound Data (CVE-2009-0226) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34881
Microsoft PowerPoint Sound Data (CVE-2009-0225) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34880
Microsoft PowerPoint Invalid Record Type Integer Overflow Vulnerability
http://www.securityfocus.com/bid/34835
Microsoft PowerPoint Invalid Record Type Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34879
Microsoft PowerPoint Notes Container Heap Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34840
Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34383
Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/30560
Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/27409
Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33890
Adobe Reader 'getAnnots()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34736
Adobe Reader 'spell.customDictionaryOpen()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34740
Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33880
Zervit HTTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34570
Zervit 'http.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34530
Matt Wright FormMail HTTP Response Splitting and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34929
Mozilla Firefox 'nsTextFrame::ClearTextRun()' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34743
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656
DBD::Pg BYTEA Values Memory Leak Denial of Service Vulnerability
http://www.securityfocus.com/bid/34757
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33990
DBD::Pg 'pg_getline()' and 'getline()' Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34755
Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability
http://www.securityfocus.com/bid/33837
CastRipper '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34915
acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692
xterm DECRQSS Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/33060
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
Net-SNMP GETBULK Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/32020
GNU Enscript 'src/psgen.c' Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31858
PCRE Regular Expression Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30087
Microsoft PowerPoint Sound Data (CVE-2009-0227) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34882
Microsoft PowerPoint Sound Data (CVE-2009-0223) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34834
Drupal UTF-7 'book-export-html.tpl.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/34946
Drupal LoginToboggan Module Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/34945
Pinnacle Studio '.hfz' File Directory Traversal Vulnerability
http://www.securityfocus.com/bid/34936
Family Connections 'member' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/34935
Dream Windows Max CMS 'admin_manager.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/34933
Ascad Networks Password Protector SD Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/34930
Open Virtual Desktop Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34927
Zervit Webserver 0.4 Directory Traversal / Memory Corruption PoC
http://www.milw0rm.com/exploits/8666
Linux Kernel 2.6.x ptrace_attach Local Privilege Escalation Exploit
http://www.milw0rm.com/exploits/8673
Pinnacle Studio 12 (.hfz) Directory Traversal Vulnerability
http://www.milw0rm.com/exploits/8670
0 件のコメント:
コメントを投稿