JVNDB-2009-001853 WebKit におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001853.html
JVNDB-2009-001852 Apple iPhone OS の Safari における検索履歴を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001852.html
JVNDB-2009-001851 Apple iPhone OS のプロファイルコンポーネントにおけるポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001851.html
JVNDB-2009-001850 Apple iPhone OS の MPEG-4 ビデオコーデックにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001850.html
JVNDB-2009-001849 Apple iPhone OS の Mail コンポーネントにおけるユーザ承認なしに電話がかかる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001849.html
JVNDB-2009-001848 Apple iPhone OS の Mail コンポーネントにおけるデバイスのネットワークアドレスを判別される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001848.html
JVNDB-2009-001847 Apple iPhone OS における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001847.html
JVNDB-2009-001338 Ruby の ossl_ocsp.c における X.509 証明書に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001338.html
JVNDB-2008-001963 SSH 通信において一部データが漏えいする可能性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001963.html
JVNDB-2008-001912 net-snmp の netsnmp_create_subtree_cache 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001912.html
JVNDB-2007-000295 APOP におけるパスワード漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000295.html
脆弱性をテーマとした各種セミナーの講演資料を掲載
http://www.ipa.go.jp/security/vuln/index.html#seminar
夏休み前における注意喚起
http://www.ipa.go.jp/security/topics/alert20090806.html
JVNVU#817433 複数の XML ライブラリの実装に脆弱性
http://jvn.jp/cert/JVNVU817433/index.html
JVNVU#725188 ISC BIND 9 におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU725188/index.html
About the security content of Security Update 2009-003 / Mac OS X v10.5.8
http://support.apple.com/kb/HT3757
IBM Tivoli Key Lifecycle Manager Default Password Lets Remote Users Gain Administrative Access
http://securitytracker.com/alerts/2009/Aug/1022670.html
WordPress Lets Remote Authenticated Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Aug/1022669.html
+ Sun Java JDK / JRE Multiple Vulnerabilities
http://secunia.com/advisories/36159/
- Java Runtime Environment (JRE) XML Digital Signature Flaw May Let Remote Users Bypass Authentication
http://securitytracker.com/alerts/2009/Aug/1022661.html
- Java Runtime Environment (JRE) Integer Overflow in Processing JPEG Images Lets Remote Users Access Files and Gain Privileges on the Target System
http://securitytracker.com/alerts/2009/Aug/1022660.html
http://www.securityfocus.com/bid/35942
- Java Runtime Environment Proxy Mechanism Flaws Let Remote Applets Obtain Elevated Privileges
http://securitytracker.com/alerts/2009/Aug/1022659.html
http://www.securityfocus.com/bid/35943
- Java Runtime Environment Audio System Bug Lets Remote Users Access Java System Properties
http://securitytracker.com/alerts/2009/Aug/1022658.html
http://www.securityfocus.com/bid/35939
- Java JNLPAppletLauncher Flaw Lets Remote Users Write Arbitrary Files
http://securitytracker.com/alerts/2009/Aug/1022657.html
- Java Runtime Environment (JRE) Integer Overflow in Unpack200 Lets Remote Users Access Files and Gain Privileges on the Target System
http://securitytracker.com/alerts/2009/Aug/1022656.html
http://www.securityfocus.com/bid/35944
- Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/2153
- HPSBUX02181 SSRT061289 rev.5 - HP-UX Running IPFilter, Remote Denial of Service (DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c00837319-5
- Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35929
+ Solution 263489: A Security Vulnerability in the Java Runtime Environment (JRE) With Parsing XML Data May Allow a Remote Client to Create a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1
+ Solution 264648: Security Vulnerability in the Active Template Library in Various Releases of Microsoft Visual Studio Used by the Java Web Start ActiveX Control May Be Leveraged to Execute Arbitrary Code
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264648-1
+ Solution 263429: A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Java Runtime Environment (JRE) may Allow Authentication to be Bypassed
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263429-1
+ Solution 263408: A Security Vulnerability in the Java Runtime Environment Audio System may Allow System Properties to be Accessed
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263408-1
Solution 265068: Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5 May Allow Execution of Arbitrary Code or Access to Unauthorized Data
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265068-1
+ Solution 263488: Integer Overflow Vulnerability in the Java Runtime Environment (JRE) "Unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263488-1
+ Solution 263490: JDK and JRE Blacklist Entry for JNLPAppletLauncher Vulnerability
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263490-1
+ Solution 263428: Integer Overflow Vulnerability in the Java Runtime Environment When Parsing JPEG Images
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1
+ Solution 263409: Security Vulnerabilities With the Proxy Mechanism Implementation in the Java Runtime Environment (JRE) may Lead to Escalation of Privileges
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263409-1
[ANN] Apache Sling OSGi LogService Implementation version 2.0.6 Released
http://sling.apache.org/site/logging.html
HPSBUX02181 SSRT061289 rev.5 - HP-UX Running IPFilter, Remote Denial of Service (DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c00837319-5
Will Geolocation Find a Home on Linux Desktops?
http://www.linux.org/news/2009/08/04/0002.html
Microsoft Acknowledges Linux Threat to Windows Client
http://www.linux.org/news/2009/08/04/0001.html
Document ID: 329251: Replication volume group stuck in Activating status
http://seer.entsupport.symantec.com/docs/329251.htm
Document ID: 329186: Dynamic disks show as offline following a restore of a Storage Foundation for Windows cluster using Backup Exec System Recovery (BESR).
http://seer.entsupport.symantec.com/docs/329186.htm
Mandriva : phpmyadmin
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29995
SuSE : flash-player
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29999
Ubuntu Security Notice : Firefox and Xulrunner vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=29998
Bonsai : SQL Injection in CS-Cart
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30000
「ブルースクリーンに慌てるな」、壁紙を変更する「偽ソフト」に注意
偽の警告メッセージで“恐喝”、販売サイトでカード番号を入力させる
http://itpro.nikkeibp.co.jp/article/NEWS/20090806/335219/?ST=security
7月は「ゼロデイ攻撃」が続出、ソフトの使用中止や回避策で防御を
IPAが注意喚起、「脆弱性情報の収集と適切な対応が重要」
http://itpro.nikkeibp.co.jp/article/NEWS/20090805/335215/?ST=security
ZDI-09-050: Sun Java Web Start JPEG Header Parsing Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00032.html
ZDI-09-049: Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00031.html
ZDI-09-048: Microsoft Internet Explorer CSS Behavior Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00030.html
ZDI-09-047: Microsoft Internet Explorer getElementsByTagName Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00029.html
Multiple Flaws in Huawei SmartAX MT880 [was: Multiple Flaws in Huawei D100]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00028.html
[ MDVSA-2009:192 ] phpmyadmin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00027.html
[USN-811-1] Firefox and Xulrunner vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00026.html
[USN-810-2] NSPR update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00025.html
[USN-810-1] NSS vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-08/msg00024.html
Security Update 2009-003 / Mac OS X v10.5.8
http://isc.sans.org/diary.html?storyid=6919
Debian update for libmodplug
http://secunia.com/advisories/36158/
IBM AIX libC XL C++ Runtime Library Privilege Escalation
http://secunia.com/advisories/36156/
SUSE update for flash-player
http://secunia.com/advisories/36149/
Elgg "js" Information Disclosure Vulnerability
http://secunia.com/advisories/36147/
WordPress Privilege Escalation Vulnerabilities
http://secunia.com/advisories/36147/
Ubuntu update for firefox and xulrunner
http://secunia.com/advisories/36141/
Apache Portable Runtime Integer Overflow Vulnerabilities
http://secunia.com/advisories/36140/
Ubuntu update for nss
http://secunia.com/advisories/36139/
Apache APR-util Integer Overflow Vulnerabilities
http://secunia.com/advisories/36138/
SILC Client Format String Vulnerability
http://secunia.com/advisories/36134/
Red Hat update for kernel
http://secunia.com/advisories/36131/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/36126/
IBM Tivoli Key Lifecycle Manager Password Change Weakness
http://secunia.com/advisories/36117/
Fedora update for kernel
http://secunia.com/advisories/36116/
CS-Cart "sort_order" SQL Injection Vulnerability
http://secunia.com/advisories/36112/
Mozilla Firefox Incorrect Cached Security Wrapper Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Aug/1022668.html
Linux Kernel eCryptfs Stack Overflow Lets Local Users Deny Service and Potentially Gain Elevated Privileges
http://www.securitytracker.com/id?1022663
Mozilla Firefox SOCKS5 DNS Name Length Error Lets Remote Users Corrupt Data
http://www.securitytracker.com/id?1022665
Java Runtime Environment (JRE) XML Digital Signature Flaw May Let Remote Users Bypass Authentication
http://www.securitytracker.com/id?1022661
jetAudio v 7.1.9.4030 plus vx (.m3u ) Local Stack Overflow (SEH)
http://www.milw0rm.com/exploits/9366
Tuniac v.090517c (.M3U File) Local File Crash PoC
http://www.milw0rm.com/exploits/9364
Linux Kernel http://www.milw0rm.com/exploits/9363
Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/2153
Sun OpenSolaris Firefox Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2009/2152
IBM AIX libC XL C++ Runtime Library Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2009/2151
SILC Client Nickname Processing Multiple Format String Vulnerabilities
http://www.vupen.com/english/advisories/2009/2150
Multiple Browser HTTP Resource in HTTPS Context Security Bypass Vulnerability
http://www.securityfocus.com/bid/35403
Multiple Browser Malicious Proxy HTTPS Man In The Middle Vulnerability
http://www.securityfocus.com/bid/35380
Mozilla Firefox/Thunderbird/SeaMonkey Null Owner Document Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/35383
OpenEXR Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35838
Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/33827
Apple Mac OS X HFS Plus Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34203
PCRE Character Class Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/27786
bzip2 Unspecified File Handling Vulnerability
http://www.securityfocus.com/bid/28286
Sun Java Runtime Environment Unpack200 JAR Unpacking Utility Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35944
Mozilla Firefox/Thunderbird/SeaMonkey XUL Scripts Content-Policy Check Security Bypass Vulnerability
http://www.securityfocus.com/bid/35377
Microsoft Internet Explorer Embedded Style Sheets Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35827
Sun Java Runtime Environment JPEG Image Handling Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35942
Microsoft Internet Explorer HTML Table Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35826
Mozilla Firefox and SeaMonkey JavaScript Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35373
HP-UX IPFilter Unspecified Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/22103
Mozilla Firefox/Thunderbird/SeaMonkey 'file://' URI Security Bypass Vulnerability
http://www.securityfocus.com/bid/35386
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
Mozilla Firefox and SeaMonkey Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/35388
Sun Solaris Auditing Race Condition Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35835
Cisco Wireless LAN Controller SSH Connections Denial of Service Vulnerability
http://www.securityfocus.com/bid/35817
Mozilla Firefox Large GIF File Background Denial of Service Vulnerability
http://www.securityfocus.com/bid/35280
Mozilla Firefox 'NPObject' Access Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35360
COWON America jetAudio M3U File Processing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/26069
Mobilelib Gold Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35910
Linux Kernel ProcFS Kernel Memory Disclosure Vulnerability
http://www.securityfocus.com/bid/16284
Adobe Flash Player and AIR 'intf_count' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35907
Adobe Flash Player and AIR Unspecified Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35904
Adobe Flash Player and AIR Sandbox Bypass Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35908
Adobe Flash Player and AIR Unspecified Click Jacking Vulnerability
http://www.securityfocus.com/bid/35905
Adobe Flash Player and AIR NULL Pointer Exception Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35906
Adobe Flash Player Active Template Library Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35846
Adobe Flash Player and AIR URI Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35902
Adobe Flash Player and AIR Unspecified Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35900
Adobe Flash Player and AIR (CVE-2009-1866) Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35901
Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35759
Microsoft Internet Explorer Deleted Object (CVE-2009-1917) Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35831
phpMyAdmin SQL bookmark HTML Injection Vulnerability
http://www.securityfocus.com/bid/35543
Mozilla Firefox/Thunderbird/SeaMonkey Multiple Browser Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35370
Mozilla Firefox/Thunderbird/SeaMonkey Double Frame Construction Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35371
Mozilla Firefox/Thunderbird/SeaMonkey Multiple JavaScript Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35372
Mozilla Firefox 'watch()' and ' __defineSetter__ ()' Functions Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35772
Mozilla Firefox 'XPCCrossOriginWrapper' Multiple Cross Domain Scripting Vulnerabilities
http://www.securityfocus.com/bid/35773
Mozilla Firefox/SeaMonkey 'file://' URI Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35391
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Mozilla Firefox/Thunderbird JavaScript Engine Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35776
Mozilla Firefox and Thunderbird RDF File Handling Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35775
Mozilla Firefox and Thunderbird Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35765
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
Sun Java Runtime Environment Audio System Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35939
Sun Java Runtime Environment Proxy Mechanism Implementation Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35943
Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Weakness
http://www.securityfocus.com/bid/35647
eCryptfs 'parse_tag_3_packet()' Packet Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35850
Linux Kernel eCryptfs 'parse_tag_11()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35851
Mozilla Firefox SOCKS5 Proxy Response Denial of Service Vulnerability
http://www.securityfocus.com/bid/35925
Mozilla Firefox Error Page Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/35803
Mozilla Firefox Incorrect Security Wrapper JavaScript Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35928
Mozilla Firefox 3.5.1/3.0.12 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/35927
Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35929
Irokez CMS 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/35957
UltraPlayer Malformed '.usk' Playlist File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35956
Apple Mac OS X 2009-003 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/35954
Drupal Webform Report Module Webform Submission HTML Injection Vulnerability
http://www.securityfocus.com/bid/35953
Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35951
Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35949
Microsoft Internet Explorer 8 Denial of Service Vulnerability
http://www.securityfocus.com/bid/35941
0 件のコメント:
コメントを投稿