2009年7月15日水曜日

15日 水曜日、先負

JVNDB-2009-001766 Apple Safari の WebKit におけるドラッグイベントに関する情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001766.html

JVNDB-2009-001765 Apple Safari の WebKit における Web インスペクタに関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001765.html

JVNDB-2009-001764 Apple Safari の WebKit における Web インスペクタに関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001764.html

JVNDB-2009-001763 Apple Safari の WebKit における XSLT 機能に関する他のセキュリティゾーンからファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001763.html

JVNDB-2009-001762 Apple Safari の WebKit におけるローカル Java アプレットに関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001762.html

JVNDB-2009-001761 Apple Safari の WebKit におけるメモリ初期化不備による任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001761.html

JVNDB-2009-001760 Apple Safari の WebKit における UI 要素のブラウザ表示を偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001760.html

JVNDB-2009-001759 Apple Safari の WebKit におけるガベージコレクション実装に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001759.html

JVNDB-2009-001758 Apple Safari の WebKit における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001758.html

JVNDB-2009-001757 複数の Apple 製品の WebKit における DOM イベントハンドラの再帰処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001757.html

JVNDB-2009-001754 複数の Apple 製品における JavaScript のガベージコレクタの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001754.html

How openness and Linux are unlocking innovation
http://www.linux.org/news/2009/07/14/0006.html

Instant-on Linux vendors respond to Chrome OS
http://www.linux.org/news/2009/07/14/0005.html

Distributions: From Ubuntu to openSUSE and Pardus
http://www.linux.org/news/2009/07/14/0004.html

Linux Latin America expects US$5mn-7mn in sales to retail segment
http://www.linux.org/news/2009/07/14/0003.html

Can Google Learn from Microsoft's Mistakes?
http://www.linux.org/news/2009/07/14/0002.html

Timekeeping best practices for Linux
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1006427&sliceId=1&docTypeID=DT_KB_1_1

SMSを悪用したサイバー犯罪が急増,不況により内部脅威の懸念も高まる
http://itpro.nikkeibp.co.jp/article/Research/20090715/333883/?ST=security

Microsoftの7月定例アップデート,DirectShowとVideo ActiveXの「緊急」対策など計6件
http://itpro.nikkeibp.co.jp/article/NEWS/20090715/333877/?ST=security

2009年7月 Microsoft セキュリティ情報 (緊急 3件含) に関する注意喚起
http://www.jpcert.or.jp/at/2009/at090013.txt

JPCERT/CC WEEKLY REPORT 2009-07-15
http://www.jpcert.or.jp/wr/2009/wr092701.html

Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
http://isc.sans.org/diary.html?storyid=6778

Oracle Database Bugs Let Remote Authenticated Users Take Fully Control of the Database or System and Remote Users Cause Denial of Service Conditions
http://securitytracker.com/alerts/2009/Jul/1022560.html

RETIRED: ADbNewsSender 'path_to_lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/35596

Mozilla Firefox 3.5 'Tracemonkey' Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35660

Microsoft DirectX DirectShow Length Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35616

Oracle Highly Interactive Client CVE-2009-1981 Unspecified Local Vulnerability
http://www.securityfocus.com/bid/35698

Oracle E-Business Suite CVE-2009-1983 Remote Oracle iStore Vulnerability
http://www.securityfocus.com/bid/35697

Oracle PeopleSoft CVE-2009-1989 Remote PeopleSoft Enterprise FMS Vulnerability
http://www.securityfocus.com/bid/35694

Oracle E-Business Suite CVE-2009-1986 Remote Oracle Applications Manager Vulnerability
http://www.securityfocus.com/bid/35695

Oracle E-Business Suite CVE-2009-1982 Remote Oracle Applications Framework Vulnerability
http://www.securityfocus.com/bid/35693

Oracle PeopleSoft Enterprise HRMS eProfile Manager CVE-2009-1988 Remote Vulnerability
http://www.securityfocus.com/bid/35696

Oracle Database CVE-2009-1969 Remote Auditing Vulnerability
http://www.securityfocus.com/bid/35689

Oracle Database CVE-2009-1020 Network Foundation Remote Vulnerability
http://www.securityfocus.com/bid/35684

Oracle E-Business Suite CVE-2009-1984 Application Install Local Vulnerability
http://www.securityfocus.com/bid/35690

Oracle Application Server CVE-2009-1976 Remote HTTP Server Vulnerability
http://www.securityfocus.com/bid/35688

Oracle PeopleSoft Enterprise PeopleTools CVE-2009-1987 Unspecified Remote Vulnerability
http://www.securityfocus.com/bid/35691

Oracle Config Management CVE-2009-1967 Remote Unspecified Vulnerability
http://www.securityfocus.com/bid/35692

Oracle E-Business Suite CVE-2009-1980 Remote Vulnerability
http://www.securityfocus.com/bid/35686

Oracle Database CVE-2009-1019 Remote Network Authentication Vulnerability
http://www.securityfocus.com/bid/35680

Oracle Database CVE-2009-1015 Remote Core RDBMS Vulnerability
http://www.securityfocus.com/bid/35682

Oracle Database CVE-2009-1973 Remote Virtual Private Database Vulnerability
http://www.securityfocus.com/bid/35687

Oracle Database CVE-2009-1963 Remote Network Foundation
http://www.securityfocus.com/bid/35677

Oracle Advanced Replication CVE-2009-1021 Remote Unspecified Vulnerability
http://www.securityfocus.com/bid/35685

Oracle Database CVE-2009-1970 Remote Listener Vulnerability
http://www.securityfocus.com/bid/35683




+ マイクロソフト セキュリティ情報 2009 年 7 月のセキュリティ情報
http://www.microsoft.com/japan/technet/security/bulletin/ms09-jul.mspx

+ MS09-029 - 緊急 Embedded OpenType フォント エンジンの脆弱性により、リモートでコードが実行される (961371)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-029.mspx

+ MS09-028 - 緊急 Microsoft DirectShow の脆弱性により、リモートでコードが実行される (971633)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-028.mspx

+ MS09-032 - 緊急 ActiveX の Kill Bit の累積的なセキュリティ更新プログラム (973346)
http://www.microsoft.com/japan/technet/security/bulletin/MS09-032.mspx

+ RHSA-2009:1154-1: Critical: dhcp security update
http://rhn.redhat.com/errata/RHSA-2009-1154.html
http://securitytracker.com/alerts/2009/Jul/1022554.html
http://www.kb.cert.org/vuls/id/410676
http://www.securityfocus.com/bid/35670
http://www.securityfocus.com/bid/35668

+ RHSA-2009:1136-1: Critical: dhcp security update
http://rhn.redhat.com/errata/RHSA-2009-1136.html
http://securitytracker.com/alerts/2009/Jul/1022555.html
http://www.kb.cert.org/vuls/id/410676
http://www.securityfocus.com/bid/35668

+ Oracle Critical Patch Update Advisory - July 2009
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2009.html
http://www.securityfocus.com/bid/35618

[ANNOUNCE] Npgsql 2.0.6 released!
http://www.npgsql.org/

[ANNOUNCE] PostgreSQL Live CD for 8.4.0 is released
http://www.pglivecd.org/

MySql Connector/Net 6.1.0 has been released
http://dev.mysql.com/downloads/connector/net/6.1.html

MySql Connector/Net 5.2.7 has been released
http://dev.mysql.com/downloads/connector/net/5.2.html

MS09-033 - 重要 Virtual PC および Virtual Server の脆弱性により、特権が昇格する (969856)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-033.mspx

MS09-031 - 重要 Microsoft ISA Server 2006 の脆弱性により、特権が昇格される (970953)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-031.mspx

MS09-030 - 重要 Microsoft Office Publisher の脆弱性により、リモート コードが実行される (969516)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-030.mspx

[ANNOUNCE] Benetl, a free ETL tool for files using postgreSQL, is out in version 2.9
http://www.benetl.net/

[ANNOUNCE] xTuple (PostgreSQL-powered accounting/CRM/ERP) bug derby - win a netbook!
http://www.xtuple.org/bug-derby-2009

DHCP 3.1.2p1 Released
http://oldwww.isc.org/sw/dhcp/dhcp_rel2.php?noframes=1

DHCP 4.0.1p1 Released
http://oldwww.isc.org/sw/dhcp/dhcp4_0_rel.php?noframes=1

DHCP 4.1.0p1 Released
http://oldwww.isc.org/sw/dhcp/dhcp4_1_rel.php?noframes=1

Solution 257329: A Security Vulnerability in Certain System Board Firmware Revisions of Sun Fire V215 Servers with XVR-100 Graphic Cards may Allow an Unprivileged User to Panic the System
http://sunsolve.sun.com/search/document.do?assetkey=1-66-257329-1

Solution 263768: SUN ALERT WEEKLY SUMMARY REPORT - Week of 05-Jul-2009 to 11-Jul-2009vhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-263768-1

Solution 259028: Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1

Dvebian : New sork-passwd-h3 packages fix regression
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29792

Microsoft : Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29799

Microsoft : Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29800

Microsoft : Cumulative Security Update of ActiveX Kill Bits
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29801

Microsoft : Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29802

Microsoft : Vulnerability in Microsoft ISA Server 2006 Could Cause Elevation of Privilege
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29803

Microsoft : Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29804

Debian : New djbdns packages fix privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29793

Debian : New camlimages packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29794

Digital Defense Inc. : LogRover SQL Injection Authentication Bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29795

Fortinet Security Research : Microsoft Office Web Components Remote Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29796

Hewlett-Packard : HP ProCurve Threat Management zl Module (J9155A), Remote Unauthorized Access, DoS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29798

Mandriva : libtiff
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29787

oCERT : libtiff tools integer overflows
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29797

Ubuntu Security Notice : D-Bus vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29788

Ubuntu Security Notice : irssi vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29789

Ubuntu Security Notice : tiff vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29790

Ubuntu Security Notice : Apache vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29791

RHBA-2009:1151-1: kernel bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1151.html

US-CERT Technical Cyber Security Alert TA09-195A -- Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2009-07/msg00001.html

[USN-803-1] dhcp vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00086.html

[SECURITY] [DSA 1833-1] New dhcp3 packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00085.html

TPTI-09-05: Microsoft DirectShow QuickTime Atom Parsing Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00084.html

ZDI-09-045: Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00083.html

[ GLSA 200907-12 ] ISC DHCP: dhcpclient Remote execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00082.html

Update: [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00078.html

Secunia Research: Novell eDirectory iMonitor "Accept-Language" Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00076.html

Virtualmin Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00079.html

[SECURITY] [DSA 1829-2] New sork-passwd-h3 packages fix regression
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00081.html

[oCERT-2009-010] mimeTeX and mathTeX buffer overflows and command injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00075.html

Firefox 3.5 new exploit - confirmed
http://isc.sans.org/diary.html?storyid=6796

ISC DHCP client updated
http://isc.sans.org/diary.html?storyid=6799

Oracle Black Tuesday
http://isc.sans.org/diary.html?storyid=6802

Recent attacks and a false sense of security
http://isc.sans.org/diary.html?storyid=6787

Microsoft July Black Tuesday Overview
http://isc.sans.org/diary.html?storyid=6790

Infocon returning to green from MS Advisory 973472
http://isc.sans.org/diary.html?storyid=6793

Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability (MS09-010)
http://www.securiteam.com/windowsntfocus/5UP0I0KRQK.html
WordPress Unchecked Privileges in admin.php and Multiple Information Disclosures
http://www.securiteam.com/securitynews/5QP0E0KRQM.html

Microsoft PowerPoint Conversion Filter Heap Corruption Vulnerability (MS09-017)
http://www.securiteam.com/windowsntfocus/5PP0D0KRQM.html

Adobe Flash Player Invalid Object Reference Vulnerability
http://www.securiteam.com/windowsntfocus/5MP0B0KRPU.html

VMware ESX Privilege Escalation and Code Execution Vulnerabilities
http://www.securiteam.com/unixfocus/5UP0J0KRPE.html

Adobe Reader and Acrobat JBIG2 Encoded Stream Heap Overflow Vulnerability
http://www.securiteam.com/securitynews/5SP0G0KRQM.html

Sun Java Web Start (JWS) GIF Decoding Heap Corruption Vulnerability
http://www.securiteam.com/securitynews/5TP0I0KRPO.html

Microsoft PowerPoint Notes Container Heap Corruption Vulnerability (MS09-017)
http://www.securiteam.com/windowsntfocus/5OP0D0KRPM.html

Sun Java Runtine Environment (JRE) Type1 Font Parsing Integer Signedness Vulnerability
http://www.securiteam.com/securitynews/5SP0H0KRPY.html

Awingsoft Awakening Winds3D Viewer Command Execution Vulnerability
http://www.securiteam.com/windowsntfocus/5TP0H0KRQK.html

IBM Lotus Sametime User Enumeration Vulnerability
http://www.securiteam.com/securitynews/5XP012KRPE.html

Citrix XenCenterWeb Multiple Vulnerabilities
http://www.securiteam.com/unixfocus/5PP0E0KRPC.html

Microsoft PowerPoint Build List Memory Corruption Vulnerability (MS09-017)
http://www.securiteam.com/windowsntfocus/5RP0F0KRQM.html

Microsoft PowerPoint Conversion Filter Stack Buffer Overflow Vulnerability (MS09-017)
http://www.securiteam.com/windowsntfocus/5NP0C0KRPW.html

IBM AIX muxatmd Buffer Overflow Vulnerability
http://www.securiteam.com/unixfocus/5OP0C0KRQM.html

Dillo Integer Overflow
http://www.securiteam.com/unixfocus/5WP0120RPY.html

Symbian S60 and Nokia Firmware Multiple Memory Corruption
http://www.securiteam.com/securitynews/5MP0A0KRQM.html

Photo DVD Maker Professional Buffer Overflow Vulnerability
http://www.securiteam.com/windowsntfocus/5QP0F0KRPS.html

HP Printers and Digital Senders Unauthorized Access to Files
http://www.securiteam.com/securitynews/5NP0B0KRQM.html

NullLogic Groupware DoS and Code Execution
http://www.securiteam.com/securitynews/5RP0G0KRPI.html

FCKeditor Input Sanitization Errors
http://www.securiteam.com/securitynews/5BP011PRPO.html

Joomla! HTTP Header Multiple XSS Vulnerabilities
http://www.securiteam.com/unixfocus/5DP090KRPO.html

Sourcefire 3D Sensor and DC Privilege Escalation Vulnerability
http://www.securiteam.com/unixfocus/5AP060KRPS.html

HP-UX Running Apache Web Server Suite DoS and Code Execution
http://www.securiteam.com/unixfocus/5VP010KRPK.html

Red Hat dhcpd init Script Symlink Flaw Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Jul/1022554.html

Mozilla Firefox Bug in Just-in-time (JIT) JavaScript Compiler Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022549.html

DHCP dhclient Stack Overflow in script_write_params() Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022548.html
Microsoft Internet Security and Acceleration Server OTP Authentication Bug Lets Remote Users Access Resources
http://www.securitytracker.com/id?1022547

Microsoft Office Publisher Pointer Dereference Bug Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022546
Microsoft DirectX DirectShow Validation Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022545

Mvicrosoft Virtual PC/Server Lets Local Users Gain Elevated Privileges Within a Guest Operating System
http://www.securitytracker.com/id?1022544

Windows Embedded OpenType (EOT) Font Engine Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022543

Sun Fire V215 Server System Board Firmware Bug Lets Remote and Local Users Deny Service
http://www.securitytracker.com/id?1022542

Novell eDirectory LDAP Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id?1022541

Novell eDirectory Buffer Overflow in Processing Accept-Language Headers Lets Remote Users Deny Service
http://www.securitytracker.com/id?1022540

LibTIFF Integer Overflows in tiff2rgba and rgb2ycbcr Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022539

FreeBSD IATA Driver IOCTL Bug Lets Local Users Deny Service
http://www.securitytracker.com/id?1022538

Wyse Device Manager Buffer Overflow in WDM Server and WDM Agent Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022537

HP ProCurve Threat Management Services Module Lets Remote Users Gain Access and Deny Service
http://www.securitytracker.com/id?1022536

Microsoft Office Web Components Bug in Spreadsheet ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022535.html

Vulnerability Note VU#443060: Mozilla Firefox 3.5 code execution vulnerability Overview
http://www.kb.cert.org/vuls/id/443060

Vulnerability Note VU#466161: XML signature HMAC truncation authentication bypass
http://www.kb.cert.org/vuls/id/466161

Vulnerability Note VU#410676: ISC DHCP dhclient stack buffer overflow
http://www.kb.cert.org/vuls/id/410676

Microsoft Virtual PC / Server Privilege Escalation Vulnerability (MS09-033)
http://www.vupen.com/english/advisories/2009/1890

Microsoft ISA Server 2006 Radius OTP Bypass Vulnerability (MS09-031)
http://www.vupen.com/english/advisories/2009/1889

Microsoft Office Publisher 2007 Pointer Dereference Vulnerability (MS09-030)
http://www.vupen.com/english/advisories/2009/1888

Microsoft Windows Embedded OpenType Two Vulnerabilities (MS09-029)
http://www.vupen.com/english/advisories/2009/1887

Microsoft DirectShow Remote Code Execution Vulnerabilities (MS09-028)
http://www.vupen.com/english/advisories/2009/1886

Hitachi Web Server Reverse Proxy Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1885

Hitachi Web Server SSL Client Authentication Security Bypass Issue
http://www.vupen.com/english/advisories/2009/1884

Novell eDirectory Multiple Remote Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/1883

MediaWiki "ip" Parameter Handling Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/1882

mimeTeX and mathTeX Buffer Overflow and Command Injection Issues

http://www.vupen.com/english/advisories/2009/1875

CamlImages PNG Image Parsing Two Integer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/1874

Wyse Device Manager Packet Handling Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/1871

LibTIFF "tiff2rgba" and "rgb2ycbcr" Two Integer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/1870

HP ProCurve Threat Management Services zl Module Vulnerabilities
http://www.vupen.com/english/advisories/2009/1869

Mozilla Firefox Elements Handling Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2009/1868

Virtualmin http://www.milw0rm.com/exploits/9143

JetAudio 7.5.3 COWON Media Center (.wav File) Crash Exploit
http://www.milw0rm.com/exploits/9139

Live For Speed 2 Version Z (.mpr ) Buffer Overflow Exploit (SEH)
http://www.milw0rm.com/exploits/9148

Icarus 2.0 (.ICP File) Local Stack Overflow Exploit
http://www.milw0rm.com/exploits/9146

Live For Speed 2 Version Z .Mpr Local buffer Overflow Exploit
http://www.milw0rm.com/exploits/9142

ISC DHCP Client Buffer Overflow
http://www.iss.net/threats/331.html

Multiple Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution
http://www.iss.net/threats/332.html

Multiple Vulnerabilities in the Embedded OpenType Font Engine of Microsoft Windows Could Allow Remote Code Execution
http://www.iss.net/threats/333.html

RETIRED: ADbNewsSender 'path_to_lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/35596

Oracle Database CVE-2009-1968 Remote Secure Enterprise Search Vulnerability
http://www.securityfocus.com/bid/35681

Oracle Secure Backup CVE-2009-1978 Remote Oracle Secure Backup Vulnerability
http://www.securityfocus.com/bid/35678

Oracle Complex Event Processing CVE-2009-1523 Remote Vulnerability
http://www.securityfocus.com/bid/35675

Oracle Database CVE-2009-0987 Remote Upgrade Vulnerability
http://www.securityfocus.com/bid/35679

Oracle Secure Backup CVE-2009-1977 Remote Oracle Secure Backup Vulnerability
http://www.securityfocus.com/bid/35672

Oracle WebLogic Server CVE-2009-1974 Remote Vulnerability
http://www.securityfocus.com/bid/35674

Oracle Config Management CVE-2009-1966 Unspecified Security Vulnerability
http://www.securityfocus.com/bid/35676

Oracle Weblogic Server CVE-2009-1975 Remote Vulnerability
http://www.securityfocus.com/bid/35673

ISC DHCP 'dhcpd -t' Command Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/35670

ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35668

Apache 'mod_proxy' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35565

Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
http://www.securityfocus.com/bid/35115

Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623

Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34934

Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35185

Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612

Linux Kernel 'splice(2)' Double Lock Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35143

Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35281

Mozilla Firefox 3.5 'Tracemonkey' Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35660

ISC DHCP Server Host Definition Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35669

Oracle July 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/35618

Microsoft DirectX DirectShow Length Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35616

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240

Microsoft Virtual PC and Virtual Server Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35601

Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35631

Microsoft Windows Embedded OpenType Font Engine Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35187

Microsoft Windows Embedded OpenType Font Engine Heap Overflow Vulnerability
http://www.securityfocus.com/bid/35186

Microsoft Windows 'MPEG2TuneRequest' ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35558

Microsoft DirectX DirectShow Pointer Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35600

Microsoft Publisher Object Handler Data Pointer Dereference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35599

Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35139

Hitachi Web Server Client SSL Certificate Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/35665

Hitachi Web Server Reverse Proxy Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35663

Sun Fire V215 Servers Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35661

Novell eDirectory Multiple Vulnerabilities
http://www.securityfocus.com/bid/35666

Microsoft Office Web Components ActiveX Control 'msDataSourceObject' Code Execution Vulnerability
http://www.securityfocus.com/bid/35642

Wyse Thin Client 'hagent.exe' Unspecified Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35650

Wyse Device Manager Unspecified Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35649

djbdns Long Response Packet Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/33937

Horde 'Passwd' Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35573

Openswan IPsec Livetest Insecure Temporary File Creation Vulnerability
vhttp://www.securityfocus.com/bid/31243

Oracle Highly Interactive Client CVE-2009-1981 Unspecified Local Vulnerability
http://www.securityfocus.com/bid/35698

Oracle E-Business Suite CVE-2009-1983 Remote Oracle iStore Vulnerability
http://www.securityfocus.com/bid/35697

Oracle PeopleSoft Enterprise HRMS eProfile Manager CVE-2009-1988 Remote Vulnerability
http://www.securityfocus.com/bid/35696

Oracle E-Business Suite CVE-2009-1986 Remote Oracle Applications Manager Vulnerability
http://www.securityfocus.com/bid/35695

Oracle PeopleSoft CVE-2009-1989 Remote PeopleSoft Enterprise FMS Vulnerability
http://www.securityfocus.com/bid/35694

Oracle E-Business Suite CVE-2009-1982 Remote Oracle Applications Framework Vulnerability
http://www.securityfocus.com/bid/35693

Oracle Config Management CVE-2009-1967 Remote Unspecified Vulnerability
http://www.securityfocus.com/bid/35692

Oracle PeopleSoft Enterprise PeopleTools CVE-2009-1987 Unspecified Remote Vulnerability
http://www.securityfocus.com/bid/35691

Oracle E-Business Suite CVE-2009-1984 Application Install Local Vulnerability
http://www.securityfocus.com/bid/35690

Oracle Database CVE-2009-1969 Remote Auditing Vulnerability
http://www.securityfocus.com/bid/35689

Oracle Application Server CVE-2009-1976 Remote HTTP Server Vulnerability
http://www.securityfocus.com/bid/35688

Oracle Database CVE-2009-1973 Remote Virtual Private Database Vulnerability
http://www.securityfocus.com/bid/35687

Oracle E-Business Suite CVE-2009-1980 Remote Vulnerability
http://www.securityfocus.com/bid/35686

Oracle Advanced Replication CVE-2009-1021 Remote Unspecified Vulnerability
http://www.securityfocus.com/bid/35685

Oracle Database CVE-2009-1020 Network Foundation Remote Vulnerability
http://www.securityfocus.com/bid/35684

Oracle Database CVE-2009-1970 Remote Listener Vulnerability
http://www.securityfocus.com/bid/35683

Oracle Database CVE-2009-1015 Remote Core RDBMS Vulnerability
http://www.securityfocus.com/bid/35682

Oracle Database CVE-2009-1019 Remote Network Authentication Vulnerability
http://www.securityfocus.com/bid/35680

Oracle Database CVE-2009-1963 Remote Network Foundation
http://www.securityfocus.com/bid/35677

IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671

Icarus '.icp' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35667

Ubuntu update for apache2
http://secunia.com/advisories/35823/

LogRover "uname" and "pword" SQL Injection Vulnerabilities
http://secunia.com/advisories/35821/

Debian update for djbdns
http://secunia.com/advisories/35820/

Debian update for camlimages
http://secunia.com/advisories/35819/

MediaWiki "Special:Blocks" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35818/

LibTIFF tiff2rgba and rgb2ycbcr Integer Overflow Vulnerabilities
http://secunia.com/advisories/35817/

mathTeX Multiple Vulnerabilities
http://secunia.com/advisories/35816/

Ubuntu update for apache2
http://secunia.com/advisories/35813/

Ubuntu update for irssi
http://secunia.com/advisories/35812/

Ubuntu update for tiff
http://secunia.com/advisories/35811/

Ubuntu update for dbus
http://secunia.com/advisories/35810/

Microsoft Virtual PC / Virtual Server Privilege Escalation Vulnerability
http://secunia.com/advisories/35808/

HP ProCurve Threat Management Services zl Module Multiple Vulnerabilities
http://secunia.com/advisories/35807/

shiromuku(fs6)DIARY Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35806/

Fedora update for webkitgtk
http://secunia.com/advisories/35805/

Fedora update for mumbles
http://secunia.com/advisories/35803/

Mozilla Firefox Memory Corruption Vulnerability
http://secunia.com/advisories/35798/

Wyse Device Manager Buffer Overflow Vulnerability
http://secunia.com/advisories/35794/

ISC DHCP "script_write_params()" Buffer Overflow Vulnerability
http://secunia.com/advisories/35785/

Microsoft ISA Server Security Bypass Vulnerability
http://secunia.com/advisories/35784/

HTMLDOC "set_page_size()" Buffer Overflow Vulnerability
http://secunia.com/advisories/35780/

Microsoft Office Publisher Pointer Dereference Vulnerability
http://secunia.com/advisories/35779/

Windows Embedded OpenType Font Engine Two Vulnerabilities
http://secunia.com/advisories/35773/

OnePound Shop "id" SQL Injection Vulnerability
http://secunia.com/advisories/35772/

Hitachi Web Server Reverse Proxy Denial of Service
http://secunia.com/advisories/35771/
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)