:: IT Security Neophyte Investigator's MEMO ::: 14日火曜日、友引

2009年7月14日火曜日

14日火曜日、友引

JVNDB-2009-000048 shiromuku(fs6)DIARY におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000048.html

JVNDB-2009-001757 複数の Apple 製品の WebKit における DOM イベントハンドラの再帰処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001757.html

JVNDB-2009-001756 複数の Apple 製品における about:blank URI に関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001756.html

JVNDB-2009-001755 複数の Apple 製品におけるセキュリティコンテキストの処理に関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001755.html

JVNDB-2009-001754 複数の Apple 製品における JavaScript のガベージコレクタの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001754.html

JVNDB-2009-001753 複数の Apple 製品における型変換の問題に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001753.html

JVNDB-2009-001752 複数の Apple 製品における document.implementation プロパティの処理に関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001752.html

JVNDB-2009-001751 複数の Apple 製品におけるイベントハンドラの処理に関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001751.html

Kernel release: 2.6.31-rc3
http://www.linux.org/news/2009/07/14/0001.html
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.31-rc3

Benetl 2.9 out
http://www.postgresql.org/about/news.1113

MySQL 5.0.84 (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-84.html

Juniperの適応型脅威管理，IDとアプリ認識セキュリティ・インフラを提供
http://itpro.nikkeibp.co.jp/article/NEWS/20090714/333765/?ST=security

最新ブラウザのFirefox 3.5，プラグインの古いぜい弱性を狙った攻撃をF-Secureが警告
http://itpro.nikkeibp.co.jp/article/NEWS/20090714/333761/?ST=security

「Office Web Components」のActiveXコントロールに遠隔コード実行のぜい弱性
http://itpro.nikkeibp.co.jp/article/NEWS/20090714/333749/?ST=security

JVN#31110006 shiromuku(fs6)DIARY におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN31110006/index.html

+ OpenLDAP 2.4.17 released
http://www.openldap.org/software/release/announce.html

+ Microsoft Security Advisory (973472): Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/973472.mspx
http://isc.sans.org/diary.html?storyid=6778
http://www.vupen.com/english/advisories/2009/1867
http://www.securityfocus.com/bid/35642

+ Linux Kernel "PER_CLEAR_ON_SETID" Security Issue
http://secunia.com/advisories/35801/
http://www.vupen.com/english/advisories/2009/1866
http://www.securityfocus.com/bid/35647

+ MySQL "sql_parse.cc" Format String Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1857

+ djbdns Long Response Packet Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/33937/

+ FreeBSD ATA Device Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35645

+ Apache APR-util Library Multiple Vulnerabilities
http://secunia.com/advisories/35797/

[ANNOUNCE] pg_migrator 8.4 released
http://pgfoundry.org/frs/?group_id=1000235

[Announcement] Apache Commons Pool 1.5.2 Released
http://commons.apache.org/pool/download_pool.cgi

[ANNOUNCE] Apache IvyDE 2.0.0-final released
http://ant.apache.org/ivy/ivyde/screenshots.html

MySQL 6.0.12 (Not yet released)
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-12.html

お問い合わせフォーム緊急メンテナンスのお知らせ(2009年7月14日)
http://www.trendmicro.co.jp/support/news.asp?id=1278

DSA 1830-1: New icedove packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29784

DSA 1753-2: End-of-life announcement for icedove in oldstable
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29785

GLSA 200907-10 : Syslog-ng: Chroot escape
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29773

GLSA 200907-09: Cyrus-SASL: Execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29774

GLSA 200907-08: Multiple Ralink wireless drivers: Execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29775

GLSA 200907-06: Adobe Reader: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29776

GLSA 200907-07: ModPlug: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29777

GLSA 200907-05: git: git-daemon Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29778

GLSA 200907-11: GStreamer plug-ins: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29779

GLSA 200907-04: Apache: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29780

DSA 1829-1: New sork-passwd-h3 packages fix cross-site scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29786

Wyse-SA-07/11/2009: 'Secure' thin clients vulnerable to remote exploit bugs
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29781

VMSA-2009-0009 : ESX Service Console updates for udev, sudo, and curl
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29782

VMotion CPU Compatibility - Migrations Prevented Due to CPU Mismatch - How to Override Masks
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1993&sliceId=1&docTypeID=DT_KB_1_1

米国や韓国で発生の大規模攻撃、日本のウイルス感染PCも“加害者”に
JPCERT/CCが注意喚起、パソコンのデータを削除される危険性も
http://itpro.nikkeibp.co.jp/article/NEWS/20090713/333744/?ST=security

[ MDVSA-2009:150 ] libtiff
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00072.html

[SECURITY] [DSA 1832-1] New camlimages packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00073.html

[SECURITY] [DSA 1831-1] New djbdns packages fix privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00074.html

[USN-802-1] Apache vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00071.html

[USN-801-1] tiff vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00070.html

[USN-799-1] D-Bus vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00070.html

[USN-800-1] irssi vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00068.html

[security bulletin] HPSBGN02446 SSRT090111 rev.1 - HP ProCurve Threat Management Services zl Module (J9155A), Remote Unauthorized Access, Denial of Service (DoS)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00067.html

[oCERT-2009-012] libtiff tools integer overflows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00066.html

DDIVRT-2009-26 LogRover SQL Injection Authentication Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00062.html

[ GLSA 200907-11 ] GStreamer plug-ins: User-assisted execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00064.html

[ GLSA 200907-10 ] Syslog-ng: Chroot escape
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00063.html

[ GLSA 200907-09 ] Cyrus-SASL: Execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00061.html

[ GLSA 200907-08 ] Multiple Ralink wireless drivers: Execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00060.html

[ GLSA 200907-07 ] ModPlug: User-assisted execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00059.html

[ GLSA 200907-06 ] Adobe Reader: User-assisted execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00058.html

[ GLSA 200907-05 ] git: git-daemon Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00057.html

[ GLSA 200907-04 ] Apache: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00056.html

[SECURITY] [DSA 1830-1] New icedove packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00055.html

[SECURITY] [DSA 1753-2] End-of-life announcement for icedove in oldstable
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00054.html

[SECURITY] [DSA 1829-1] New sork-passwd-h3 packages fix cross-site scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00052.html

VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00053.html

Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
http://isc.sans.org/diary.html?storyid=6778

* Infocon raised to yellow for Excel Web Components ActiveX vulnerability
http://isc.sans.org/diary.html?storyid=6781

Security Update available for Wyse Device Manager
http://isc.sans.org/diary.html?storyid=6784

Fedora update for openswan
http://secunia.com/advisories/35804/

Linux Kernel "PER_CLEAR_ON_SETID" Security Issue
http://secunia.com/advisories/35801/

Microsoft Office Web Components Code Execution Vulnerability
http://secunia.com/advisories/35800/

Apache APR-util Library Multiple Vulnerabilities
http://secunia.com/advisories/35797/

Censura "q" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35795/

Phenotype CMS "user" SQL Injection Vulnerability
http://secunia.com/advisories/35792/

ToyLog "idm" SQL Injection Vulnerability
http://secunia.com/advisories/35791/

PHP AdminPanel "dir" Directory Traversal Vulnerability
http://secunia.com/advisories/35790/

Pirch IRC Server Response Handling Buffer Overflow
http://secunia.com/advisories/35789/

Censura "itemid" SQL Injection Vulnerability
http://secunia.com/advisories/35787/

Playlistmaker Playlist Entry Handling Buffer Overflow
http://secunia.com/advisories/35783/

M3U/M3L To ASX/WPL Playlist Processing Buffer Overflow
http://secunia.com/advisories/35782/

MorcegoCMS Query String SQL Injection Vulnerability
http://secunia.com/advisories/35778/

Gentoo update for gst-plugins-good, gst-plugins-base, and gst-plugins-libpng
http://secunia.com/advisories/35777/

WebGUI Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/35775/

LionWiki "page" Directory Traversal Vulnerability
http://secunia.com/advisories/35774/

Debian update for sork-passwd-h3
http://secunia.com/advisories/35769/

VMware ESX Server update for udev, sudo, and curl
http://secunia.com/advisories/35766/

Debian update for icedove
http://secunia.com/advisories/35759/

MyMsg "uid" SQL Injection Vulnerability
http://secunia.com/advisories/35753/

mimeTeX Multiple Vulnerabilities
http://secunia.com/advisories/35752/

Gentoo syslog-ng "chroot()" Weakness
http://secunia.com/advisories/35748/

Gentoo update for cyrus-sasl
http://secunia.com/advisories/35746/

Gentoo Ralink Wireless Drivers Probe Request Processing Vulnerability
http://secunia.com/advisories/35743/

Elvin Multiple Vulnerabilities
http://secunia.com/advisories/35742/

Gentoo update for libmodplug and gst-plugins-bad
http://secunia.com/advisories/35736/

Gentoo update for acroread
http://secunia.com/advisories/35734/

Gentoo update for git
http://secunia.com/advisories/35730/

Swinger Club Portal SQL Injection and File Inclusion Vulnerabilities
http://secunia.com/advisories/35724/

Top Paidmailer "page" File Inclusion Vulnerability
http://secunia.com/advisories/35723/

Gentoo update for apache
http://secunia.com/advisories/35721/

Microsoft Office Web Components Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/1867

Linux Kernel "PER_CLEAR_ON_SETID" Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/1866

VMware ESX Security Update Fixes Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2009/1865

Playlistmaker Playlist Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1864

M3U/M3L to ASX/WPL Playlist Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1863

eEye Retina WiFi Scanner ".rws" Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1862

OtsAv DJ/TV/Radio Playlist File Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1861

PatPlayer Playlist File Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1860

Pirch IRC Client Server Response Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1859

IBM AIX "syscall" Function Local Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1858

MySQL "sql_parse.cc" Format String Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1857

Sun Solaris Tomcat Security Bypass and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/1856

Mozilla Firefox 3.5 Remote Buffer Overflow Exploit (untested crash)
http://www.milw0rm.com/exploits/9137

Mp3-Nator 2.0 (ListData.dat) Universal Buffer Overflow Exploit (SEH)
http://www.milw0rm.com/exploits/9136

Openswan <= 2.4.12/2.6.16 Insecure Temp File Creation Root Exploit http://www.milw0rm.com/exploits/9135

FreeBSD 6/8 (ata device) Local Denial of Service Exploit
http://www.milw0rm.com/exploits/9134

Git Parameter Processing Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35338

Adobe Reader and Acrobat JBIG Segments 'Text Region' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35303

Adobe Reader and Acrobat FlateDecode Filter Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35294

Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35299

Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35301

Adobe Reader and Acrobat TrueType Font Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35296

Adobe Reader and Acrobat JBIG Halftone Region Grid Area Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35291

Adobe Reader and Acrobat Huffman-encoded JBIG2 Text Heap Overflow Vulnerability
http://www.securityfocus.com/bid/35302

Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35298

LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/35451

Novell NetIdentity Agent 'XTIERRPCPIPE' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34400

LibTIFF Multiple Remote Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35652

Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623

Apache 'mod_proxy' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35565

Microsoft Windows Print Spooler Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35208

HP ProCurve Threat Management Services zl Module VPN Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35654

HP ProCurve Threat Management Services zl Module CRL Security Bypass Vulnerability
http://www.securityfocus.com/bid/35659

HP ProCurve Threat Management Services zl Module 'httpd' Denial of Service Vulnerability
http://www.securityfocus.com/bid/35653

CamlImages PNG Image Parsing Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35556

djbdns Long Response Packet Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/33937

HP ProCurve Threat Management Services zl Module DNS Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35655

Adobe Reader 'spell.customDictionaryOpen()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34740

Adobe Reader & Acrobat JBIG Pattern Dictionary Allocation Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35300

D-Bus 'dbus_signature_validate()' Type Signature Denial of Service Vulnerability
http://www.securityfocus.com/bid/31602

Adobe Reader and Acrobat U3D Model Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35282

Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35295

Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35293

Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/35274

Irssi 'WALLOPS' Message Off By One Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35399

Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35289

Adobe Reader 'getAnnots()' JavaScript Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34736

Joomla! 'com_category' Component SQL Injection Vulnerability
http://www.securityfocus.com/bid/35638

RunCMS 'upload.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/35646

FreeBSD ATA Device Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35645

Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Vulnerability
http://www.securityfocus.com/bid/35647

Joomla! and Mambo gigCalendar Component 'venuedetails.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/33863

Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
http://www.securityfocus.com/bid/35380

Mozilla Firefox/Thunderbird/SeaMonkey Null Owner Document Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/35383

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33990

Mozilla Firefox and SeaMonkey JavaScript Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35373

Mozilla Firefox/Thunderbird/SeaMonkey Double Frame Construction Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35371

Mozilla Firefox/Thunderbird/SeaMonkey Multiple Browser Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35370

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -01 to -06 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/33598

Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656

phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/31520

Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability
http://www.securityfocus.com/bid/33837

Microsoft Office Web Components ActiveX Control Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35642

eEye Retina WiFi Scanner '.rws' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35624

WebKit SVGList Objects Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/34924

Computer Associates BrightStor ARCserve Backup UniversalAgent Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/13102

Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
http://www.securityfocus.com/bid/35115

Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34663

Mumbles Firefox Plugin Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/35640

strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/35452

Openswan and strongSwan DPD Packet Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34296

Horde 'Passwd' Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35573

Todd Miller Sudo 'Runas_Alias' Supplementary Group Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/33517

cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
http://www.securityfocus.com/bid/33962

udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536

GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100

GStreamer QuickTime Media File Parsing Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33405

GStreamer gst-plugins-good 'gstpngdec.c' PNG Output Buffer Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35172

Balabit syslog-ng Insecure 'chroot()' Implementation Weakness
http://www.securityfocus.com/bid/32338

Cyrus SASL 'sasl_encode64()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34961

Multiple Ralinktech Wireless Drivers MAC/BSS/SSID Integer Overflow Vulnerability
http://www.securityfocus.com/bid/33340

libmodplug 's3m' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30801

libmodplug 'load_pat.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34747

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)