+ Security vulnerability in Solaris Pidgin (see pidgin(1)), Versions Prior to 2.5.9 may Lead to Execution of Arbitrary Code or a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266908-1
Mozilla Firefox 3.0.16, 3.5.6 released
http://mozilla.jp/firefox/3.0.16/releasenotes/
http://mozilla.jp/firefox/3.5.6/releasenotes/
MFSA 2009-71 GeckoActiveXObject の例外メッセージを利用したインストール済み COM オブジェクトの列挙
http://www.mozilla-japan.org/security/announce/2009/mfsa2009-71.html
MFSA 2009-70 クロームの window.opener を通じた特権昇格
http://www.mozilla-japan.org/security/announce/2009/mfsa2009-70.html
MFSA 2009-69 ロケーションバー偽装問題
http://www.mozilla-japan.org/security/announce/2009/mfsa2009-69.html
MFSA 2009-68 NTLM リフレクション脆弱性
http://www.mozilla-japan.org/security/announce/2009/mfsa2009-68.html
MFSA 2009-67 ibtheora 動画ライブラリにおける整数オーバーフローとクラッシュ
http://www.mozilla-japan.org/security/announce/2009/mfsa2009-67.html
MFSA 2009-66 liboggplay メディアライブラリにおけるメモリ安全性の修正
http://www.mozilla-japan.org/security/announce/2009/mfsa2009-66.html
MFSA 2009-65 メモリ破壊の形跡があるクラッシュ (rv:1.9.1.6/ 1.9.0.16)
http://www.mozilla-japan.org/security/announce/2009/mfsa2009-65.html
Vulnerability in Clientless SSL VPN Products Could Result in Policy Bypass
http://support.citrix.com/article/CTX123610
Samba 4.0.0α10がリリースされました
http://lists.samba.org/archive/samba-technical/2009-December/068362.html
InterScan Messaging Security Suite 7.0 Windows 版 Service Pack1 Patch1 リパック版公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1339
InterScan Messaging Security Suite 7.0 Linux版 Service Pack 1 Patch 2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1341
InterScan Messaging Security Suite 7.0 Windows版 Service Pack 1 Patch 2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1340
BINDに存在する脆弱性および脆弱性に対する修正プログラムの提供について
http://www.trendmicro.co.jp/support/news.asp?id=1301
InterScan WebManager Lite Service Pack 1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1343
RHSA-2009:1674-1: Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2009-1674.html
RHSA-2009:1673-1: Critical: seamonkey security update
http://rhn.redhat.com/errata/RHSA-2009-1673.html
JPCERT/CC WEEKLY REPORT 2009-12-16
http://www.jpcert.or.jp/wr/2009/wr094801.html
JVNVU#508357 Adobe Reader および Acrobat における解放済みメモリを使用する脆弱性
http://jvn.jp/cert/JVNVU508357/index.html
JVNDB-2009-002331 Apple Mac OS X の Event Monitor におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002331.html
JVNDB-2009-002330 Apple Mac OS X の Disk Image におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002330.html
JVNDB-2009-002329 Apple Mac OS X の DirectoryService における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002329.html
JVNDB-2009-002328 Apple Mac OS X の Dictionary における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002328.html
JVNDB-2009-002327 Apple Mac OS X の CUPS におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002327.html
JVNDB-2009-002326 Apple Mac OS X の CoreGraphics における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002326.html
JVNDB-2009-002113 Dovecot の Sieve プラグインにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002113.html
JVNDB-2009-002095 fetchmail における任意の SSL サーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002095.html
JVNDB-2009-002017 libxml2 および libxml における DTD 内の要素宣言の処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002017.html
JVNDB-2009-001957 Mozilla NSS における X.509 証明書を偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001957.html
JVNDB-2009-001925 libtiff の LZWDecodeCompat 関数におけるバッファアンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001925.html
JVNDB-2009-001541 Ipsec-tools の証明書検証および NAT-Traversal におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001541.html
JVNDB-2009-001540 Ipsec-tools のパケット処理におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001540.html
Mozilla Firefox NTLM Implementation Flaw Lets Remote Users Conduct Authentication Reflection Attacks
http://securitytracker.com/alerts/2009/Dec/1023340.html
Mozilla Firefox Bugs in libtheora Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Dec/1023337.html
Mozilla Firefox Bugs in liboggplay Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Dec/1023335.html
Mozilla Firefox Bugs in JavaScript Engine and Browser Engine Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Dec/1023333.html
APC Switched Rack PDU Input Validation Flaw Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Dec/1023331.html
Adobe Reader and Acrobat Unspecified Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Dec/1023330.html
VMware ESX Server Input Validation Flaw in WebWorks Help Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Dec/1023329.html
VMware Server, Lab Manager, and vCenter Input Validation Flaw in WebWorks Help Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Dec/1023328.html
PostgreSQL Index Function State Changing Flaw Lets Remote Authenticated Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Dec/1023326.html
+ MySQL 5.5.0 has been released
http://mysql.com/products/enterprise/
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-0.html
+ Multiple Security Vulnerabilities in the libexpat Library May Lead to a Denial of Service (DoS) Condition
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273630-1
+ Apache POI 3.6 is now available
http://www.apache.org/dist/poi/release/bin/RELEASE-NOTES.txt
http://poi.apache.org/changes.html
+ RHSA-2009:1670-1: Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2009-1670.html
+ RHSA-2009:1671-1: Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2009-1671.html
+ HP-UX Security Update Fixes Sendmail Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/3539
http://secunia.com/advisories/37638/
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01953398
+ Linux Kernel 'drivers/firewire/ohci.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/37339
SUN ALERT WEEKLY SUMMARY REPORT - Week of 06-Dec-2009 to 12-Dec-2009
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274290-1
HPSBMA02416 SSRT090008 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01696729
Samba 3.5.0pre2 Available for Download
http://news.samba.org/releases/3.5.0pre2/
Trend Micro ウイルスバスター ビジネスセキュリティ 3.0サポート終了に伴う後継製品へのアップグレードのお願い
http://www.trendmicro.co.jp/support/news.asp?id=1334
VMSA-2009-0017: VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues
http://www.vmware.com/security/advisories/VMSA-2009-0017.html
http://lists.vmware.com/pipermail/security-announce/2009/000073.html
VMSA-2009-0016.1: VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://lists.vmware.com/pipermail/security-announce/2009/000074.html
Blue Moon : Multiple Vulnerabilities in PyForum
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31247
Debian : New firefox-sage packages fix insufficient input sanitizing
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31243
Debian : New asterisk packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31244
Debian : End-of-life announcement for asterisk in oldstable
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31245
Independent Researcher : Trango Broadband Wireless Rogue SU Authentication Bug
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31249
Salvatore "drosophila" Fresta : WSCreator 1.1 Blind SQL Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31257
scip : PasswordManager Pro 6.1 Script Injection Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31248
Census Labs : Monkey HTTPd improper input validation vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31253
Hewlett-Packard : HP-UX Running VERITAS File System (VRTSvxfs) or VERITAS Oracle Disk
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31254
Hewlett-Packard : HP-UX Running OpenSSL, Remote Unauthorized Data Injection, Denial of Service (DoS)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31255
「被害額は130億円以上」、FBIが「偽ソフト」を警告
偽のポップアップに注意、クリックすると偽ソフト配布サイトに誘導
http://itpro.nikkeibp.co.jp/article/NEWS/20091216/342236/?ST=security
トレンドマイクロ、Twitterを使ってセキュリティ情報を配信
http://itpro.nikkeibp.co.jp/article/NEWS/20091216/342235/?ST=security
USBメモリーからも起動するHDD消去ソフト,AOSテクノロジーズがリリース
http://itpro.nikkeibp.co.jp/article/NEWS/20091215/342145/?ST=security
RHBA-2009:1668-2: openssh bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1668.html
VMSA-2009-0017 VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00234.html
[ MDVSA-2009:333 ] postgresql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00233.html
Daloradius XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00230.html
[SECURITY] [DSA 1952-2] End-of-life announcement for asterisk in oldstable
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00228.html
[SECURITY] [DSA 1952-1] New asterisk packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00229.html
[SECURITY] [DSA 1951-1] New firefox-sage packages fix insufficient input sanitizing
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00225.html
Trango Broadband Wireless Rogue SU Authentication Bug
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00227.html
[scip-Advisory 4063] PasswordManager Pro 6.1 Script Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00232.html
[BMSA-2009-08] Multiple Vulnerabilities in PyForum
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00231.html
WSCreator 1.1 Blind SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00226.html
[security bulletin] HPSBUX02482 SSRT090249 rev.2 - HP-UX Running OpenSSL, Remote Unauthorize
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00222.html
Adobe 0-day in the wild - again
http://isc.sans.org/diary.html?storyid=7747
Important BIND name server updates - DNSSEC
http://isc.sans.org/diary.html?storyid=7750
Vulnerability Note VU#508357: Adobe Acrobat and Reader contain a use-after-free vulnerability in the JavaScript Doc.media.newPlayer method
http://www.kb.cert.org/vuls/id/508357
TYPO3 ListMan Extension Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37771/
TYPO3 Watchdog Extension Information Disclosure Vulnerability
http://secunia.com/advisories/37770/
SUSE update for kernel
http://secunia.com/advisories/37768/
Password Manager Pro "searchtext" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37765/
IBM DB2 Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/37759/
WSCreator "Email" SQL Injection Vulnerability
http://secunia.com/advisories/37753/
Webmatic SQL Injection and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/37735/
phpFaber CMS "mod" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37719/
Ez Poll Hoster Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/37716/
Text Exchange Pro Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/37714/
Ad Manager Pro Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/37713/
Link Up Gold Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/37712/
ZeeCareers "title" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37701/
NetBiter Config Device Hostname Buffer Overflow Vulnerability
http://secunia.com/advisories/37695/
Rocomotion P forum Local File Inclusion Vulnerability
http://secunia.com/advisories/37691/
Adobe Reader/Acrobat Code Execution Vulnerability
http://secunia.com/advisories/37690/
PostgreSQL SSL Certificate Processing and Privilege Escalation Vulnerabilities
http://secunia.com/advisories/37663/
HP-UX update for sendmail
http://secunia.com/advisories/37638/
IntelliCom NetBiter Config Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3542
Rocomotion P forum "pforum.php" Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2009/3541
Password Manager Pro "searchtext" Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3540
HP-UX Security Update Fixes Sendmail Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/3539
B2C Booking Centre System Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/3538
Ez Guestbook Admin Interface Cross Site Request Forgery Vulnerability
http://www.vupen.com/english/advisories/2009/3537
eoCMS "BBCODE_path" Remote File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2009/3536
Quartz Concept Content Manager Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/3535
NAS Uploader File Extension Handling Remote File Upload Vulnerability
http://www.vupen.com/english/advisories/2009/3534
Mail Manager Pro Admin Interface Cross Site Request Forgery Issue
http://www.vupen.com/english/advisories/2009/3533
Link Up Gold Admin Interface Cross Site Request Forgery Vulnerability
http://www.vupen.com/english/advisories/2009/3532
Scriptsez Smart PHP Subscriber Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/3531
Ad Manager Pro Admin Interface Cross Site Request Forgery Issue
http://www.vupen.com/english/advisories/2009/3530
Ez Poll Hoster Cross Site Scripting and Request Forgery Vulnerabilities
http://www.vupen.com/english/advisories/2009/3529
Easy Banner Pro Admin Interface Cross Site Request Forgery Issue
http://www.vupen.com/english/advisories/2009/3528
Text Exchange Pro Admin Interface Cross Site Request Forgery Issue
http://www.vupen.com/english/advisories/2009/3527
phpFaber CMS "mod" Parameter Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3526
Mini Hosting Panel Admin Interface Cross Site Request Forgery Issue
http://www.vupen.com/english/advisories/2009/3525
WSCreator "Email" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/3524
Traidnt Discovery Admin Interface Cross Site Request Forgery Issue
http://www.vupen.com/english/advisories/2009/3523
SpireCMS "alb_id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2009/3522
F5 Products SSL/TLS Session Renegotiation Plaintext Injection Issue
http://www.vupen.com/english/advisories/2009/3521
IBM DB2 Security Update Fixes Multiple Unspecified Vulnerabilities
http://www.vupen.com/english/advisories/2009/3520
PostgreSQL Security Bypass and Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2009/3519
Adobe Reader and Acrobat Unspecified Code Execution Vulnerability
http://www.vupen.com/english/advisories/2009/3518
Sun Ray Server Software Desktop Session Handling Vulnerability
http://www.vupen.com/english/advisories/2009/3517
Sun Products Security Update Fixes Java Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3516
DubSite CMS Cross Site Request Forgery Vulnerability
http://www.securiteam.com/exploits/6Q00E1FQAU.html
SonicWall Global Management System XSS Vulnerability
http://www.securiteam.com/exploits/6P00D1FQAG.html
Sonicwall NSA E7500 XSS Vulnerability
http://www.securiteam.com/exploits/6O00C1FQAS.html
Juniper Security Threat Response Manager XSS Vulnerability
http://www.securiteam.com/exploits/6N00B1FQAE.html
Adobe Reader and Acrobat 'newplayer()' JavaScript Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37331
Monkey HTTP Daemon Invalid HTTP 'Connection' Header Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37307
TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37344
Invision Power Board '.txt' File MIME-Type Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37263
TYPO3 ListMan Extension Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37337
Sun Solaris LDAP Client Configuration Cache Daemon Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37129
Invision Power Board Multiple File MIME-Type Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37310
Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/37269
Adobe Flash Player and AIR (CVE-2009-3798) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37275
Adobe Flash Player and AIR 'exception_count' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37267
Adobe Flash Player and AIR JPEG File Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37266
Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37270
Adobe Flash Player and AIR (CVE-2009-3797) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37273
Linux Kernel with SELinux 'mmap_min_addr' Low Memory NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36051
Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/36901
Linux Kernel 64-bit Kernel Register Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36576
Linux Kernel 'unix_stream_connect()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36723
Linux Kernel 2.4 and 2.6 Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36827
Linux Kernel 'nfs4_proc_lock()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36936
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37203
Linux Kernel r128 Driver CCE Initialization NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/36824
Linux Kernel '/drivers/net/r8169.c' Out-of-IOMMU Error Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36706
Linux Kernel AppleTalk Driver IP Over DDP Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36379
Linux Kernel 'fuse_direct_io()' Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37069
Linux Kernel 'hfc_usb.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37036
Linux Kernel 'drivers/scsi/gdth.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37068
Linux Kernel 'megaraid_sas' Driver Insecure File Permission Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37019
HP OpenView Network Node Manager 'Oid' Parameter Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37299
RETIRED: HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/37261
HP OpenView Network Node Manager 'snmpviewer.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37348
HP OpenView Network Node Manager 'ovalarm.exe' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37347
PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37334
PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37333
HP OpenView Network Node Manager 'ovwebsnmpsrv.exe' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37343
HP OpenView Network Node Manager 'OvWebHelp.exe' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37340
Codesighs 'sscanf()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37303
TCP/IP Protocol Stack Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31545
Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/36038
Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33113
Linux Kernel eCryptfs Lower Dentry Null Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36639
Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37130
Linux Kernel eCryptfs 'parse_tag_11()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35851
Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Weakness
http://www.securityfocus.com/bid/35647
Linux Kernel KVM 'kvm_emulate_hypercall()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/36512
Linux Kernel KVM 'kvm_dev_ioctl_get_supported_cpuid()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/36803
Multiple Vendor Clientless SSL VPN Products Same Origin Policy Bypass Vulnerability
http://www.securityfocus.com/bid/37152
Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35929
Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37153
Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36924
Asterisk Authentication SIP Response Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34353
Asterisk IAX2 Authentication Response Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33174
Prototype JavaScript Framework Cross-Site Ajax Request Vulnerability
http://www.securityfocus.com/bid/36926
Linux Kernel 'net/atm/proc.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/32676
Linux Kernel 'tun_chr_pool()' NULL Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/35724
Linux Kernel 'net/llc/af_llc.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36126
Linux Kernel Multiple Protocols Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36176
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Ruby on Rails 'protect_from_forgery' Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/37322
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118
Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/37120
Mozilla Firefox JavaScript 'Prompted Message' Spoofing Vulnerability
http://www.securityfocus.com/bid/37230
Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/37321
Intel Indeo Codec Media Content Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37251
IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/37332
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37255
eCryptfs 'parse_tag_3_packet()' Packet Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35850
Poppler 'create_surface_from_thumbnail_data()' Integer Overflow Memory Corruption Vulnerability
http://www.securityfocus.com/bid/36718
Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703
Nicecoder iDesk 'download.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/36348
WebWorks Help Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37346
Linux Kernel 'drivers/firewire/ohci.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/37339
APC Switched Rack PDU 'login1' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37338
0 件のコメント:
コメントを投稿