Mozilla Thunderbird 2.0.0.23 released
http://mozilla.jp/thunderbird/2.0.0.23/releasenotes/
JVNDB-2009-000055 サイトカレンダ mycaljp におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000055.html
JVNDB-2009-001918 Microsoft Virtual PC の VMM におけるゲスト OS 内で任意のカーネルモードコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001918.html
JVNDB-2009-001917 Microsoft ISA Server における Radius OTP 使用に関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001917.html
JVNDB-2009-001916 Microsoft Office Publisher におけるオブジェクトハンドラデータの計算処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001916.html
JVNDB-2009-001915 Microsoft Windows の Embedded OpenType Font Engine における名前テーブルの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001915.html
JVNDB-2009-001914 Microsoft Windows の Embedded OpenType Font Engine における名前テーブルの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001914.html
JVNDB-2009-001913 Microsoft DirectX の QuickTime Movie Parser Filter におけるサイズフィールドの検証処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001913.html
JVNDB-2009-001912 Microsoft DirectX の QuickTime Movie Parser Filter におけるデータの検証処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001912.html
VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
http://lists.vmware.com/pipermail/security-announce/2009/000062.html
コメント:VMware ESX には影響なし
各種セミナー講演資料
http://www.ipa.go.jp/security/vuln/index.html#seminar
JVN#20478978 サイトカレンダ mycaljp におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN20478978/index.html
Time to update...New Thunderbird version!
http://isc.sans.org/diary.html?storyid=7003
Videos Broadcast Yourself "UploadID" SQL Injection Vulnerability
http://secunia.com/advisories/36361/
Squid Infinite Loop in strListGetItem() Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022757.html
- Cisco IOS XR BGP Update Processing Flaws Let Remote BGP Peers Deny Service
http://securitytracker.com/alerts/2009/Aug/1022756.html
+ Solution 265808: Multiple Integer Overflow Vulnerabilities in the libtiff(3) Image Conversion Tools 'tiff2rgba' and 'rgb2ycbcr' May Lead to Arbitrary Code Execution
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265808-1
MySql Connector/Net 6.1.1 beta has been released
http://dev.mysql.com/downloads/connector/net/6.1.html
Solution 231281: Sun Fire T1000/T2000 and Netra T2000 With Firmware 6.5.11 May Experience Continuous Console EFT Errors
http://sunsolve.sun.com/search/document.do?assetkey=1-66-231281-1
Solution 251446: Netra T2000 With PCI Tray 371-1959-02 and Netra X4200 M2 With PCI Tray 371-2368-03 Do Not Configure 1x or 4x PCIE Cards
http://sunsolve.sun.com/search/document.do?assetkey=1-66-251446-1
Solution 200669: Upgrading Certain Sun Fire/Enterprise or Netra Systems to Firmware 6.4.4 Prior to OS Boot May Corrupt the Service Processor
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200669-1
Solution 246746: An IP(7P) Spoofing Security Vulnerability in Mid-range Sun Fire Server's Firmware May Allow Unauthorized Access to System Controllers
http://sunsolve.sun.com/search/document.do?assetkey=1-66-246746-1
Solution 238746: Sun Fire Server with Solaris 10 may Panic or Reset with lpost message, asynchronous event, fail to stop CPU or send_mondo timeout
http://sunsolve.sun.com/search/document.do?assetkey=1-66-238746-1
Solution 200078: Sun Fire Midrange Server Time Jumps When SC Accumulates Extended Uptime
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200078-1
Solution 231242: Solaris Daylight Saving Time (DST) Update for Enterprise/Netra/SunFire/Mx000 Servers
http://sunsolve.sun.com/search/document.do?assetkey=1-66-231242-1
Top ten Linux distributions
http://www.linux.org/news/2009/08/20/0002.html
Linux development exploding thanks to big name backers
http://www.linux.org/news/2009/08/20/0001.html
Cisco IOS XR Software Border Gateway Protocol Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20090818-bgp.shtml
Document ID: 330044: How to manually remove Veritas Volume Shadow Copy provider installed by Storage Foundation for Windows 4.3 (SFW)
http://seer.entsupport.symantec.com/docs/330044.htm
Bkis : ProShow Gold Buffer Overflow Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30185
iDEFENSE : Multiple Vendor Microsoft ATL/MFC ActiveX Type Confusion Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30186
Independent Researcher : Bypassing OWASP ESAPI XSS Protection inside Javascript
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30187
Independent Researcher : Facebook CSRF attack allows personal information theft
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30188
Slackware Linux : slackware-security kernel [updated]
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30176
Slackware Linux : slackware-security pidgin
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30177
SuSE : security-announce SUSE Security Announcement: Linux kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30178
Ubuntu Security Notice : Pidgin vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30175
Cisco : Firewall Services Module Crafted ICMP Message Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30181
[ MDVSA-2009:208 ] libgadu
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00185.html
SQL Injection vulnerabilities in Subdreamer CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00184.html
[USN-820-1] Pidgin vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00181.html
t2?09 Challenge - Free Tickets Available
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00178.html
Bypassing OWASP ESAPI XSS Protection inside Javascript
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00182.html
iDefense Security Advisory 08.11.09: Multiple Vendor Microsoft ATL/MFC ActiveX Type Confusion Vulner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00177.html
[Bkis-11-2009] ProShow Gold Buffer Overflow Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00173.html
iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Information Disclosur
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00180.html
iDefense Security Advisory 07.28.09: Multiple Vendor Microsoft ATL/MFC ActiveX Security Bypass Vulne
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00176.html
[USN-809-1] GnuTLS vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00179.html
[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00175.html
[ MDVSA-2009:207 ] perl-Compress-Raw-Bzip2
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00174.html
開発ツールDelphiを狙うウイルスが猛威、作成したソフトすべてに感染
プログラム部品にウイルスを埋め込む、1日で3000件以上の感染報告
http://itpro.nikkeibp.co.jp/article/NEWS/20090820/335798/?ST=security
JVNDB-2009-000054 ColdFusion におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000054.html
Network Forensics Puzzle Contest
http://isc.sans.org/diary.html?storyid=6997
Vulnerability in Pidgin, patch!
http://isc.sans.org/diary.html?storyid=7000
Kaspersky Internet Security URL Parsing Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022755.html
Kaspersky Anti-Virus URL Parsing Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022754.html
IBM WebSphere Input Validation Flaw in Partner Gateway Console Lets Remote Users Inject SQL Commands
http://securitytracker.com/alerts/2009/Aug/1022753.html
Acer LunchApp ActiveX Control Unsafe Methods Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Aug/1022752.html
IBM DB2 Memory Leak in Security Component Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022751.html
IBM DB2 DAS Command Grants Unauthorized Access to Users
http://securitytracker.com/alerts/2009/Aug/1022750.html
IBM DB2 Packet Processing Bug in DB2JDS Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Aug/1022749.html
Microsoft Remote Desktop Client Arbitrary Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/5WP0R00S0Y.html
Microsoft Workstation Service Heap Corruption Vulnerability
http://www.securiteam.com/windowsntfocus/5RP0M00S0W.html
Microsoft Office msDataSourceObject() Heap Corruption Vulnerability
http://www.securiteam.com/windowsntfocus/5TP0O00S0C.html
Microsoft Windows WINS Service Heap Overflow Vulnerability
http://www.securiteam.com/unixfocus/5SP0N00S0M.html
HP-UX ttrace(2) Local Denial of Service
http://www.securiteam.com/unixfocus/5QP0L00S0G.html
2WIRE Gateway Authentication Bypass & Password Reset
http://www.securiteam.com/securitynews/5VP0Q00S0I.html
Apple Safari 4 Top Sites Attack
http://www.securiteam.com/securitynews/5UP0P00S0S.html
Invision Power Board Blind SQL Injection Vulnerability
http://www.securiteam.com/unixfocus/5SP0M00S1W.html
Drupal ImageCache Module Script Insertion and Security Bypass
http://secunia.com/advisories/36412/
Debian update for kde4libs
http://secunia.com/advisories/36411/
Debian update for curl
http://secunia.com/advisories/36406/
Debian update for pidgin
http://secunia.com/advisories/36402/
Drupal Print Module Script Insertion Vulnerabilities
http://secunia.com/advisories/36395/
Ubuntu update for GnuTLS
http://secunia.com/advisories/36381/
Squid "strListGetItem()" Denial of Service Vulnerability
http://secunia.com/advisories/36378/
Debian update for kdelibs
http://secunia.com/advisories/36377/
Debian update for kdegraphics
http://secunia.com/advisories/36375/
Adobe Flex Multiple Vulnerabilities
http://secunia.com/advisories/36374/
Cisco Firewall Services Module ICMP Message Denial of Service
http://secunia.com/advisories/36373/
neon Denial of Service and Spoofing Vulnerabilities
http://secunia.com/advisories/36371/
BaBB Multiple Vulnerabilities
http://secunia.com/advisories/36370/
Toolbar Uninstaller Update Feature Unspecified Vulnerability
http://secunia.com/advisories/36366/
SPIP Database Backup Authentication Bypass Vulnerability
http://secunia.com/advisories/36365/
ProShow Gold PSH Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/36357/
Acer AcerCtrls.APlunch ActiveX Control "Run" Insecure Method
http://secunia.com/advisories/36343/
Adobe Flex "index.template.html" Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/2330
Cisco Firewall Services Module ICMP Message DoS Vulnerability
http://www.vupen.com/english/advisories/2009/2329
Squid "strListGetItem()" Function Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2328
0 件のコメント:
コメントを投稿