:: IT Security Neophyte Investigator's MEMO ::: 12日木曜日、仏滅

2009年11月12日木曜日

12日木曜日、仏滅

JVNDB-2009-002212 Adobe Reader および Acrobat の Mozilla プラグインにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002212.html

JVNDB-2009-002211 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002211.html

JVNDB-2009-002210 Adobe Reader および Acrobat におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002210.html

JVNDB-2009-002209 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002209.html

JVNDB-2009-002208 Adobe Reader および Acrobat におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002208.html

JVNDB-2009-002207 SquirrelMail におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002207.html

JVNDB-2009-002090 複数の TCP の実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002090.html

MySQL 5.0.88 (Not yet released)
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html

ウイルスバスターコーポレートエディション 7.3 Critical Patch (ビルド 1428)の修正版公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1319

Apple Safari WebKit FTP Parsing Bugs Let Remote Users Cause Arbitrary Code to Be Executed
http://securitytracker.com/alerts/2009/Nov/1023166.html

Apple Safari Shortcut Menu Actions May Disclose Local Information to Remote Users
http://securitytracker.com/alerts/2009/Nov/1023164.html

Citrix Products Protocol Flaw in SSL Renegotiation May Let Remote Users Conduct Man-in-the-Middle Attacks
http://securitytracker.com/alerts/2009/Nov/1023163.html

Solaris TCP Sockets Memory Leak Lets Local Users Deny Service
http://securitytracker.com/alerts/2009/Nov/1023162.html

Apple Safari Code Execution and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2009/3217

+ Security Vulnerability in the OSCAR Protocol Plugin for pidgin(1) may Lead to a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272489-1
http://www.vupen.com/english/advisories/2009/3215
http://www.securityfocus.com/bid/36719

+ Security Vulnerability in Solaris libpng(3) May Allow a Remote User to Disclose Potentially Sensitive Information from Applications Linked to libpng(3)
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269788-1

+ RHSA-2009:1579-1: Moderate: httpd security update
http://rhn.redhat.com/errata/RHSA-2009-1579.html
+ RHSA-2009:1580-1: Moderate: httpd security update
http://rhn.redhat.com/errata/RHSA-2009-1580.html

[ANNOUNCE] Apache Tuscany/SCA 2.0 M4 released
http://tuscany.apache.org/sca-java-2x-releases.html

Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks
http://sunsolve.sun.com/search/document.do?assetkey=1-66-271169-1

Security Vulnerability in Solaris TCP sockets May Allow Unprivileged Users to Cause a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266488-1

VImpX 4.9.3.0 released
http://www.postgresql.org/about/news.1159

laurent gaffie : Windows 7 , Server 2008R2 Remote Kernel Crash
http://www.criticalwatch.com/support/security-advisories.aspx?AID=30871

2009年11月 Microsoft セキュリティ情報 (緊急 3件) に関する注意喚起
http://www.jpcert.or.jp/at/2009/at090024.txt

JPCERT/CC WEEKLY REPORT
http://www.jpcert.or.jp/wr/2009/wr094301.html

Apple Safari 4.0.4 Released
http://isc.sans.org/diary.html?storyid=7570

Vulnerability Note VU#120541: SSL and TLS protocols renegotiation vulnerability
http://www.kb.cert.org/vuls/id/120541

Netgear WNDAP330 Management Frame Denial of Service
http://secunia.com/advisories/37344/

Fedora update for dhcp
http://secunia.com/advisories/37342/

Fedora update for ocaml-camlimages
http://secunia.com/advisories/37341/

Fedora update for libvorbis
http://secunia.com/advisories/37340/

Fedora update for ocaml-mysql
http://secunia.com/advisories/37339/

Fedora update for wordpress-mu
http://secunia.com/advisories/37338/

Fedora update for ocaml-postgresql
http://secunia.com/advisories/37337/

HP NonStop Server Unauthorised Data Access
http://secunia.com/advisories/37335/

Ubuntu update for qt
http://secunia.com/advisories/37330/

Ubuntu update for cups
http://secunia.com/advisories/37329/

Red Hat update for java-1.5.0-sun
http://secunia.com/advisories/37325/

Red Hat update for 4Suite
http://secunia.com/advisories/37324/

Citrix Secure Gateway TLS Session Renegotiation Plaintext Injection
http://secunia.com/advisories/37320/

Citrix XenApp Online Plug-in / Receiver Certificate Spoofing Vulnerability
http://secunia.com/advisories/37319/

Deliantra Server Two Buffer Overflow Vulnerabilities
http://secunia.com/advisories/37317/

Super Serious Stats "uid" SQL Injection Vulnerability
http://secunia.com/advisories/37316/

IBM BladeCenter Advanced Management Module Unspecified Vulnerabilities
http://secunia.com/advisories/37315/

Axon Virtual PBX "/logon" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/37157/

expat UTF-8 Sequence Parsing Flaw Lets Users Deny Service
http://securitytracker.com/alerts/2009/Nov/1023160.html

Panda Cloud Antivirus、ベータ版から正規版へ進化定評を得たコミュニティベースの無料PCプロテクションを世界中の一般ユーザー向けにリリース
http://www.ps-japan.co.jp/whatsnew/n134.html

Microsoft Windows SMB Client Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3216

Sun Solaris OSCAR Protocol Plugin Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3215

Sun OpenSolaris CUPS Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2009/3214

Sun OpenSolaris TCP Sockets Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3213

Netgear WNDAP330 Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3212

AddToAny Module for Drupal Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3211

RootCandy Theme for Drupal Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3210

HP NonStop Server Unauthorized Data Access Vulnerability
http://www.vupen.com/english/advisories/2009/3207

Citrix Online Plug-ins and Receiver Certificate Spoofing Vulnerability
http://www.vupen.com/english/advisories/2009/3206

Citrix Secure Gateway TLS Renegotiation Plaintext Injection Vulnerability
http://www.vupen.com/english/advisories/2009/3205

Apache mod_proxy_ftp Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/36254

Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623

Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36260

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935

Apple Mac OS X Apache HTTP TRACE Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36990

Apple Mac OS X QuickLook Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36988

RETIRED: Apple Mac OS X 2009-006 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/36956

Apple Mac OS X ColorSync Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36357

Apple Mac OS X Launch Services Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/36987

Apple Mac OS X QuickDraw Manager Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36985

libxml2 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/36010

Apple Mac OS X Login Window Race Condition Vulnerability
http://www.securityfocus.com/bid/36984

Apple Mac OS X Kernel Multiple Vulnerabilities
http://www.securityfocus.com/bid/36983

Apple Mac OS X International Components for Unicode Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36982

Microsoft Excel Malformed BIFF Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36946

Microsoft Excel Document Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36911

Microsoft Excel Formula Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36908

Microsoft Excel Index Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36909

Microsoft Windows 'KeAccumulateTicks()' SMB2 Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36989

Linux Kernel 'get_random_int' Random Number Generation Weakness
http://www.securityfocus.com/bid/36788

Linux Kernel 'net/ax25/af_ax25.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36635

Linux Kernel 'clear_child_tid()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/35930

Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34673

Linux Kernel 64-bit Kernel Register Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36576

Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36901

Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34612

Pidgin OSCAR Plugin Invalid Memory Access Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36719

CUPS 'kerberos' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36958

Adobe Photoshop Elements Active File Monitor Service Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36542

Free Download Manager Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33555

Drupal AddToAny Node Title HTML Injection Vulnerability
http://www.securityfocus.com/bid/36999

Drupal RootCandy Theme URI Value HTML Injection Vulnerability
http://www.securityfocus.com/bid/36998

WebKit Preflight Request Same-Origin Policy Bypass Vulnerability
http://www.securityfocus.com/bid/36997

WebKit Resource Load Callback Information Disclosure Weakness
http://www.securityfocus.com/bid/36996

Webkit Multiple Remote Code Execution, Denial of Service, and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36995

Apple Safari Shortcut Menu Options Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36994

Sun Solaris TCP Sockets Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36992

NETGEAR WNDAP330 Management Frame Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36991

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)