:: IT Security Neophyte Investigator's MEMO ::: 16日金曜日、大安

2009年10月16日金曜日

16日金曜日、大安

+ Internet Explorer X.509 Certificate Common Name Encoding Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/36577

Kernel release: 2.6.32-rc5
http://www.linux.org/news/2009/10/16/0001.html

ソフトウェア等の脆弱性関連情報に関する届出状況
[2009年第3四半期（7月～9月）]
http://www.ipa.go.jp/security/vuln/report/vuln2009q3.html

脆弱性対策情報データベースJVN iPediaの登録状況
[2009年第3四半期(7月～9月)]
http://www.ipa.go.jp/security/vuln/report/JVNiPedia2009q3.html

JVNDB-2009-002102 Mozilla Firefox における URL を偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002102.html

JVNDB-2009-002101 Mozilla Firefox における任意の PKCS11 モジュールをインストール/削除させる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002101.html

JVNDB-2009-002100 Mozilla Firefox における XUL ツリー要素に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002100.html

JVNDB-2009-002099 Mozilla Firefox における任意の JavaScript を実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002099.html

JVNDB-2009-001972 Linux kernel の RTL8169 NIC ドライバにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001972.html

JVNDB-2009-001925 libtiff の LZWDecodeCompat 関数におけるバッファアンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001925.html

JVNDB-2009-001838 Linux kernel の CIFS サブシステムにおける Unicode 文字列の処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001838.html

JVNDB-2009-001837 Linux kernel の CIFS における長大な nativeFileSystem フィールドの処理に関するバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001837.html

Ruby on Rails Form Helpers Unicode String Handling Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36278

Drupal Service Links Component Content Type Names HTML Injection Vulnerability
http://www.securityfocus.com/bid/36584

Dnsmasq TFTP Service Remote NULL-Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36120

Dnsmasq TFTP Service Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36121

Django 'EmailField' and 'URLField' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36655

Django URL Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35859

NOS getPlus Download Manager Insecure File Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35740

PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36314

Internet Explorer X.509 Certificate Common Name Encoding Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/36577

Wireshark 1.2.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36408

FreeRADIUS Zero-length Tunnel-Password Attributes Denial of Service Vulnerability
http://www.securityfocus.com/bid/36263

Mutt NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36249

strongSwan Crafted X.509 Certificate Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/35452

SILC Toolkit 'command.c' Multiple Format String Vulnerabilities
http://www.securityfocus.com/bid/36193

SILC Toolkit HTTP Server Format String Vulnerability
http://www.securityfocus.com/bid/36194

SILC Toolkit Encoded OID Format String Vulnerability
http://www.securityfocus.com/bid/36192

SILC Client Format String Vulnerability
http://www.securityfocus.com/bid/35940

phpMyAdmin Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/36658

VooDoo cIRCle XTelnet GnuTLS Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/36657

QEMU VNC 'monitor.c' Insecure Password Vulnerability
http://www.securityfocus.com/bid/33020

+ Solution 269788: Security Vulnerability in Solaris libpng(3) May Allow a Remote User to Disclose Potentially Sensitive Information from Applications Linked to libpng(3)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269788-1
http://www.securityfocus.com/bid/35233

+ Solution 265908: A Security Vulnerability in the ZFS Filesystem May Allow An Unprivileged User to Take Ownership of Files Belonging to Another User
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265908-1
http://secunia.com/advisories/37010/
http://www.vupen.com/english/advisories/2009/2917
http://www.securityfocus.com/bid/36702

+ GCC 4.4.2 has been released
http://gcc.gnu.org/gcc-4.4/changes.html

+ Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703
http://secunia.com/advisories/37053/

+ Microsoft Indexing Service ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36629

+ Microsoft Windows TCP/IP TimeStamps Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36265

+ Microsoft Windows LSASS NTLM Implementation Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36593

+ Linux Kernel '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36706

- Oracle Critical Patch Update Pre-Release Announcement - October 2009
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html

- Oracle October 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/36711

[ntp:announce] NTP 4.2.5p233-RC Released
http://www.ntp.org/downloads.html

DHCP 4.1.0p1 released
http://oldwww.isc.org/sw/dhcp/dhcp4_1_rel.php?noframes=1

Kernel release: 2.6.27.38-rc1
http://www.linux.org/news/2009/10/15/0001.html

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
http://www.cisco.com/warp/public/707/cisco-sa-20090204-wlc.shtml

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
http://www.cisco.com/warp/public/707/cisco-sa-20090727-wlc.shtml

Debian : New postgresql-ocaml packages provide secure escaping
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30656

Debian : New mysql-ocaml packages provide secure escaping
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30657

Debian : New pygresql packages provide secure escaping
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30658

Red Hat : Important: xpdf security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30659

Red Hat : Important: xpdf security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30660

Red Hat : Important: gpdf security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30661

Red Hat : Important: kdegraphics security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30662

Red Hat : Important: poppler security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30663

Red Hat : Important: kdegraphics security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30664

Red Hat : Moderate: cups security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30665

RHBA-2009:1511-1: coreutils bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1511.html

RHBA-2009:1514-1: xen bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1514.html

RHSA-2009:1504-1: Important: poppler security and bug fix update
http://rhn.redhat.com/errata/RHSA-2009-1504.html

RHSA-2009:1513-1: Moderate: cups security update
http://rhn.redhat.com/errata/RHSA-2009-1513.html

RHSA-2009:1500-1: Important: xpdf security update
http://rhn.redhat.com/errata/RHSA-2009-1500.html

RHSA-2009:1501-1: Important: xpdf security update
http://rhn.redhat.com/errata/RHSA-2009-1501.html

RHSA-2009:1503-1: Important: gpdf security update
http://rhn.redhat.com/errata/RHSA-2009-1503.html

RHSA-2009:1512-1: Important: kdegraphics security update
http://rhn.redhat.com/errata/RHSA-2009-1512.html

Snitz Forums 2000 Multiple Cross-Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00121.html

[SECURITY] [DSA 1911-1] New pygresql packages provide secure escaping
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00118.html

[SECURITY] [DSA 1910-1] New mysql-ocaml packages provide secure escaping
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00119.html

[SECURITY] [DSA 1909-1] New postgresql-ocaml packages provide secure escaping
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00120.html

JPCERT/CC WEEKLY REPORT
http://www.jpcert.or.jp/wr/2009/wr093901.html

Yet another round of Viral Spam
http://isc.sans.org/diary.html?storyid=7363

Cyber Security Awareness Month - Day 15 - Ports 995, 465, and 993 - Secure Email
http://isc.sans.org/diary.html?storyid=7366

Windows Media Runtime Remote Code Execution
http://www.securiteam.com/windowsntfocus/6C00C1FPPY.html

Windows Media Player ASF File Remote Code Execution
http://www.securiteam.com/windowsntfocus/6D00D1FPPY.html

Internet Explorer Multiple Remote Code Execution Vulnerabilities
http://www.securiteam.com/windowsntfocus/6E00E1FPPY.html

ActiveX Active Template Library Initialization Vulnerability
http://www.securiteam.com/windowsntfocus/6F00F1FPPY.html

Windows Vista and Windows Server 2008 SMBv2 Remote Code Execution
http://www.securiteam.com/windowsntfocus/6B00B1FPPY.html

Red Hat update for cups
http://secunia.com/advisories/37061/

Drupal Organic Groups Vocabulary Module Security Bypass Vulnerability
http://secunia.com/advisories/37060/

Drupal Print Module Multiple Vulnerabilities
http://secunia.com/advisories/37059/

Drupal RealName Module Script Insertion Vulnerability
http://secunia.com/advisories/37058/

Poppler Multiple Vulnerabilities
http://secunia.com/advisories/37054/

Xpdf Multiple Vulnerabilities
http://secunia.com/advisories/37053/

CUPS "pdftops" Two Integer Overflow Vulnerabilities
http://secunia.com/advisories/37051/

Foxit Reader Firefox Plugin Memory Corruption Vulnerability
http://secunia.com/advisories/37049/

Debian update for postgresql-ocaml
http://secunia.com/advisories/37048/

Debian update for mysql-ocaml
http://secunia.com/advisories/37047/

Debian update for pygresql
http://secunia.com/advisories/37046/

Poppler "Splash::drawImage()" and "ObjectStream()" Vulnerabilities
http://secunia.com/advisories/37042/

Red Hat update for acroread
http://secunia.com/advisories/37041/

Red Hat update for java-1.4.2-ibm
http://secunia.com/advisories/37040/

Cisco Unified Presence Denial of Service Vulnerabilities
http://secunia.com/advisories/37039/

Ubuntu update for zope3
http://secunia.com/advisories/37038/

Red Hat update for xpdf
http://secunia.com/advisories/37037/

Red Hat update for poppler
http://secunia.com/advisories/37034/

Quick Heal Products Privilege Escalation Security Issue
http://secunia.com/advisories/37033/

Red Hat update for gpdf
http://secunia.com/advisories/37028/

Red Hat update for xpdf
http://secunia.com/advisories/37023/

Drupal Webform Module Script Insertion and Information Disclosure Vulnerabilities
http://secunia.com/advisories/37021/

bloofoxCMS "search" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37020/

ZoIPer SIP INVITE Denial of Service Vulnerability
http://secunia.com/advisories/37015/

NaviCOPA Script Source Disclosure Vulnerability
http://secunia.com/advisories/37014/

Cybozu Products Unspecified Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/37011/

Sun Solaris ZFS File Ownership Modification Security Issue
http://secunia.com/advisories/37010/

Drupal Printer Module Cross Site Scripting and Security Bypas Issues
http://www.vupen.com/english/advisories/2009/2922

Drupal RealName Module Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/2921

Drupal OG Vocabulary Module Missing Access Validation Vulnerability
http://www.vupen.com/english/advisories/2009/2920

Drupal Shibboleth Authentication Session Handling Vulnerability
http://www.vupen.com/english/advisories/2009/2919

Cybozu Products Unspecified Cross Site Scripting Vulnerablility
http://www.vupen.com/english/advisories/2009/2918

Svun Solaris ZFS Filesystem Files Ownership Manipulation Vulnerability
http://www.vupen.com/english/advisories/2009/2917

Sun OpenSolaris Poppler Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/2916

Cisco Unified Presence Two Remote Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2009/2915

Acritum Femitter Server HTTP Request Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/36656

Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038

Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35929

Linux Kernel 'clear_child_tid()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35930

Linux Kernel 'udp_sendmsg()' MSG_MORE Flag Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36108

Linux Kernel '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36706

Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Weakness
http://www.securityfocus.com/bid/35647

Mozilla Firefox/SeaMonkey/Thunderbird Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/31346

Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36552

Linux Kernel AppleTalk Driver IP Over DDP Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36379

Mozilla Firefox MFSA 2009-47, -48, -49, -50, -51 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36343

Mozilla Firefox Error Page Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/35803

Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35891

IBM Informix Products Setnet32 Utility '.nfx' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36588

Oracle October 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/36711

OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/34256

OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/35174

OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability
http://www.securityfocus.com/bid/35138

OpenSSL DTLS Packets Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/35001

OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35417

Sun Solaris XScreenSaver and Assistive Technology Support Security Bypass Vulnerability
http://www.securityfocus.com/bid/36030

Sun Solaris pollwakeup(9F) Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36106

Sun Solaris sendfile(3EXT) and sendfilev(3EXT) Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36083

Sun Solaris ZFS Filesystem Security Bypass Vulnerability
http://www.securityfocus.com/bid/36702

EasyBits Extras Manager Unspecified Vulnerability
http://www.securityfocus.com/bid/36459

Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35298

Adobe Reader and Acrobat Multiple Unspecified Remote Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35295

Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/35274

Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35289

Adobe Reader and Acrobat TrueType Font Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35296

Adobe Reader and Acrobat Huffman-encoded JBIG2 Text Heap Overflow Vulnerability
http://www.securityfocus.com/bid/35302

Adobe Reader and Acrobat U3D Model Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35282

Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35293

Adobe Reader and Acrobat FlateDecode Filter Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35294

Adobe Flash Player and AIR Sandbox Bypass Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35908

Adobe Flash Player and AIR 'intf_count' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35907

Adobe Flash Player and AIR NULL Pointer Exception Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35906

Adobe Flash Player and AIR URI Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35902

Adobe Flash Player and AIR Unspecified Clickjacking Vulnerability
http://www.securityfocus.com/bid/35905

Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35759

Adobe Flash Player Active Template Library Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35846

Adobe Flash Player and AIR Unspecified Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35900

IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671

Adobe Flash Player and AIR (CVE-2009-1866) Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35901

Microsoft DHTML Editing Component ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36280

Microsoft JScript Scripting Engine Keyword Arguments Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36224

Adobe Flash Player and AIR Loader Object Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/35904

Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35263

Microsoft GDI+ Malformed Office BMP File Integer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36651

Apache Tomcat XML Parser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35416

Microsoft GDI+ .NET Framework Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36648

Microsoft GDI+ PNG File Integer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36649

Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193

Microsoft GDI+ Malformed Office Object Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36650

Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196

Microsoft Windows TCP/IP Orphaned Connection Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36269

Microsoft Windows TCP/IP TimeStamps Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36265

Microsoft GDI+ CCITT G4 TIFF File Processing Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36647

Microsoft GDI+ PNG File Processing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36645

Libpng 1-bit Interlaced Images Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35233

LibTIFF Multiple Remote Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35652

Microsoft GDI+ WMF File Processing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36619

Microsoft GDI+ TIFF File Processing 'BitsPerSample' Tag Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36646

TCP/IP Protocol Stack Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31545

Microsoft Indexing Service ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36629

Microsoft Windows Media Runtime 'wmspdmod.dll' Speech Codec Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36614

Microsoft Windows Media Runtime File Compression Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36602

Microsoft Visual Studio Active Template Library COM Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/35828

Red Hat GNOME Display Manager Security Bypass Vulnerability
http://www.securityfocus.com/bid/36219

OpenSSH CBC Mode Information Disclosure Vulnerability
http://www.securityfocus.com/bid/32319

'nfs-utils' Package 'hosts_ctl()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/31823

GnuTLS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35952

libxml2 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36010

Microsoft Windows LSASS NTLM Implementation Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36593

Sun VirtualBox VBoxNetAdpCtl Configuration Tool Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36604

Sun Java SE Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/35922

Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/32608

Sun Java Runtime Environment Proxy Mechanism Implementation Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35943

Sun Java Runtime Environment JPEG Image Handling Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35942

Sun Java Runtime Environment Audio System Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35939

Sun Java Runtime Environment XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35958

Sun Java Runtime Environment Unpack200 JAR Unpacking Utility Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35944

Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36572

Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
http://www.securityfocus.com/bid/36363

Samba Oplock Break Notification Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36573

Microsoft Windows Kernel Exception Handler Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36625

Microsoft Windows Kernel Integer Underflow Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36623

Microsoft Windows Kernel NULL Pointer Dereference Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36624

RETIRED: Microsoft October 2009 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/36633

ELinks Relative Path Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/23844

ELinks 'entity_cache' HTML File Off By One Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36574

HP-UX bootpd Unspecified Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36395

GNU 'w(1)' Utility Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36369

Neon 'ne_xml*' expat XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/36080

Neon NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36079

Cyrus IMAP Server SIEVE Script Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36296

Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36377

Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568

CUPS PDF File Multiple Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35195

Adobe Reader and Acrobat File Extension Controls Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/36697

Snitz Forums 2000 Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/36710

Drupal Webform Module HTML Injection and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36708

Drupal Printer, e-mail and PDF version Module Security Bypass and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/36707

Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703

bloofoxCMS 'search' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36700

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)