2009年9月9日水曜日

9日 水曜日、先負

+ Linux kernel 2.6.27.32, 2.6.30.6 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.32
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.30.6

Komodo 5.2.0 beta1 released
http://www.openkomodo.com/blogs/toddw/komodo-520-beta1-released

MySQL 5.0.86 (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-86.html

HS09-016: Problem where JP1/Automatic Job Management System 2 - View, JP1/Integrated Management - View, and JP1/Cm2/SNMP System Observer abnormally terminate when an invalid GIF file is displayed
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-016/index.html

HS09-015: Multiple vulnerabilities in JP1/File Transmission Server/FTP
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-015/index.html

HS09-014: Buffer overflow vulnerability in Cosminexus, Processing Kit for XML, and Hitachi Developer's Kit for Java
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-014/index.html

HS09-013: Problem where access rights become invalid in Hitachi Device Manager server IPv6 environments
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-013/index.html

HS09-012: Problem where access rights become invalid in Groupmax Scheduler Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS09-012/index.html

HS09-017: Cosminexus XML ProcessorにおけるSOAPメッセージ受信時のDoS脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS09-017/index.html

複数製品の TCP プロトコルの脆弱性に関する注意喚起
http://www.jpcert.or.jp/at/2009/at090019.txt

2009年9月 Microsoft セキュリティ情報 (緊急 5件) に関する注意喚起
http://www.jpcert.or.jp/at/2009/at090018.txt

JVNDB-2009-000059 Microsoft Windows におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000059.html

JVNDB-2009-001987 Sun JRE の unpack200 ユーティリティにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001987.html

JVNDB-2009-001986 Sun JRE の Sun Java Web Start における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001986.html

JVNDB-2009-001985 Sun JRE のプロキシ機構実装におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001985.html

JVNDB-2009-001984 Sun JRE のプロキシ機構実装における Web セッションを乗っ取られる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001984.html

JVNDB-2009-001983 Sun JRE の SOCKS プロキシ実装における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001983.html

JVNDB-2009-001982 Sun JRE のオーディオシステムにおける重要な情報が取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001982.html

JVNDB-2009-001812 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001812.html

JVNDB-2009-001811 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001811.html

JVNDB-2009-001810 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001810.html

JVNDB-2009-001809 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001809.html

JVNDB-2009-001808 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001808.html

JVNDB-2009-001807 Adobe Reader の JBIG2 フィルタにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001807.html

US-CERT Technical Cyber Security Alert TA09-251A -- Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2009-09/msg00000.html

Novell eDirectory HTTP Request Processing Flaw Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Sep/1022849.html

Windows Server Message Block NEGOTIATE PROTOCOL REQUEST Processing Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Sep/1022848.html

Possible DDOS on gov.au sites starting tonight?
http://isc.sans.org/diary.html?storyid=7108

Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36299

Fetchmail Failed Warning Message Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/25495

Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35951

Fetchmail Verbose Mode Large Log Messages Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/29705

SAP AG SAPgui EAI WebViewer3D ActiveX Control Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34310

Dnsmasq TFTP Service Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36121

Dnsmasq TFTP Service Remote NULL-Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36120

SILC Toolkit 'command.c' Multiple Format String Vulnerabilities
http://www.securityfocus.com/bid/36193

SILC Client Format String Vulnerability
http://www.securityfocus.com/bid/35940

SILC Toolkit HTTP Server Format String Vulnerability
http://www.securityfocus.com/bid/36194

SILC Toolkit Encoded OID Format String Vulnerability
http://www.securityfocus.com/bid/36192




+ 2009 年 9 月のセキュリティ情報
http://www.microsoft.com/japan/technet/security/bulletin/ms09-sep.mspx

+ MS09-045 - 緊急: JScript スクリプト エンジンの脆弱性により、リモートでコードが実行される (971961)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-045.mspx
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30320
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00044.html
http://secunia.com/advisories/36551/
http://securitytracker.com/alerts/2009/Sep/1022842.html
http://www.vupen.com/english/advisories/2009/2563
http://www.securityfocus.com/bid/36224

+ MS09-046 - 緊急: DHTML 編集コンポーネントの Active X コントロールの脆弱性により、リモートでコードが実行される (956844)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-046.mspx
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30321
http://secunia.com/advisories/36592/
http://securitytracker.com/alerts/2009/Sep/1022843.html
http://www.vupen.com/english/advisories/2009/2564
http://www.securityfocus.com/bid/36280

+ MS09-047 - 緊急: Windows Media Format の脆弱性により、リモートでコードが実行される (973812)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-047.mspx
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30322
http://secunia.com/advisories/36596/
http://securitytracker.com/alerts/2009/Sep/1022844.html
http://www.vupen.com/english/advisories/2009/2566
http://www.securityfocus.com/bid/36225
http://www.securityfocus.com/bid/36228

+ MS09-048 - 緊急: Windows TCP/IP の脆弱性により、リモートでコードが実行される (967723)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-048.mspx
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30323
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00043.html
http://secunia.com/advisories/36602/
http://secunia.com/advisories/36597/
http://securitytracker.com/alerts/2009/Sep/1022845.html
http://www.vupen.com/english/advisories/2009/2567
http://www.securityfocus.com/bid/31545
http://www.securityfocus.com/bid/36269

+ JDK 5.0 Update 21 released
http://java.sun.com/j2se/1.5.0/ReleaseNotes.html#150_21

+ Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products
http://www.cisco.com/warp/public/707/cisco-sa-20090908-tcp24.shtml
http://securitytracker.com/alerts/2009/Sep/1022847.html

+ RHSA-2009:1427-1: Moderate: fetchmail security update
http://rhn.redhat.com/errata/RHSA-2009-1427.html

+ RHSA-2009:1428-1: Moderate: xmlsec1 security update
http://rhn.redhat.com/errata/RHSA-2009-1428.html

+ Linux Kernel 2.4 and 2.6 Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36304
http://secunia.com/advisories/36638/
http://secunia.com/advisories/36617/

+ Solution 262908: Security Vulnerability in the SNMP daemon (snmpd(1M)) May Lead to a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-262908-1

- MS09-049 - 緊急: ワイヤレス LAN 自動構成サービスの脆弱性により、リモートでコードが実行される (970710)
http://www.microsoft.com/japan/technet/security/bulletin/ms09-049.mspx

[ANN] Apache Felix Configuration Admin Service version 1.2.4 Released
http://felix.apache.org/site/apache-felix-configuration-admin-service.html

[ANNOUNCE] Bucardo version 4.0.0 released
http://bucardo.org/wiki/Bucardo/Download
http://www.postgresql.org/about/news.1134

MySQL Connector/Net 6.1.2 GA has been released
http://dev.mysql.com/downloads/connector/net/6.1.html

GCC 4.4.2 Status Report (2009-09-01)
http://gcc.gnu.org/ml/gcc/2009-09/msg00025.html

MySQL 6.0.12 (Not yet released)
http://dev.mysql.com/doc/refman/6.0/en/news-6-0-12.html

pgDesigner 1.2.11 Released
http://www.postgresql.org/about/news.1132

Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products
http://www.cisco.com/warp/public/707/cisco-amb-20090908-tcp24.shtml

331458: User response may be required during silent install of Device Driver Installation (DDI) packages for Storage Foundation for Windows (SFW) 5.1.
http://seer.entsupport.symantec.com/docs/331458.htm

laurent gaffie : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30317

Microsoft : Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30320

Microsoft : Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30321

Microsoft : Vulnerabilities in Windows Media Format Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30322

Microsoft : Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30323

Microsoft : Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30324

scip : IBM Lotus Notes 8.5 RSS Widget Privilege Escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30318

Slackware Linux : seamonkey
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30307

Debian : New cyrus-imapd packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30310

Gentoo Linux : Linux-PAM: Privilege escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30312

Gentoo Linux : libvorbis: User-assisted execution of arbitrary code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30313

Secunia : VMWare VMnc Codec Mismatched Dimensions Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30316

Independent Researcher : TNEF Attachment decoder plugin directory traversal & buffer overflow vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30314

Independent Researcher : Pidgin IRC TOPIC message DOS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30315

VMware : VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30311

Debian : New silc-client/silc-toolkit packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30308

Debian : New OpenOffice.org packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30309

ZDI-09-062: Microsoft Internet Explorer JScript arguments Invocation Memory Corruption Vulne
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00044.html

MS09-048 includes fixes for TCP/IP implementation issues reported more than a year ago
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00043.html

Regarding Microsoft srv2.sys SMB2.0 NEGOTIATE BSOD
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00042.html

[ MDVSA-2009:225 ] qt4
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00041.html

[scip_Advisory 4021] IBM Lotus Notes 8.5 RSS Widget Privilege Escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00039.html

Novell eDirectory 8.8 SP5 Dhost Http Server DoS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00038.html

Various Orion application application server example pages are vulnerable to XSS.
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00037.html

[SECURITY] [DSA 1881-1] New cyrus-imapd packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00036.html

Secunia Research: VMWare VMnc Codec Mismatched Dimensions Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00035.html

[ GLSA 200909-02 ] libvorbis: User-assisted execution of arbitrary code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00034.html

[ GLSA 200909-01 ] Linux-PAM: Privilege escalation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00033.html

yTNEF/Evolution TNEF Attachment decoder plugin directory traversal & buffer overflow vulnerabili
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00031.html

[oCERT-2009-013] yTNEF/Evolution TNEF attachment decoder input sanitization errors
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00030.html

VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resol
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-09/msg00032.html

0909-01: Vulnerabilities potentially affecting implementations of TCP protocol
http://www.cpni.gov.uk/Products/3884.aspx

Microsoft Security Advisory 975191 Revised
http://isc.sans.org/diary.html?storyid=7096

Microsoft September 2009 Black Tuesday Overview
http://isc.sans.org/diary.html?storyid=7099

Cisco Security Advisory TCP DoS
http://isc.sans.org/diary.html?storyid=7102

Bug Fixes in Sun SDK 5 and Java SE 6
http://isc.sans.org/diary.html?storyid=7105

Vista/2008/Windows 7 SMB2 BSOD 0Day
http://isc.sans.org/diary.html?storyid=7093

Linux Kernel 2.4 Information Disclosure Vulnerabilities
http://secunia.com/advisories/36638/

Slackware update for seamonkey
http://secunia.com/advisories/36633/

Debian update for cyrus-imapd-2.2
http://secunia.com/advisories/36632/

Cyrus IMAP Server Sieve Buffer Overflow Vulnerability
http://secunia.com/advisories/36629/

SILC Toolkit / SILC Server Incorrect Format Specifier Memory Corruption
http://secunia.com/advisories/36625/

Microsoft Windows SMB Processing Array Indexing Vulnerability
http://secunia.com/advisories/36623/

Linux Kernel "tc_fill_tclass()" Information Disclosure
http://secunia.com/advisories/36617/

Debian update for silc-client and silc-toolkit
http://secunia.com/advisories/36614/

Windows Server 2008 Wireless LAN AutoConfig Service Code Execution
http://secunia.com/advisories/36604/

Microsoft Windows TCP/IP Implementation Multiple Vulnerabilities
http://secunia.com/advisories/36603/

Windows Server 2003 TCP/IP Window Size Denial of Service Vulnerabilities
http://secunia.com/advisories/36602/

Microsoft Windows Vista Wireless LAN AutoConfig Service Code Execution
http://secunia.com/advisories/36599/

Windows 2000 TCP/IP Window Size Denial of Service Vulnerabilities
http://secunia.com/advisories/36597/

Microsoft Windows Media Format Two Code Execution Vulnerabilities
http://secunia.com/advisories/36596/

Microsoft Windows DHTML Editing ActiveX Control Vulnerability
http://secunia.com/advisories/36592/

Microsoft JScript Scripting Engine Memory Corruption Vulnerability
http://secunia.com/advisories/36551/

VMware Frame Buffer Parameter Heap-Based Buffer Overflow Vulnerability
http://www.securiteam.com/windowsntfocus/5AP022ASAC.html

yTNEF/Evolution TNEF Attachment Decoder Plugin Multiple Vulnerabilities
http://www.securiteam.com/unixfocus/5ZP012ASAQ.html

Cisco NX-OS TCP Processing Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Sep/1022847.html

Microsoft Wireless LAN AutoConfig Service Heap Overflow Lets Remote Wireless Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Sep/1022846.html

Windows TCP/IP Stack Flaws Let Remote Users Execute Arbitrary Code and Deny Service
http://securitytracker.com/alerts/2009/Sep/1022845.html

Windows Media Format Runtime Bugs in Processing ASF and MP3 Files Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Sep/1022844.html

Microsoft DHTML Editing Component ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Sep/1022843.html

Microsoft JScript Scripting Engine Memory Corruption Error Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Sep/1022842.html

IBM Lotus Domino Web Access Input Validation Flaw Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Sep/1022838.html

IBM Tivoli Identity Manager Input Validation Flaw in SSUI Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Sep/1022837.html

VMware Movie Decoder Heap Overflows Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Sep/1022836.html

Microsoft Windows TCP IP Code Execution and DoS Vulnerabilities (MS09-048)
http://www.vupen.com/english/advisories/2009/2567

Microsoft Windows Media Code Execution Vulnerabilities (MS09-047)
http://www.vupen.com/english/advisories/2009/2566

Microsoft Windows "wlansvc" Code Execution Vulnerability (MS09-049)
http://www.vupen.com/english/advisories/2009/2565

Microsoft Windows DHTML Edit ActiveX Code Execution (MS09-046)
http://www.vupen.com/english/advisories/2009/2564

Microsoft Internet Explorer Jscript Code Execution Vulnerability (MS09-045)
http://www.vupen.com/english/advisories/2009/2563

yTNEF Multiple Buffer Overflow and Directory Traversal Vulnerabilities
http://www.vupen.com/english/advisories/2009/2562

Microsoft Windows SMB Request Handling Array Indexing Vulnerability
http://www.vupen.com/english/advisories/2009/2561

Cyrus IMAP Server SIEVE Script Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/2559

Sorinara Streaming Audio Player '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34842

Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35888

Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35891

TCP/IP Protocol Stack Zero Window Size Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/31545

IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability
http://www.securityfocus.com/bid/36305

Linux Kernel 2.4 and 2.6 Multiple Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36304

OpenOffice Word Document Table Parsing Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36200

Microsoft JScript Scripting Engine Keyword Arguments Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36224

Multiple BitDefender Security Products CAB File Scan Evasion Vulnerability
http://www.securityfocus.com/bid/34580

Google SketchUp '.skp' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35911

Microsoft Windows Media Format ASF Header Invalid Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36225

Microsoft Windows Wireless LAN AutoConfig Frame Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36223

Microsoft Windows Media Format MP3 Metadata Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36228

Microsoft DHTML Editing Component ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36280

Microsoft Windows TCP/IP Orphaned Connection Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36269

Microsoft Windows TCP/IP TimeStamps Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36265

Cisco Nexus 5000 TCP Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36303

Novell eDirectory HTTP GET Request Unicode Strings Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36301

Cisco IOS WebVPN/SSLVPN Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34239

Microsoft Active Template Library 'IPersistStreamInit' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35585

Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35828

Microsoft Visual Studio ATL 'VariantClear()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35832

Microsoft Active Template Library Object Type Mismatch Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35982

Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/36299

Microsoft Active Template Library Header Data Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35558

Microsoft IIS FTPd NLST Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36189

Sun Java Runtime Environment JPEG Image Handling Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35942

Sun Solaris Cassini Gigabit-Ethernet Device Driver Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35439

Qt NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36203

Worldweaver DX Studio Player Browser Plugin Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/35273

OpenOffice EMF File Parser Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/36291

Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038

Linux-PAM Configuration File Non-ASCII User Name Handling Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34010

Ipswitch WS_FTP Professional HTTP Server Response Format String Vulnerability
http://www.securityfocus.com/bid/36297

IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671

Fetchmail Failed Warning Message Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/25495

Ipswitch WhatsUp Gold 'NMWebService.exe' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36256

Fetchmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35951

Fetchmail Verbose Mode Large Log Messages Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/29705

IBM Tivoli Identity Manager User Profile HTML Injection Vulnerability
http://www.securityfocus.com/bid/36293

IBM Lotus Domino Web Access Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36292

VMware Movie Decoder VMnc Codec Multiple Heap Overflow Vulnerabilities
http://www.securityfocus.com/bid/36290

Microsoft Windows WINS Server Network Buffer Length Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35981

Apple Safari JavaScript 'eval()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/36298

Zeroboard 'now_connect()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36284

GlobalSCAPE Secure FTP Server and Enhanced File Transfer Server Unspecified Security Vulnerability
http://www.securityfocus.com/bid/36302

Advanced Software Engineering ChartDirector 'cacheId' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36300
ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)