JVNTA09-294A Oracle 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-294A/index.html
JVNDB-2009-002131 ClamAV の cli_url_canon 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002131.html
JVNDB-2009-002130 ClamAV の CLI_ISCONTAINED マクロにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002130.html
JVNDB-2009-002129 ClamAV の libclamav/pe.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002129.html
JVNDB-2009-002128 ClamAV の libclamav/untar.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002128.html
JVNDB-2009-002127 ClamAV におけるマルウェアの検出を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002127.html
JVNDB-2009-002126 Apple Mac OS の CarbonCore における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002126.html
JVNDB-2009-002125 Apple Mac OS の Alias Manager におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002125.html
WordPress 'wp-trackbacks.php' Multi-byte Encodincg Detection Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Oct/1023072.html
Truecrypt 6.3 released
http://isc.sans.org/diary.html?storyid=7423
Cyber Security Awareness Month - Day 22 port 502 TCP - Modbus
http://isc.sans.org/diary.html?storyid=7426
+ MySQL 5.0.87 released
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-87.html
+ HPSBUX02466 SSRT090192 rev.1 - HP-UX Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Unauthorized Access
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01908935-1
+ HPSBUX02465 SSRT090192 rev.1 - HP-UX Running Apache-based Web Server, Remote Denial of Service (DoS) Cross-Site Scripting (XSS) Unauthorized Access
http://www13.itrc.hp.com/service/cki/docDisplay.do?docLocale=en&docId=emr_na-c01905287-1
+ A Regression in the Solaris 10 Gnome-XScreenSaver (see xscreensaver(1)) may Allow Pop-up Windows to Appear through XScreenSaver when the Accessibility Feature is On
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268288-1
+ Perl 5.11.1 released
http://search.cpan.org/~jesse/perl-5.11.1/
[ANNOUNCE] Commons BeanUtils 1.8.1 released
http://commons.apache.org/beanutils/v1.8.1/RELEASE-NOTES.txt
MySQL Connector/Net 6.2.0 Alpha has been released
http://dev.mysql.com/downloads/connector/net/6.2.html
MySQL Workbench 5.2.6 Alpha Released
http://dev.mysql.com/downloads/workbench
On Availability Suite 4.0, Data Replication Using Suite Remote Mirror (sndr) May Cause a Filesystem Hang
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270490-1
VMware ESX and ESXi 3.5 Comparison
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1006543&sliceId=1&docTypeID=DT_KB_1_1
Restarting the Management agents on an ESX or ESXi Server
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1003490&sliceId=1&docTypeID=DT_KB_1_1
Gentoo Linux : Wget: Certificate validation error
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30696
Anonymous Remote Arbitrary Code Execution in Alien Arena 7.30
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00159.html
[USN-851-1] Elinks vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00160.html
[waraxe-2009-SA#075] - Remote File Disclosure in Vivvo CMS 4.1.5.1
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00158.html
US-CERT Technical Cyber Security Alert TA09-294A -- Oracle Updates for Multiple Vuln
http://www.derkeiler.com/Mailing-Lists/Cert/2009-10/msg00002.html
[USN-850-1] poppler vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00156.html
[ MDVSA-2009:286 ] ocaml-camlimages
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00157.html
turbodiff v1.01 beta released
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00153.html
[ MDVSA-2009:285 ] php
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00154.html
[ GLSA 200910-01 ] Wget: Certificate validation error
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00155.html
IBM OS/400 HTTP Server mod_proxy Denial of Service
http://secunia.com/advisories/37104/
Oracle Communications Order and Service Management Unspecified Vulnerability
http://secunia.com/advisories/37103/
Oracle BEA Products Multiple Vulnerabilities
http://secunia.com/advisories/37102/
Oracle PeopleSoft and JD Edwards Products Multiple Vulnerabilities
http://secunia.com/advisories/37101/
Oracle E-Business Suite Multiple Vulnerabilities
http://secunia.com/advisories/37100/
Oracle Application Server / Business Intelligence Multiple Vulnerabilities
http://secunia.com/advisories/37099/
SUSE update for MozillaFirefox
http://secunia.com/advisories/37098/
Gentoo update for wget
http://secunia.com/advisories/37097/
Fedora update for pidgin
http://secunia.com/advisories/37096/
Websense Email Security / Personal Email Manager Multiple Vulnerabilities
http://secunia.com/advisories/37091/
WordPress Trackback Denial of Service Vulnerability
http://secunia.com/advisories/37088/
WebDrive Missing Security Descriptor Privilege Escalation Security Issue
http://secunia.com/advisories/37083/
Fedora update for xpdf
http://secunia.com/advisories/37082/
Oracle Database Multiple Vulnerabilities
http://secunia.com/advisories/37027/
Rapid7 purchases Metasploit
http://isc.sans.org/diary.html?storyid=7417
Cyber Security Awareness Month - Day 21 - Port 135
http://isc.sans.org/diary.html?storyid=7420
「install.zip」に注意!MSをかたるウイルスメールが流行中
添付ファイルを実行すると「偽ソフト」がインストールされる
http://itpro.nikkeibp.co.jp/article/NEWS/20091022/339226/?ST=security
EMC RepliStor Bug in 'rep_serv.exe' Lets Remote Users Deny Service
http://securitytracker.com/alerts/2009/Oct/1023071.html
Websense Email Security 'STEMWADM.EXE' Service Can Be Crashed By Remote Users
http://securitytracker.com/alerts/2009/Oct/1023070.html
Websense Email Security Input Validation Flaws in Administrative Interface Permis Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Oct/1023069.html
IBM Rational AppScan Input Validation Hole in Help Page Query String Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Oct/1023068.html
SystemTap Unprivileged Mode Buffer Overflow and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2009/2989
Oracle Products Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2009/2988
Websense Email Security and Personal Email Manager Vulnerabilities
http://www.vupen.com/english/advisories/2009/2987
WordPress Trackback Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/2986
phpMyAdmin for TYPO3 SQL Injection and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2009/2985
Apache Solr Search for TYPO3 Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/2984
Random Images for TYPO3 Remote Command Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2983
Flagbit Filebase for TYPO3 Unspecified SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/2982
freeCap CAPTCHA for TYPO3 Broken Session Handling Vulnerability
http://www.vupen.com/english/advisories/2009/2981
Alien Arena 'M_AddToServerList()' UDP Packet Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36782
Links ELinks SMBClient Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/21082
ELinks 'entity_cache' HTML File Off By One Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36574
Microsoft Internet Explorer Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/33627
SystemTap Unprivileged Mode Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/36778
OpenDocMan Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/36777
GD Graphics Library '_gdGetColors' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36712
IETF and W3C XML Digital Signature Specification HMAC Truncation Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/35671
Poppler Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/33749
JNLPAppletLauncher Arbitrary File Creation Vulnerability
http://www.securityfocus.com/bid/35946
Websense Email Security Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/36741
Wget NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36205
libvorbis OGG Vorbis Processing Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36018
CamlImages PNG Image Parsing Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35556
CamlImages JPEG Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36713
CamlImages Image Parsing Multiple Heap Overflow Vulnerabilities
http://www.securityfocus.com/bid/35999
Pidgin 'msn_slplink_process_msg()' NULL Pointer Dereference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36071
Pidgin Libpurple Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/36277
Pidgin OSCAR Plugin Invalid Memory Access Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36719
Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
http://www.securityfocus.com/bid/29653
Sun Java Runtime Environment XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35958
Sun Java Runtime Environment Proxy Mechanism Implementation Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/35943
Sun Java Runtime Environment Unpack200 JAR Unpacking Utility Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35944
Sun Java Runtime Environment Audio System Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/35939
Sun Java Runtime Environment JPEG Image Handling Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35942
Sun Solaris ZFS Filesystem Security Bypass Vulnerability
http://www.securityfocus.com/bid/36702
Xpdf JBIG2 Processing Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/34568
Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703
Microsoft Windows Kernel Integer Underflow Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36623
Microsoft Windows Media Player ASF File Processing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36644
Oracle PeopleSoft Enterprise Human Capital Management CVE-2009-3409 Remote Vulnerability
http://www.securityfocus.com/bid/36776
Oracle Communications Order and Service Management CVE-2009-1998 Remote Vulnerability
http://www.securityfocus.com/bid/36775
Oracle PeopleSoft PeopleTools & Enterprise Portal CVE-2009-3404 Remote Vulnerability
http://www.securityfocus.com/bid/36773
Oracle JD Edwards Tools CVE-2009-3405 Remote JD Edwards Tools Vulnerability
http://www.securityfocus.com/bid/36772
Oracle WebLogic Portal CVE-2009-2002 Remote Unspecified Vulnerability
http://www.securityfocus.com/bid/36774
Oracle Weblogic Server CVE-2009-3399 Remote WebLogic Server Vulnerability
http://www.securityfocus.com/bid/36769
Oracle E-Business Suite CVE-2009-3400 Oracle Advanced Benefits Unspecified Vulnerability
http://www.securityfocus.com/bid/36767
Oracle WebLogic Server CVE-2009-3396 Remote WebLogic Server Vulnerability
http://www.securityfocus.com/bid/36766
Oracle Database CVE-2009-1018 Workspace Manager Unspecified Vulnerability
http://www.securityfocus.com/bid/36765
Oracle Database CVE-2009-1972 Remote Auditing Vulnerability
http://www.securityfocus.com/bid/36758
Oracle E-Business Suite CVE-2009-3408 Remote Oracle Application Object Library Vulnerability
http://www.securityfocus.com/bid/36763
Oracle E-Business Suite CVE-2009-3402 Remote Oracle Applications Framework Vulnerability
http://www.securityfocus.com/bid/36764
RETIRED: Oracle October 2009 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/36711
Oracle Database CVE-2009-1971 Remote Data Pump Vulnerability
http://www.securityfocus.com/bid/36754
Oracle E-Business Suite CVE-2009-3397 Remote Oracle Application Object Library Vulnerability
http://www.securityfocus.com/bid/36762
Oracle E-Business Suite CVE-2009-3395 Remote AutoVue Vulnerability
http://www.securityfocus.com/bid/36761
Oracle E-Business Suite CVE-2009-3393 Remote Oracle Application Object Library Vulnerability
http://www.securityfocus.com/bid/36757
Oracle Database CVE-2009-1007 Remote Data Mining Vulnerability
http://www.securityfocus.com/bid/36750
Oracle Database CVE-2009-1993 Application Express Unspecified Vulnerability
http://www.securityfocus.com/bid/36759
Oracle Database CVE-2009-1964 Remote Workspace Manager Vulnerability
http://www.securityfocus.com/bid/36755
Drupal Moodle Course List Module Unspecified SQL Injection Vulnerability
http://www.securityfocus.com/bid/36787
Drupal Userpoints Module 'userpoint' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36786
Drupal Flag Content Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/36785
Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability
http://www.securityfocus.com/bid/36784
Vivvo CMS 'files.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36783
0 件のコメント:
コメントを投稿