JVNDB-2009-001806 Sun Solaris の rpc.nisd におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001806.html
JVNDB-2009-001805 Microsoft Windows の Windows サーチにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001805.html
JVNDB-2009-001804 Microsoft Windows の RPC マーシャリングエンジンにおける任意のメモリ配置を上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001804.html
JVNDB-2009-001803 Microsoft Windows Kernel におけるユーザモードの入力検証に関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001803.html
JVNDB-2009-001802 Microsoft Windows Kernel におけるシステムコールの引数検証に関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001802.html
JVNDB-2009-001801 Microsoft Windows Kernel におけるポインタ検証に関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001801.html
JVNDB-2009-001800 Microsoft Windows Kernel におけるオブジェクト変更の検証に関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001800.html
JVNDB-2008-001960 Apple Safari の CoreGraphics におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001960.html
マイクロソフト セキュリティ情報 MS09-016 更新
http://www.microsoft.com/japan/technet/security/bulletin/MS09-016.mspx
マイクロソフト セキュリティ アドバイザリ (973472) の更新
http://www.microsoft.com/japan/technet/security/advisory/973472.mspx
Trend Micro Email Reputation Services のWebポータルサーバメンテナンスのお知らせ(2009年7月25日)
http://www.trendmicro.co.jp/support/news.asp?id=1280
HS09-011: Cross-site Scripting Vulnerability in Hitachi Business Logic - Container and Hitachi Business Logic - Container 2
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-011/index.html
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-011/index.html
HS09-010: Vulnerability in the Hitachi Web Server Function for Authenticating SSL Clients
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-010/index.html
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-010/index.html
HS09-009: DoS Vulnerability in Hitachi Web Server reverse proxy function
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-009/index.html
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-009/index.html
HS09-008: Vulnerability in reading arbitrary memory locations by using a parsing zip file API in Cosminexus, Processing Kit for XML, Hitachi Developer's Kit for Java
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-008/index.html
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-008/index.html
HS09-007: Vulnerability in the UTF-8 decode function in Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-007/index.html
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-007/index.html
HS09-014: Cosminexus, Processing Kit for XML, Hitachi Developer's Kit for Javaにおけるバッファオーバーフローの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-014/index.html
HS09-013: Hitachi Device ManagerサーバのIPv6環境におけるアクセス制限が無効になる問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-013/index.html
HS09-012: Groupmax Scheduler Serverでアクセス権の設定が無効になる問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-012/index.html
脆弱性対策情報データベースJVN iPediaの登録状況
[2009年第2四半期(4月~6月)]
http://www.ipa.go.jp/security/vuln/report/JVNiPedia2009q2.html
JVNTA09-204A Adobe Flash Player および他の Adobe 製品に影響を及ぼす Adobe Flash の脆弱性
http://jvn.jp/cert/JVNTA09-204A/index.html
Palm Pre WebOS URL Processing Vulnerability
http://secunia.com/advisories/35960/
Drupal Bubbletimer Create Timesheets HTML Injection Vulnerability
http://www.securityfocus.com/bid/35763
NetBSD 'hack(6)' Multiple Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35542
[ANNOUNCE] Apache Ivy 2.1.0-rc2 released
http://ant.apache.org/ivy/download.cgi
HPSBUX02437 SSRT090038 rev.1 - XNTPを実行するHP-UX、任意コードのリモート実行
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01818501-1
Parrot 1.4.0 "Mundo Cani" Released!
http://use.perl.org/article.pl?sid=09/07/23/1048243&from=rss
DreamCoder for PostgreSQL ver 2.1 released
http://www.postgresql.org/about/news.1118
DbWrench Database Design & Synchronization v1.6.0
http://www.postgresql.org/about/news.1117
Private Branch Exchange (PBX) service terminated with service-specific error 22 (0x16)
http://seer.entsupport.symantec.com/docs/328522.htm
Debian : New xulrunner packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29872
Independent Researcher : iPhone remote code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29874
Akamai Technologies : Download Manager
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29873
Flash Playerに危険な脆弱性、悪用する「PDFウイルス」が出現
FlashファイルやWebページを開くだけでも被害の恐れ、修正版は未公開
http://itpro.nikkeibp.co.jp/article/NEWS/20090723/334407/?ST=security
2009年上半期のセキュリティ脅威,SNSを狙った攻撃が増加
http://itpro.nikkeibp.co.jp/article/Research/20090723/334383/?ST=security
JVNVU#259425 Adobe Flash Player に脆弱性
http://jvn.jp/cert/JVNVU259425/index.html
Solution 259148: Security Vulnerability in the Solaris Simple Authentication and Security Layer (SASL) Library (see libsasl(3LIB)) Routine sasl_encode64(3SASL) may Allow Unprivileged Users to Crash Applications Using this Function
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1
[USN-806-1] Python vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00176.html
US-CERT Technical Cyber Security Alert TA09-204A -- Adobe Flash Vulnerability Affect
http://www.derkeiler.com/Mailing-Lists/Cert/2009-07/msg00002.html
Stored XSS on Communigate Pro 5.2.14 and prior versions
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00173.html
[GSEC-TZO-45-2009] iPhone remote code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00167.html
[SECURITY] [DSA 1840-1] New xulrunner packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00166.html
LifeType 1.2.8 Remote File Inclusion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00170.html
Ocean CMS 0.0.2 Remote File Inclusion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00169.html
wordpress plugins WP Super Cache v0.8.3 Remote File Inclusion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-07/msg00168.html
Missouri Passes Breach Notification Law: Gap Still Exists for Banking Account Information
http://isc.sans.org/diary.html?storyid=6856
Fedora update for wxGTK
http://secunia.com/advisories/35965/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/35964/
RaidenHTTPD "ulang" Cross-Site Scripting and Local File Inclusion
http://secunia.com/advisories/35963/
Debian update for xulrunner
http://secunia.com/advisories/35961/
Drupal Bubbletimer Module Multiple Vulnerabilities
http://secunia.com/advisories/35959/
Ubuntu update for firefox-3.0 and xulrunner-1.9
http://secunia.com/advisories/35958/
Drupal Moderation Module Cross-Site Request Forgery
http://secunia.com/advisories/35957/
Clone2009 Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/35952/
Akamai Download Manager Redswoosh Buffer Overflow
http://secunia.com/advisories/35951/
Adobe Reader/Acrobat SWF Content Arbitrary Code Execution
http://secunia.com/advisories/35949/
Adobe Flash Player Arbitrary Code Execution Vulnerability
http://secunia.com/advisories/35948/
The BLOB Blog System "postid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/35938/
IBM Tivoli Identity Manager Session Fixation Vulnerability
http://secunia.com/advisories/35931/
Phorum BBCode Tags Script Insertion Vulnerabilities
http://secunia.com/advisories/35928/
Joomla! Information Disclosure and File Upload Vulnerability
http://secunia.com/advisories/35899/
DD-WRT Web Interface Bug Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022596.html
Adobe Flash Player Unspecified Bug Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022593.html
Akamai Download Manager Stack Overflow in Processing HTTP Responses Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Jul/1022592.html
IBM Tivoli Identity Manager Unspecified Session Fixation Vulnerability
http://www.vupen.com/english/advisories/2009/1990
Adobe Flash (Embedded in PDF) LIVE VIRUS/MALWARE Exploit
http://www.milw0rm.com/exploits/9233
WINMOD 1.4 (.lst) Local Stack Overflow Exploit
http://www.milw0rm.com/exploits/9234
RHBA-2009:1174-1: openldap bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1174.html
NTP 'ntpq' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34481
GNOME Evolution S/MIME Email Signature Verification Vulnerability
http://www.securityfocus.com/bid/33720
NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35017
Microsoft Office Web Components ActiveX Control 'msDataSourceObject' Code Execution Vulnerability
http://www.securityfocus.com/bid/35642
GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34100
Evolution Data Server 'ntlm_challenge()' Memory Contents Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34109
Joomla! 'com_joomloads' Component 'packageId' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35784
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
Python 'expandtabs' Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33187
Python Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31976
Python 'Imageop' Module Argument Validation Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/31932
phpGroupWare Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/35761
Mozilla Firefox 'XPCCrossOriginWrapper' Multiple Cross Domain Scripting Vulnerabilities
http://www.securityfocus.com/bid/35773
Mozilla Firefox 'watch()' and ' __defineSetter__ ()' Functions Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35772
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Mozilla Firefox/Thunderbird Double Frame Construction Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35770
Mozilla Firefox and Thunderbird RDF File Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35775
Mozilla Firefox Flash Player Unloading Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35767
Mozilla Firefox/Thunderbird JavaScript Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35776
Mozilla Firefox and Thunderbird Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35765
Mozilla Firefox 'setTimeout()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35766
S.T.A.L.K.E.R. Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/29723
S.T.A.L.K.E.R. Clear Sky Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35762
Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193
Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196
Apache Tomcat XML Parser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35416
Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35263
Apache Tomcat Cookie Quote Handling Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/27706
Linux Kernel 'splice(2)' Double Lock Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35143
Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35185
Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34934
Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35281
Linux Kernel 'tun_chr_pool()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/35724
Acajoom Component for Mambo/Joomla! Backdoor Vulnerability
http://www.securityfocus.com/bid/35459
ZNC File Upload Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35757
Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35759
Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35660
phpDirectorySource SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/35760
Mozilla Firefox Unicode Data Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35707
OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/35138
OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/35001
WebKit CSS 'Attr' Function Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35318
Microsoft DirectX DirectShow Length Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35616
wxWidgets 'wxImage::Create()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35552
IBM Tivoli Identity Manager Session Fixation Vulnerability
http://www.securityfocus.com/bid/35779
DD-WRT Web Management Interface Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/35742
NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35740
CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
http://www.securityfocus.com/bid/35783
ve107 my_gallery Plugin 'file' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/35782
RaidenHTTPD Cross Site Scripting and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/35781
0 件のコメント:
コメントを投稿