http://sunsolve.sun.com/search/document.do?assetkey=1-66-259408-1
- Solution 252767: A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges
http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1
Cosminexus, Processing Kit for XML, Hitachi Developer's Kit for Javaにおける不正zipファイル走査APIによる不正アクセスの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-008/index.html
Cosminexus, Processing Kit for XML, Hitachi Developer's Kit for JavaにおけるUTF-8デコード結果判定不正による不正アクセスの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-007/index.html
[Press Release] 「情報セキュリティ白書2009」出版について
http://www.ipa.go.jp/security/publications/hakusyo/2009/hakusyo2009press.html
プレス発表 「情報セキュリティ対策ベンチマーク バージョン3.2」と「診断の基礎データの統計情報」を公開
http://www.ipa.go.jp/about/press/20090522.html
JVN#57036470 アドシステムズ製Web会議室予約 フリー(無料)版 leger におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN57036470/index.html
JVNDB-2009-000031 アドシステムズ製Web会議室予約 フリー(無料)版 leger におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000031.html
JVNDB-2009-001251 BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001251.html
JVNDB-2009-001250 BEA Product Suite の WebLogic Server コンポーネントにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001250.html
JVNDB-2009-001249 BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001249.html
JVNDB-2009-001248 BEA Product Suite の WebLogic Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001248.html
JVNDB-2009-001247 BEA Product Suite の Apache 用プラグインおよび IIS ウェブサーバにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001247.html
JVNDB-2009-001246 Oracle Application Server の BI Publisher コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001246.html
JVNDB-2009-001245 Oracle Application Server の BI Publisher コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001245.html
JVNDB-2009-001244 Oracle Application Server の BI Publisher コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001244.html
JVNDB-2009-001243 Oracle Application Server の Portal コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001243.html
JVNDB-2009-001242 Oracle Application Server の Portal コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001242.html
Influenza A(H1N1) - update 35
http://www.who.int/csr/don/2009_05_21/en/index.html
Novell GroupWise WebAccess Input Validation Flaw in Login Page Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022267
Sun Java System Communications Express Input Validation Flaw in 'search.xml' and 'UWCMain' Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1022266
- Apache mod_proxy_ajp Bug May Disclose Another User's Response Data
http://securitytracker.com/alerts/2009/May/1022264.html
https://rhn.redhat.com/errata/RHSA-2009-1058.html
Novell GroupWise Buffer Overflow and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/1393
Baofeng Storm Config ActiveX Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1392
Apple Mac OS X Java Calendar Deserialization Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/1391
+ GCC 4.4.1 Status Report
http://gcc.gnu.org/ml/gcc/2009-05/msg00538.html
Linux welcomed on the desktop
http://www.linux.org/news/2009/05/21/0005.html
Survey: Even Linux-loving firms only deploy it to one-fifth of employees
http://www.linux.org/news/2009/05/21/0004.html
IBM: Linux desktops bucking the recession
http://www.linux.org/news/2009/05/21/0003.html
Windows 7's XP Mode Could Boost Linux and The Mac
http://www.linux.org/news/2009/05/21/0002.html
Desktop Linux For The Windows Power User
http://www.linux.org/news/2009/05/21/0001.html
Changes in MySQL 5.0.82 (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-82.html
Solution 258068: Cross-Site Scripting (XSS) Vulnerability in Sun Java System Communications Express
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258068-1
cisco-sa-20090520-cw: CiscoWorks TFTP Directory Traversal Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29331
CORE-2009-0109: Multiple XSS in Sun Communications Express
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29333
MULTIPLE SQL INJECTION VULNERABILITIES --Flash Quiz Beta 2-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00213.html
Novell GroupWise Web Access Multiple XSS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00211.html
[ MDVSA-2009:120 ] openssl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00212.html
DDIVRT-2009-25 IPsession SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-05/msg00210.html
Slow Performance with Dell PERC Controller
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1011213&sliceId=1&docTypeID=DT_KB_1_1
AcrobatとAdobe Readerのパッチ、四半期ごとに公開へ
定例パッチは2009年夏から、マイクロソフトと同じ「第2火曜日」に公開
http://itpro.nikkeibp.co.jp/article/NEWS/20090521/330476/?ST=security
JVNVU#435052 透過型プロキシサーバが HTTP の Host ヘッダに依存して接続を行う問題
http://jvn.jp/cert/JVNVU435052/index.html
SUSE update for kernel
http://secunia.com/advisories/35185/
Debian update for nsd
http://secunia.com/advisories/35183/
CiscoWorks TFTP Directory Traversal Vulnerability
http://secunia.com/advisories/35179/
exJune Office Message System Authentication Bypass Vulnerability
http://secunia.com/advisories/35172/
NC GBook PHP Code Execution Vulnerabilities
http://secunia.com/advisories/35170/
Debian update for ipsec-tools
http://secunia.com/advisories/35153/
SUSE update for acroread
http://secunia.com/advisories/35152/
bSpeak "forumid" SQL Injection Vulnerability
http://secunia.com/advisories/35139/
Avaya CMS Solaris "fstat()" System Call Denial of Service
http://secunia.com/advisories/35119/
Mac OS X Java Calendar Deserialisation Code Execution Vulnerability
http://secunia.com/advisories/35118/
Sun Java System Communications Express Cross-Site Scripting
http://secunia.com/advisories/32474/
CiscoWorks Common Services TFTP Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2009/1390
Sun Java System Communications Express Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/1389
Avaya CMS Solaris fstat System Call Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1388
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)
http://www.milw0rm.com/exploits/8754
ChinaGames (CGAgent.dll) ActiveX Remote Code Execution Exploit
http://www.milw0rm.com/exploits/8758
BaoFeng (config.dll) ActiveX Remote Code Execution Exploit
http://www.milw0rm.com/exploits/8757
ZaoCMS (download.php) Remote File Disclosure Vulnerability
http://www.milw0rm.com/exploits/8764
ZaoCMS Insecure Cookie Handling Vulnerability
http://www.milw0rm.com/exploits/8763
Article Directory (page.php) Remote Blind SQL Injection Vulnerability
http://www.milw0rm.com/exploits/8762
Article Directory (Auth Bypass) SQL Injection Vulnerability
http://www.milw0rm.com/exploits/8761
Flash Quiz Beta 2 Multiple Remote SQL Injection Vulnerabilities
http://www.milw0rm.com/exploits/8759
ASP Inline Corporate Calendar (SQL/XSS) Multiple Remote Vulnerabilities
http://www.milw0rm.com/exploits/8756
Little CMS Memory Leak and Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/34185
Little CMS Monochrome Profiles Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/34411
Flash Quiz Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35060
Your Articles Directory 'page.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35062
Your Articles Directory 'yad-admin/login.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35059
Job Script 'mycv.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/35058
IPcelerate IPsession Unspecified SQL Injection Vulnerability
http://www.securityfocus.com/bid/35057
ASP Inline Corporate Calendar Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35054
VICIDIAL Call Center Suite 'admin.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35056
AjaxTerm 'ajaxterm.js' Session Hijacking Vulnerability
http://www.securityfocus.com/bid/34903
SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities
http://www.securityfocus.com/bid/34916
GNOME Evolution '~/.evolution/mail/local' File Permission Vulnerability
http://www.securityfocus.com/bid/34921
Profense Web Application Firewall Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/35053
activeCollab 're_route' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35022
CGI Rescue Web Mailer HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/35047
26th Avenue bSpeak 'forumid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35049
NSD 'packet.c' Off-By-One Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35029
Jorp 'functions.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35048
Novell GroupWise WebAccess 'gw/webacc' Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35061
Cacti Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/27749
Chinagames ActiveX Control 'CreateChinagames()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34871
BaoFeng Storm ActiveX Control 'SetAttributeValue()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34869
OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/35001
Nullsoft Winamp 'gen_ff.dll' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35052
NC LinkList 'index.php' Remote PHP Code Injection Vulnerability
http://www.securityfocus.com/bid/35045
NC GBook 'index.php' Remote PHP Code Injection Vulnerability
http://www.securityfocus.com/bid/35044
Realty Web-Base 'list_list.php' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35043
Drupal Email Verification Module Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/35050
Scripts for Sites EZ Pub Site 'directory.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35046
Catviz Multiple Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35042
Joomla! Casino Component 'Itemid' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35041
DMXReady Registration Manager 'assetmanager.asp' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/35039
PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/34090
Adobe Reader 'getAnnots()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34736
Adobe Reader 'spell.customDictionaryOpen()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34740
Sun Solaris 9 'fstat(2)' System Call Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34979
Microsoft IIS Unicode Requests to WebDAV Multiple Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/34993
Sun Java System Communications Express 'search.xml' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34154
Sun Java System Communications Express 'UWCMain' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34155
Kingsoft Webshield Cross Site scripting and Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/35038
0 件のコメント:
コメントを投稿