+ Solution 260951: A Security Vulnerability in the Solaris IP Filter (ipf(5)) May Lead to a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-260951-1
+ Solution 262788: Security Vulnerability in Solaris NFSv4 Kernel Module May Panic an NFSv4 Client System
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262788-1
+ Solution 263529: Security Vulnerabilities in Solaris Bundled Tomcat May Lead to Unauthorized Access to Data or Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263529-1
+ Solution 258808: Security Vulnerability in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-258808-1
JVNDB-2009-001771 複数の Apple 製品における Safari ユーザのセッションを追跡可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001771.html
JVNDB-2009-001770 複数の Apple 製品におけるフレームのコンテンツ処理に関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001770.html
JVNDB-2009-001769 複数の Apple 製品におけるリダイレクト処理に関する任意の Web サイトから画像を読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001769.html
JVNDB-2009-001768 複数の Apple 製品における CANVAS 要素の処理に関する任意の Web サイトから画像を読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001768.html
JVNDB-2009-001767 複数の Apple 製品における JavaScript プロトタイプの処理に関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001767.html
MySQL 5.0.85 (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-85.html
MySQL 5.0.85 (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-85.html
Windowsの危険な脆弱性を修正するパッチ公開、ゼロデイ攻撃に対処
「緊急」のセキュリティ情報が3件、すぐにパッチの適用を
http://itpro.nikkeibp.co.jp/article/NEWS/20090716/333934/?ST=security
Twitter,社員の「Google Apps」アカウントから社内文書が流出
http://itpro.nikkeibp.co.jp/article/NEWS/20090716/333936/?ST=security
ARP制御で検査・隔離・治療の3役をこなす検疫アプライアンスが登場
http://itpro.nikkeibp.co.jp/article/NEWS/20090715/333887/?ST=security
Changes in Windows Security Center
http://isc.sans.org/diary.html?storyid=6808
Make sure you update that Java
http://isc.sans.org/diary.html?storyid=6805
+ Microsoft Embedded OpenType Font Engine (T2EMBED.DLL) Heap Buffer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=811
OpenSSL 1.0.0 beta3 release
http://www.openssl.org/
[ANNOUNCE] Apache Jackrabbit 2.0 alpha4 released
http://jackrabbit.apache.org/downloads.html
Open-source adoption faces extra obstacles in China
http://www.linux.org/news/2009/07/15/0006.html
Growth Metrics for KDE Contributors
http://www.linux.org/news/2009/07/15/0005.html
Second edition of Mandriva Linux One 2009.1 released
http://www.linux.org/news/2009/07/15/0004.html
Embedded Linux boots in one second
http://www.linux.org/news/2009/07/15/0003.html
Bill Gates on Google's Chrome OS
http://www.linux.org/news/2009/07/15/0002.html
Apache and the future of open-source licensing
http://www.linux.org/news/2009/07/15/0001.html
Cisco Security Advisory: Vulnerabilities in Unified Contact Center Express Administration Pages
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ae04b2.shtml
The latest snapshot for the stable Linux kernel tree is: 2.6.31-rc3-git1
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=summary
Slackware Linux : dhcp
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29806
Debian : New sork-passwd-h3 packages fix regression
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29792
Debian : New dhcp3 packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29807
Gentoo Linux : ISC DHCP: dhcpclient Remote execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29813
Independent Researcher : Virtualmin Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29819
Microsoft : Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29799
Microsoft : Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29800
iDefense Security Advisory 07.15.09: Microsoft Office Publisher 2007 Arbitrary Pointer Dereference Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00097.html
[SECURITY] [DSA 1835-1] New tiff packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00096.html
[SECURITY] [DSA 1834-1] New apache2 packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00094.html
Mobile Rediff Username and Password Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00093.html
[GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seam
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00092.html
iDefense Security Advisory 07.15.09: Microsoft Embedded OpenType Font Engine (T2EMBED.DLL) Heap Buff
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00091.html
Cisco Security Advisory: Vulnerabilities in Unified Contact Center Express Administration Pages
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00090.html
Cross-Site Scripting vulnerability in Mozilla, Firefox and Chrome
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00095.html
MULTIPLE ARBITRARY INFORMATION DISCLOSURE AND EDITION --ILIAS LMS <= 3.10.7/3.9.9-->
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00088.html
Admin News Tools 2.5 Remote File Download Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00087.html
PUBLIC ADVISORY: 07.14.09: Microsoft Embedded OpenType Font Engine (T2EMBED.DLL) Heap Buffer Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=811
PUBLIC ADVISORY: 07.14.09: Microsoft Office Publisher 2007 Arbitrary Pointer Dereference Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=812
JVNVU#410676 ISC DHCP dhclient におけるバッファオーバーフローの脆弱性
http://jvn.jp/cert/JVNVU410676/index.html
JVNTA09-195A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-195A/index.html
JVNVU#443060 Mozilla Firefox 3.5 に任意のコードが実行される脆弱性
http://jvn.jp/cert/JVNVU443060/index.html
JVNVU#466161 XML 署名の検証において認証回避が可能な問題
http://jvn.jp/cert/JVNVU466161/index.html
JVNTA09-187A Microsoft Video ActiveX コントロールにおけるバッファオーバーフローの脆弱性
http://jvn.jp/cert/JVNTA09-187A/index.html
Apache XML Security HMAC Truncation Spoofing
http://secunia.com/advisories/35855/
XML Security Library XML Signature HMAC Truncation Spoofing
http://secunia.com/advisories/35854/
Sun Java JDK / JRE XML Signature HMAC Truncation Spoofing
http://secunia.com/advisories/35853/
Mono XML Signature HMAC Truncation Spoofing
http://secunia.com/advisories/35852/
Debian update for dhcp3
http://secunia.com/advisories/35851/
Red Hat update for dhcp
http://secunia.com/advisories/35850/
Gentoo update for dhcp
http://secunia.com/advisories/35849/
Red Hat update for kernel-rt
http://secunia.com/advisories/35847/
ADbNewsSender "Path_to_lang" Local File Inclusion Vulnerability
http://secunia.com/advisories/35845/
IBM WebSphere Application Server for z/OS Denial of Service
http://secunia.com/advisories/35843/
Admin News Tools "fichier" Directory Traversal Vulnerability
http://secunia.com/advisories/35842/
Ubuntu update for dhcp3
http://secunia.com/advisories/35841/
ScriptsEz Easy Image Downloader "id" Cross-Site Scripting
http://secunia.com/advisories/35838/
eCardMAX 2008 "cat" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/35837/
eCardMAX FormXP 2007 "sid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35836/
NetBSD update for ISC dhclient
http://secunia.com/advisories/35832/
Red Hat update for dhcp
http://secunia.com/advisories/35831/
Debian update for dhcp3
http://secunia.com/advisories/35830/
Slackware update for dhcp
http://secunia.com/advisories/35829/
Music Tag Editor MP3 Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/35828/
Virtualmin Multiple Vulnerabilities
http://secunia.com/advisories/35824/
Oracle Products Multiple Vulnerabilities
http://secunia.com/advisories/35776/
Oracle Application Server Bugs Let Remote Users Modify Data
http://www.securitytracker.com/id?1022567
Oracle PeopleSoft Enterprise Bugs Let Remote Users Modify Data
http://www.securitytracker.com/id?1022566
Oracle Secure Enterprise Search Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1022565
Oracle Siebel Enterprise Lets Local Users Access and Modify Data
http://www.securitytracker.com/id?1022564
Oracle Complex Event Processing Bug Lets Remote Users Access Data
http://www.securitytracker.com/id?1022563
Oracle E-Business Suite Bugs Let Remote Users Modify Data and Remote Authenticated Users Access Data and Cause Denial of Service Conditions
http://www.securitytracker.com/id?1022562
WebLogic Server Bugs Let Remote Users Gain Access and Modify Data and Deny Service
http://www.securitytracker.com/id?1022561
Vulnerability Note VU#545228: Microsoft Office Web Components Spreadsheet ActiveX control vulnerability
http://www.kb.cert.org/vuls/id/545228
Make sure you update that Java
http://isc.sans.org/diary.html?storyid=6805
Oracle Products Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/1900
ISC DHCP dhclient "script_write_params()" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/1891
AudioPLUS 2.00.215 (.m3u .lst) Universal SEH Overwrite Exploit
http://www.milw0rm.com/exploits/9152
Icarus 2.0 (.ICP File) Local Buffer Overflow Exploit (SEH)
http://www.milw0rm.com/exploits/9149
Microsoft Publisher Object Handler Data Pointer Dereference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35599
Oracle PeopleSoft CVE-2009-1989 Remote PeopleSoft Enterprise FMS Vulnerability
http://www.securityfocus.com/bid/35694
Matt Wright FormMail HTTP Response Splitting and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34929
Horde 'Passwd' Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35573
djbdns Long Response Packet Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/33937
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
Irssi 'WALLOPS' Message Off By One Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35399
Joomla! and Mambo gigCalendar Component 'venuedetails.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/33863
D-Bus 'dbus_signature_validate()' Type Signature Denial of Service Vulnerability
http://www.securityfocus.com/bid/31602
phpScheduleIt 'reserve.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/31520
strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/35452
Openswan and strongSwan DPD Packet Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/34296
Balabit syslog-ng Insecure 'chroot()' Implementation Weakness
http://www.securityfocus.com/bid/32338
CamlImages PNG Image Parsing Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35556
Openswan IPsec Livetest Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/31243
Opial Multiple Vulnerabilities
http://www.securityfocus.com/bid/35641
Pirch IRC Client Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35639
Cyrus SASL 'sasl_encode64()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34961
ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35668
Multiple Ralinktech Wireless Drivers MAC/BSS/SSID Integer Overflow Vulnerability
http://www.securityfocus.com/bid/33340
libmodplug 's3m' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30801
libmodplug 'load_pat.c' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34747
WordPress My Category Order Plugin 'parentID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35704
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34800
Microsoft Windows Embedded OpenType Font Engine Heap Overflow Vulnerability
http://www.securityfocus.com/bid/35186
LibTIFF Multiple Remote Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35652
LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/35451
Cisco Unified Contact Center Express CRS Administration Interface Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35706
Apache 'mod_proxy' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35565
Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623
Mozilla Firefox 3.5 'Tracemonkey' Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35660
Cisco Unified Contact Center Express (CCX) Arbitrary Script Injection Vulnerability
http://www.securityfocus.com/bid/35705
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
Mozilla Firefox 3.5 Unicode Data Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35707
Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/35253
Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
http://www.securityfocus.com/bid/35221
Apache 'Options' and 'AllowOverride' Directives Security Bypass Vulnerability
http://www.securityfocus.com/bid/35115
Oracle Database CVE-2009-1963 Remote Network Foundation Vulnerability
http://www.securityfocus.com/bid/35677
RETIRED: Oracle Complex Event Processing CVE-2009-1523 Remote Vulnerability
http://www.securityfocus.com/bid/35675
RETIRED: Oracle July 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/35618
Censura 'itemid' Parameter Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35637
GStreamer gst-plugins-good 'gstpngdec.c' PNG Output Buffer Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35172
GStreamer QuickTime Media File Parsing Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33405
Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34240
Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34934
Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35185
Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612
Linux Kernel 'splice(2)' Double Lock Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35143
Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35281
eBay Enhanced Picture Services ActiveX Control Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35700
mIRC 'PRIVMSG' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31552
RETIRED: ADbNewsSender 'path_to_lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/35596
Microsoft DirectX DirectShow Length Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35616
Oracle Highly Interactive Client CVE-2009-1981 Unspecified Local Vulnerability
http://www.securityfocus.com/bid/35698
Oracle E-Business Suite CVE-2009-1983 Remote Oracle iStore Vulnerability
http://www.securityfocus.com/bid/35697
Oracle E-Business Suite CVE-2009-1986 Remote Oracle Applications Manager Vulnerability
http://www.securityfocus.com/bid/35695
Oracle E-Business Suite CVE-2009-1982 Remote Oracle Applications Framework Vulnerability
http://www.securityfocus.com/bid/35693
Oracle PeopleSoft Enterprise HRMS eProfile Manager CVE-2009-1988 Remote Vulnerability
http://www.securityfocus.com/bid/35696
Oracle Database CVE-2009-1969 Remote Auditing Vulnerability
http://www.securityfocus.com/bid/35689
Oracle Database CVE-2009-1020 Network Foundation Remote Vulnerability
http://www.securityfocus.com/bid/35684
Oracle E-Business Suite CVE-2009-1984 Application Install Local Vulnerability
http://www.securityfocus.com/bid/35690
Oracle Application Server CVE-2009-1976 Remote HTTP Server Vulnerability
http://www.securityfocus.com/bid/35688
Oracle PeopleSoft Enterprise PeopleTools CVE-2009-1987 Unspecified Remote Vulnerability
http://www.securityfocus.com/bid/35691
Oracle Config Management CVE-2009-1967 Remote Unspecified Vulnerability
http://www.securityfocus.com/bid/35692
Oracle E-Business Suite CVE-2009-1980 Remote Vulnerability
http://www.securityfocus.com/bid/35686
Oracle Database CVE-2009-1019 Remote Network Authentication Vulnerability
http://www.securityfocus.com/bid/35680
Oracle Database CVE-2009-1015 Remote Core RDBMS Vulnerability
http://www.securityfocus.com/bid/35682
Oracle Database CVE-2009-1973 Remote Virtual Private Database Vulnerability
http://www.securityfocus.com/bid/35687
Oracle Advanced Replication CVE-2009-1021 Remote Unspecified Vulnerability
http://www.securityfocus.com/bid/35685
Oracle Database CVE-2009-1970 Remote Listener Vulnerability
http://www.securityfocus.com/bid/35683
Drupal Submitted By 'submitted by' Text HTML Injection Vulnerability
http://www.securityfocus.com/bid/35708
0 件のコメント:
コメントを投稿