30日 金曜日、先負

- Sun Java SE Advance Notification of Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36881

[ANN] Apache Source-Release Assembly Descriptor 1.0.1 Released
http://maven.apache.org/apache-resource-bundles/apache-source-release-assembly-descriptor/

Ubuntu 9.10 released
http://www.ubuntu.com/products/whatisubuntu/910features

InterScan Messaging Hosted Security のサーバメンテナンスのお知らせ(10月30日)
http://www.trendmicro.co.jp/support/news.asp?id=1315

Slackware Linux : xpdf
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30764

Slackware Linux : poppler
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30765

RHBA-2009:1533-1: gcc bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1533.html

RHEA-2009:1532-1: tzdata enhancement update
http://rhn.redhat.com/errata/RHEA-2009-1532.html

RHSA-2009:1535-1: Moderate: pidgin security update
http://rhn.redhat.com/errata/RHSA-2009-1535.html

RHSA-2009:1536-1: Moderate: pidgin security update
http://rhn.redhat.com/errata/RHSA-2009-1536.html

JVNTA09-294A Oracle 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA09-294A/index.html

2wire Remote Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00293.html

[ MDVSA-2009:290 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00290.html

[SECURITY] [DSA 1922-1] New xulrunner packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00284.html

ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00279.html

iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00285.html

Fwd: Wowd search client multiple variable xss
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00276.html

=?us-ascii?Q?Hijacking_Operas_Native_Page_using_malicious_RSS_payloads?=
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-10/msg00289.html

Cyber Security Awareness Month - Day 29 - dns port 53
http://isc.sans.org/diary.html?storyid=7483

Drupal Workflow Module Script Insertion Vulnerabilities
http://secunia.com/advisories/37203/

Drupal Storm Module Security Bypass Vulnerability
http://secunia.com/advisories/37202/

Drupal FAQ Ask Module Multiple Vulnerabilities
http://secunia.com/advisories/37201/

Drupal OpenSocial Shindig-Integrator Script Insertion Vulnerability
http://secunia.com/advisories/37200/

Drupal Insert Node Module Script Insertion Vulnerability
http://secunia.com/advisories/37199/

Drupal LDAP Integration Module Multiple Vulnerabilities
http://secunia.com/advisories/37198/

Fedora update for firefox
http://secunia.com/advisories/37196/

Fedora update for xulrunner
http://secunia.com/advisories/37195/

Debian update for expat
http://secunia.com/advisories/37193/

F-Secure Products PDF Handling Security Bypass
http://secunia.com/advisories/37192/

Documentum eRoom Hummingbird STR Service Buffer Overflow
http://secunia.com/advisories/37191/

OpenBSD "ip_ctloutput()" and "ip6_ctloutput()" NULL Pointer Dereference
http://secunia.com/advisories/37190/

Open Text Search Server Hummingbird STR Service Buffer Overflow
http://secunia.com/advisories/37189/

Cherokee Directory Traversal Vulnerability
http://secunia.com/advisories/37183/

Oscailt CMS "obj_id" Local File Inclusion Vulnerability
http://secunia.com/advisories/37180/

Slackware update for xpdf
http://secunia.com/advisories/37176/

PunBB Attachment Plugin "secure_str" SQL Injection Vulnerability
http://secunia.com/advisories/37174/

Debian update for xulrunner
http://secunia.com/advisories/36957/

Oscailt CMS "obj_id" Parameter Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2009/3096

Attachment Module for PunBB "secure_str" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/3095

F-Secure Products PDF Document Handling Security Bypass Issue
http://www.vupen.com/english/advisories/2009/3094

Open Text Search Server Hummingbird STR Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3093

EMC Documentum eRoom Hummingbird STR Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3092

Cherokee Web Server Remote Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2009/3091

Drupal Storm Access Bypass Node Title Disclosure Weakness
http://www.vupen.com/english/advisories/2009/3090

Drupal Workflow Module Multiple Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/3089

Drupal FAQ Ask Cross Site Scripting and Request Forgery Vulnerabilities
http://www.vupen.com/english/advisories/2009/3088

Drupal OpenSocial Shindig-Integrator Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3087

Drupal Insert Node Data Handling Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3086

Drupal LDAP Integration Multiple Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2009/3085

Drupal CCK Comment Reference Access Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/3084

Jetty Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/34800

Multiple 2Wire DSL Routers 'xslt' HTTP Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/32211

Multiple Vendor Hummingbird STR Service Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36868

F-Secure Products PDF Files Scan Evasion Vulnerability
http://www.securityfocus.com/bid/36876

Pidgin OSCAR Plugin Invalid Memory Access Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36719

Cherokee Directory Traversal Vulnerability
http://www.securityfocus.com/bid/36874

Pidgin Libpurple Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/36277

OpenBSD 'getsockopt(2)' NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36859

Pegasus Mail POP3 Response Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36797

Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703

PunBB 'pun_attachment' extension SQL Injection Vulnerability
http://www.securityfocus.com/bid/36865

Mozilla Firefox 'document.getSelect' Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36858

Opera Web Browser prior to 10.01 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36850

Mozilla Firefox and SeaMonkey 'libpr0n' GIF Parser Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36855

Mozilla Firefox XPCOM Utility Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36857

Mozilla Firefox CVE-2009-3382 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36866

Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
http://www.securityfocus.com/bid/36867

Mozilla Firefox and SeaMonkey Proxy Auto-Configuration File Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36856

Mozilla Firefox CVE-2009-3380 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36871

Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability
http://www.securityfocus.com/bid/36851

Mozilla Firefox Form History Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36853

Mozilla Firefox Download Manager World Writable File Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36852

Drupal Storm Module 'storminvoiceitem' Security Bypass Vulnerability
http://www.securityfocus.com/bid/36879

Drupal Workflow Module Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/36878

Drupal FAQ Ask Module URI Redirection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/36877

Drupal CCK Comment Reference Module Node Title Security Bypass Vulnerability
http://www.securityfocus.com/bid/36863

Drupal OpenSocial Shindig-Integrator Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/36862

Microsoft Internet Explorer 'writing-mode' Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36616

Mozilla Firefox CVE-2009-3378 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36873

Mozilla Firefox CVE-2009-3377 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36872

Mozilla Firefox CVE-2009-3381 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36870

Mozilla Firefox CVE-2009-3383 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36869

Mozilla Firefox CVE-2009-3379 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36875

RETIRED: Mozilla Firefox and SeaMonkey MFSA 2009-52 through -64 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36843

Sun Java SE Advance Notification of Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36881