JVNDB-2009-001777 複数の Apple 製品における Location と History オブジェクトの処理に関するクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001777.html
JVNDB-2009-001776 複数の Apple 製品における JavaScript DOM 実装に関連する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001776.html
JVNDB-2009-001775 複数の Apple 製品におけるリダイレクト処理に関する任意の Web ページから XML コンテンツを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001775.html
JVNDB-2009-001774 複数の Apple 製品における XML 外部エンティティの処理に関する任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001774.html
JVNDB-2009-001773 複数の Apple 製品における CSS attr 関数の処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001773.html
JVNDB-2009-001772 複数の Apple 製品における XMLHttpRequest の処理に関する CRLF インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001772.html
OASIS,電子IDカード「Information Card」向けプロトコル「IMI」を承認
http://itpro.nikkeibp.co.jp/article/NEWS/20090717/334028/?ST=security
JVNVU#545228 Microsoft Office Web コンポーネントのスプレッドシート ActiveX コントロールに脆弱性
http://jvn.jp/cert/JVNVU545228/index.html
JVNTA09-195A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-195A/index.html
Solaris SCTP Packet Processing Bug Lets Remote Authenticated Users Deny Service
http://securitytracker.com/alerts/2009/Jul/1022574.html
Sun Ray Server Software utaudiod Bugs Let Local Users Deny Service, Gain Elevated Privileges, or Access Other User Sessions
http://www.securitytracker.com/id?1022573
Solaris NFS Bug Lets Local Users Deny Service
http://www.securitytracker.com/id?1022572
Sun Ray Server Software utdmsession Bug Lets Local Users Access Other Sessions
http://www.securitytracker.com/id?1022571
Solaris IP Filter Bug in frpr_icmp() Lets Remote and Local Users Deny Service
http://www.securitytracker.com/id?1022570
Cisco Unified Contact Center Express Express Administration Pages Permit Script Injection and Directory Traversal Attacks
http://www.securitytracker.com/id?1022569
Mozilla Firefox 3.5 'Tracemonkey' Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35660
+ libpng 1.2.38 released
http://www.libpng.org/pub/png/libpng.html
+ Solution 253608: A Security Vulnerability in the Solaris SCTP Packet Processing may Lead to a System Panic Resulting in a Denial of Service (DoS)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-253608-1
http://secunia.com/advisories/35873/
http://www.vupen.com/english/advisories/2009/1914
http://www.securityfocus.com/bid/35712
+ RHSA-2009:1159-1: Moderate: libtiff security update
http://rhn.redhat.com/errata/RHSA-2009-1159.html
MySQL Connector/J 5.1.8 Has Been Released!
http://dev.mysql.com/downloads/connector/j/5.1.html
Dell is hot on Moblin, lukewarm on Chrome
http://www.linux.org/news/2009/07/16/0005.html
Can Linux manage updates and upgrades more easily than Windows?
http://www.linux.org/news/2009/07/16/0004.html
Linux Vendor Settles With Microsoft
http://www.linux.org/news/2009/07/16/0003.html
Ksplice gives Linux users 88% of kernel updates without rebooting
http://www.linux.org/news/2009/07/16/0002.html
Sun shareholders approve sale to Oracle
http://www.linux.org/news/2009/07/16/0001.html
After converting the Basic Disk Group to a Dynamic Disk Group, will the System Disk still be available should Storage Foundation for Windows (SFW) be uninstalled?
http://seer.entsupport.symantec.com/docs/327854.htm
Solution 252226: A Security Vulnerability in Sun Ray Server Software may Allow Unauthorized Manipulation of Sessions
http://sunsolve.sun.com/search/document.do?assetkey=1-66-252226-1
Solution 253889: Two Security Vulnerabilities in Sun Ray Server Software 4.0 on Systems with Trusted Extensions Enabled May Allow either a Denial of Service (DoS) of the Audio Service or Unauthorized Access to Other Users' Sessions
http://sunsolve.sun.com/search/document.do?assetkey=1-66-253889-1
Gentoo Linux : PulseAudio: Local privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29830
Cisco : Vulnerabilities in Unified Contact Center Express Administration Pages
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29825
Debian : New apache2 packages fix denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29823
Debian : New tiff packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29824
Foundstone : Mobile Rediff Username and Password Disclosure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29833
iDEFENSE : Microsoft Embedded OpenType Font Engine (T2EMBED.DLL) Heap Buffer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29826
iDEFENSE : Microsoft Office Publisher 2007 Arbitrary Pointer Dereference Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29828
Independent Researcher : Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29827
Independent Researcher : Vulnerable DLLs distributed with Terratec HomeCinema 6.3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29829
Mandriva : dhcp
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29821
SecurityLab : Admin News Tools 2.5 Remote File Download Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29831
Nmap 5.00 Released!
http://nmap.org/5/
「サプライチェーン攻撃」などがセキュリティ上の最大の脅威に----米SANSの専門家が指摘
http://itpro.nikkeibp.co.jp/article/NEWS/20090716/333954/?ST=security
仮想ブラウザでWebからの攻撃を防御,チェック・ポイントがクライアント製品の新版を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20090716/333964/?ST=security
[USN-804-1] PulseAudio vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00113.html
[SECURITY] [DSA 1836-1] New fckeditor packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00114.html
[oCERT-2009-011] Android improper camera and audio permission verification
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00112.html
[ GLSA 200907-13 ] PulseAudio: Local privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00110.html
=?windows-1251?Q?[DSECRG-09-031]_Oracle_BEA_Weblogic_10.3_Linked_=D5SS_vulnerability?=
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00111.html
[DSECRG-09-025] Oracle Secure Enterprise Search 10.1.8 Linked XSS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00109.html
Re[2]: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00108.html
Re[2]: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00107.html
FRHACK List of Talks and Speakers released
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00105.html
Vulnerable DLLs distributed with Terratec HomeCinema 6.3
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00103.html
[ MDVSA-2009:151 ] dhcp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00102.html
Firefox 3.5 new exploit - confirmed
http://isc.sans.org/diary.html?storyid=6796
Fedora update for seamonkey
http://secunia.com/advisories/35882/
Sun Solaris IP Filter Denial of Service
http://secunia.com/advisories/35881/
SUSE update for dhcp-client
http://secunia.com/advisories/35880/
Drupal Image Assist Module Script Insertion and Information Disclosure
http://secunia.com/advisories/35879/
Fedora update for perl
http://secunia.com/advisories/35876/
Sun Solaris NFSv4 Kernel Module Local Denial of Service
http://secunia.com/advisories/35874/
Sun Solaris SCTP Packet Denial of Service
http://secunia.com/advisories/35873/
Sun Ray Server Software Multiple Vulnerabilities
http://secunia.com/advisories/35872/
Debian update for apache2
http://secunia.com/advisories/35871/
FCKeditor.Java Infinite Loop Denial of Service Vulnerability
http://secunia.com/advisories/35870/
Debian update for tiff
http://secunia.com/advisories/35866/
Debian update for apache2
http://secunia.com/advisories/35865/
Cisco Unified Contact Center Express Two Vulnerabilities
http://secunia.com/advisories/35861/
RSA Products XML Signature HMAC Truncation Spoofing
http://secunia.com/advisories/35858/
ILIAS Data Manipulation and Information Disclosure Vulnerabilities
http://secunia.com/advisories/35856/
Good/Bad Vote "id" Local File Inclusion Vulnerability
http://secunia.com/advisories/35835/
Ultimate Poll "clr" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35835/
Hamster Audio Player Playlist Processing Buffer Overflow
http://secunia.com/advisories/35825/
Live for Speed ".mpr" File Processing Buffer Overflow
http://secunia.com/advisories/35822/
AEF SQL Injection and Information Disclosure
http://secunia.com/advisories/35646/
Meeting Room Booking System SQL Injection Vulnerability
http://secunia.com/advisories/35469/
Mozilla Firefox Font HTML Tags Remote Code Execution
http://www.iss.net/threats/335.html
Sun Ray Server Software Code Execution and Information Disclosure
http://www.vupen.com/english/advisories/2009/1915
Sun Solaris SCTP Packet Processing Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/1914
Cisco Unified CCX Directory Traversal and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/1913
Sun JDK and JRE HMAC Truncation Authentication Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/1912
XML Security Library HMAC Truncation Authentication Bypass Issue
http://www.vupen.com/english/advisories/2009/1911
RSA Products HMAC Truncation Authentication Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/1910
Apache XML Security HMAC Truncation Authentication Bypass Issue
http://www.vupen.com/english/advisories/2009/1909
Mono XML Signature HMAC Truncation Authentication Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/1908
IBM WebSphere Application Server for z/OS Denial of Service Issues
http://www.vupen.com/english/advisories/2009/1907
Microsoft Office Web Components (Spreadsheet) ActiveX BOF PoC
http://www.milw0rm.com/exploits/9163
Sguil/PADS SQL Injection / Server Crash Vulnerability
http://www.milw0rm.com/exploits/9175
Easy RM to MP3 Converter 2.7.3.700 (.m3u) Universal BOF Exploit
http://www.milw0rm.com/exploits/9177
Hamster Audio Player 0.3a Universal Buffer Overflow Exploit (SEH)
http://www.milw0rm.com/exploits/9172
America's Army Invalid Query Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35703
Wyse Thin Client 'hagent.exe' Unspecified Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35650
Wyse Device Manager Unspecified Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35649
MediaWiki 'Special:Blocks' Page Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35662
FCKeditor 'CurrentFolder' Parameter Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/31812
FCKeditor.Java Infinite Loop Denial of Service Vulnerability
http://www.securityfocus.com/bid/35709
Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
http://www.securityfocus.com/bid/35380
Mozilla Firefox/Thunderbird/SeaMonkey Null Owner Document Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/35383
Mozilla Firefox/Thunderbird/SeaMonkey Double Frame Construction Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35371
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34656
Mozilla Firefox and SeaMonkey JavaScript Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35373
Mozilla Firefox/SeaMonkey 'file://' URI Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35391
Mozilla Thunderbird/Seamonkey Multipart Alternative Message Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35461
LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/35451
LibTIFF Multiple Remote Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35652
Oracle Secure Enterprise Search 'search_p_groups' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/35681
Oracle PeopleSoft CVE-2009-1989 Remote PeopleSoft Enterprise FMS Vulnerability
http://www.securityfocus.com/bid/35694
Sun Ray Server Multiple Vulnerabilities
http://www.securityfocus.com/bid/35713
Microsoft Publisher Object Handler Data Pointer Dereference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35599
Sun Ray Server Software 'utdmsession' Command Security Bypass Vulnerability
http://www.securityfocus.com/bid/35711
Sun Solaris NFS Version 4 Kernel Module Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35714
Sun Solaris SCTP Packet Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35712
Sun Solaris IP Filter (ipf(5)) Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35715
Apache 'mod_proxy' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35565
Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
Perl 'rmtree()' Function Local Insecure Permissions Vulnerability
http://www.securityfocus.com/bid/29902
'Compress::Raw::Zlib' Perl Module Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35307
Perl Archive::Tar Module Remote Directory Traversal Vulnerability
http://www.securityfocus.com/bid/26355
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
PulseAudio setuid Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35721
db Masters Multimedia Content Manager 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35720
MightSOFT Audio Editor Pro MP3 File Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35719
PHPLive! 'request.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/35718
Open Handset Alliance Android Permission Verification Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/35717
0 件のコメント:
コメントを投稿