2009年12月18日金曜日

18日 金曜日、先勝

Firefox 3.6 Beta (revision 5) now available for download
http://www.mozilla.com/firefox/all-beta.html

Linux kernel 2.6.33-rc1 released
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.33-rc1

MySQL 5.5.1 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-1.html

Trend Micro PortalProtect 1.8 サポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1344

IM Security for Microsoft Office Communications Server サポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1336

クラウドのセキュリティ確保を目指すCSA,ガイダンス第2版を公開
http://itpro.nikkeibp.co.jp/article/NEWS/20091218/342355/?ST=security

JVNDB-2009-002343 Apple Mac OS X の Spotlight における任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002343.html

JVNDB-2009-002342 Apple Mac OS X の画面共有における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002342.html

JVNDB-2009-002341 Apple Mac OS X のクイックルックにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002341.html

JVNDB-2009-002340 Apple Mac OS X の QuickDraw Manager におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002340.html

JVNDB-2009-002339 Apple Mac OS X のログインウインドウにおける任意のアカウントでログインされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002339.html

JVNDB-2009-002338 Apple Mac OS X の Launch Services における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002338.html

JVNDB-2009-002337 Apple Mac OS X の Kernel における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002337.html

JVNDB-2008-001008 PostgreSQL の DBLink モジュールにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001008.html

JVNDB-2007-000118 PostgreSQL の SQL 関数の処理におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000118.html

JVNDB-2006-000306 PostgreSQL における特定のマルチバイト文字コードによる SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000306.html

JVNDB-2006-000305 PostgreSQL における無効なマルチバイト文字列による SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000305.html

IBM Rational ClearQuest Web Interface May Disclose Passwords in Certain Cases
http://securitytracker.com/alerts/2009/Dec/1023370.html

Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37387

Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37374

Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
http://www.securityfocus.com/bid/37397

HP OpenView Storage Data Protector Cell Manager Database Service Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37386

IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability
http://www.securityfocus.com/bid/37392




+ PHP 5.2.12 Released
http://www.php.net/releases/5_2_12.php
http://www.php.net/ChangeLog-5.php#5.2.12

+ PHP Multiple Vulnerabilities
http://secunia.com/advisories/37821/
http://www.securityfocus.com/bid/37390
http://www.securityfocus.com/bid/37389

+ Security Vulnerability in Mozilla Thunderbird Related to SSL Certificates May Cause Arbitrary Code Execution
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269468-1

HPSBUX02495 SSRT090151 rev.1 - sendmailを実行するHP-UX、リモートサービス拒否(DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01956682

HPSBUX02480 SSRT090253 rev.1 - VRTSwebを実行するHP-UX、リモートでの任意コードの実行、特権の拡大
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01956681

HPSBPI02463 SSRT090061 rev.1 - HP LaserJetプリンター、HP Color LaserJetプリンター、リモートクロスサイトスクリプティング(XSS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c01897137

Kernel release: 2.6.32.2-rc1
http://www.linux.org/news/2009/12/17/0001.html

Hewlett-Packard : HP OpenView Storage Data Protector, Remote Arbitrary Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31292

ISecAuditors : Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass http://www.criticalwatch.com/support/security-advisories.aspx?AID=31288

Mandriva : poppler
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31272

SEC-CONSULT : Authentication bypass and file manipulation in Sitecore Staging Module
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31287

Secunia : Winamp Oktalyzer Parsing Integer Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31283

Secunia : Winamp Ultratracker File Parsing Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31284

Secunia : Winamp Impulse Tracker Sample Parsing Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31285

Secunia : Winamp Impulse Tracker Instrument Parsing Buffer Overflows
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31286

Cisco : Multiple Cisco WebEx WRF Player Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31275

[ MDVSA-2009:335 ] ffmpeg
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00259.html

[ISecAuditors Security Advisories] QuiXplorer <=2.4.1beta Remote Code Execution vulnerability http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00257.html

[Suspected Spam][oCERT-2009-019] Ganeti path sanitization errors
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00260.html

VUPEN Security Research - Winamp PNG and JPEG Data Integer Overflow Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00256.html

[ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control b http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00254.html

SEC Consult SA-20091217-0 :: Authentication bypass and file manipulation in Sitecore Staging
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00253.html

Rumba XML XSS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00261.html

Secunia Research: Winamp Impulse Tracker Instrument Parsing Buffer Overflows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00252.html

Secunia Research: Winamp Impulse Tracker Sample Parsing Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00250.html

Secunia Research: Winamp Ultratracker File Parsing Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00251.html

Secunia Research: Winamp Oktalyzer Parsing Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00255.html

[ MDVSA-2009:334 ] poppler
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00258.html

Campus Party Eu 2010 Security Challenge - Call For Participants
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00262.html

[security bulletin] HPSBMA02252 SSRT061258, SSRT061259 rev.1 - HP OpenView Storage Data Protecto
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2009-12/msg00249.html

In caches, danger lurks
http://isc.sans.org/diary.html?storyid=7768

Drupal Core Locale Module Script Insertion Vulnerability
http://secunia.com/advisories/37825/

Drupal Core Contact Module Script Insertion Vulnerability
http://secunia.com/advisories/37824/

Horde Groupware / Groupware Webmail Edition Cross-Site Scripting
http://secunia.com/advisories/37823/

PHP Multiple Vulnerabilities
http://secunia.com/advisories/37821/

Mojo iWMS "ERRMSG" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37820/

network-manager-applet nm-connection-editor D-Bus Information Disclosure
http://secunia.com/advisories/37819/

Debian update for network-manager
http://secunia.com/advisories/37817/

Debian update for cacti
http://secunia.com/advisories/37816/

Drupal Core Contact and Menu Modules Script Insertion Vulnerabilities
http://secunia.com/advisories/37815/

GNU Automake "make dist" / "make distcheck" Insecure Directory Permissions
http://secunia.com/advisories/37814/

Debian update for xulrunner
http://secunia.com/advisories/37813/

IBM Rational ClearQuest CQWeb Information Disclosure Vulnerability
http://secunia.com/advisories/37811/

Cisco WebEx WRF Player Buffer Overflow Vulnerabilities
http://secunia.com/advisories/37810/

Citrix NetScaler / Access Gateway TCP Implementation Denial of Service
http://secunia.com/advisories/37809/

Centreon Improper Authentication Security Bypass
http://secunia.com/advisories/37808/

Smart Statistics "name" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37804/

Recipe Script Cross-Site Scripting and Request Forgery
http://secunia.com/advisories/37802/

Family Connections Multiple Vulnerabilities
http://secunia.com/advisories/37795/

eUploader Pro Cross-Site Request Forgery
http://secunia.com/advisories/37782/

Pre Hospital Management System SQL Injection Vulnerabilities
http://secunia.com/advisories/37780/

iDevCart "SEARCH" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37767/

Trango Access5830 Subscriber Unit Synchronization Vulnerability
http://secunia.com/advisories/37758/

Drupal Sections Module Script Insertion Vulnerability
http://secunia.com/advisories/37752/

ScriptsEz Ez Blog Multiple Vulnerabilities
http://secunia.com/advisories/37743/

GuestBookPro Free Edition Database Disclosure Security Issue
http://secunia.com/advisories/37741/

MembersPro Products Database Disclosure Security Issue
http://secunia.com/advisories/37739/

ScriptsEz Ez Faq Maker "sid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37737/

EEGShop "id" SQL Injection Vulnerability
http://secunia.com/advisories/37731/

Kaspersky Products Insecure Default Directory Permissions
http://secunia.com/advisories/37730/

iSupport Multiple Vulnerabilities
http://secunia.com/advisories/37726/

Cisco ASA WebVPN Bookmark URLs Security Bypass
http://secunia.com/advisories/37710/

Winamp Module Decoder Plug-in Multiple Vulnerabilities
http://secunia.com/advisories/37495/

APC Switched Rack PDU XSS Vulnerability
http://www.securiteam.com/unixfocus/6W00F20QAA.html

HP-UX Running OpenSSL Unauthorized Data Injection and Denial of Service
http://www.securiteam.com/unixfocus/6V00E20QAI.html

Cisco ASA WebVPN Bookmark List Can Be Bypassed By Remote Authenticated Users
http://securitytracker.com/alerts/2009/Dec/1023368.html

Kaspersky Internet Security Unsafe Access Control Configuration for BASES Folder Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Dec/1023367.html

Kaspersky Anti-Virus Unsafe Access Control Configuration for BASES Folder Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2009/Dec/1023366.html

Horde Application Framework Input Validation Flaw in Administrator Scripts Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2009/Dec/1023365.html

HP OpenView Storage Data Protector Flaws Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2009/Dec/1023361.html

Family Connections Multiple Remote Vulnerabilities
http://www.securiteam.com/exploits/6U00D20QAQ.html

VideoCache vccleaner Root Vulnerability
http://www.securiteam.com/exploits/6T00C20QAY.html

QuickHeal Antivirus 2010 Local Privilege Escalation
http://www.securiteam.com/exploits/6S00B20QAQ.html

Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass http://www.exploit-db.com/exploits/10510

IBM Rational ClearQuest CQWeb Password Disclosure Vulnerability
http://www.vupen.com/english/advisories/2009/3580

GNU Automake "make dist" and "make distcheck" Vulnerability
http://www.vupen.com/english/advisories/2009/3579

Centreon Ping/Traceroute and LDAP Import Unspecified Vulnerabilities
http://www.vupen.com/english/advisories/2009/3578

Cisco ASA WebVPN Bookmark URL Restriction Bypass Weakness
http://www.vupen.com/english/advisories/2009/3577

Winamp PNG and JPEG Data Handling Integer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/3576

Winamp Module Decoder Plug-in Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/3575

Cisco WebEx WRF Player File Processing Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2009/3574

Kaspersky Products Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2009/3573

Horde Groupware Admin Interface Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2009/3572

SonicWALL SSL VPN Same Origin Restriction Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/3571

Citrix Access Gateway VPN Same Origin Restriction Bypass Issue
http://www.vupen.com/english/advisories/2009/3570

Juniper Networks Secure Access Same Origin Restriction Bypass Issue
http://www.vupen.com/english/advisories/2009/3569

Stonesoft StoneGate SSL VPN Same Origin Restriction Bypass Issue
http://www.vupen.com/english/advisories/2009/3568

Nortel CallPilot SSL VPN Same Origin Restriction Bypass Vulnerability
http://www.vupen.com/english/advisories/2009/3567

Citrix NetScaler and Access Gateway Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2009/3567

Sun Solaris Flash Player Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2009/3565

Sun Solaris GIMP "ReadImage()" Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2009/3564

Sun Solaris Security Update Fixes Mod_perl Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2009/3563

WHMCS 'weblink_cat_list.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/37376

HP OpenView Storage Data Protector Cell Manager Database Service Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37386

HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37396

Dag Wieers Dstat 'sys.path' Search Path Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37131

phpLDAPadmin 'cmd.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/37327

OSSIM 'uniqueid' Parameter Multiple Remote Command Execution Vulnerabilities
http://www.securityfocus.com/bid/37375

Digiappz Freekot 'login.asp' SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37373

Drupal Sections Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/37371

Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/37372

Recipe Script Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/37359

Quick Heal AntiVirus Insecure Program File Permissions Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37358

WP-Forum WordPress Plugin Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37357

Article Directory 'login.php' SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37356

Digital Scribe Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/37353

APC Switched Rack PDU 'login1' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37338

WebWorks Help Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37346

MPlayer Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/34136

ManageEngine Password Manager Pro Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37336

Webmatic Multiple Unspecified SQL Injection and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37335

IntelliCom NetBiter webSCADA Multiple Default Password Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/37328

phpFaber CMS 'module.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37329

Smart PHP Subscriber Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/37324

Savant Web Server Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/12429

Intellicom 'NetBiterConfig.exe' 'Hostname' Data Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37325

Arctic Issue Tracker Search Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37323

DigitalHive 'base.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/37320

PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37079

PHP 'posix_mkfifo()' 'open_basedir' Restriction Bypass Vulnerability
http://www.securityfocus.com/bid/36554

Zeeways ZeeLyrics 'searchresults_main.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37319

VirtueMart 'product_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37317

Open Flash Chart 'ofc_upload_image.php' Remote PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/37314

Million Pixel 'pa' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37315

IDevSpot PhpLinkExchange 'add_images.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/37382

Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097

IDevSpot PhpLinkExchange 'Your Email Address' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/37381

iDevSpot iSupport Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37380

IDevSpot PhpLinkExchange 'index.php' Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/30665

Adobe Flash Player and AIR (CVE-2009-3797) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37273

Adobe Flash Player and AIR 'exception_count' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37267

Adobe Flash Player and AIR (CVE-2009-3798) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37275

Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37272

Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37270

Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/37269

Adobe Flash Player and AIR JPEG File Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37266

IBM Rational ClearQuest CQWeb Interface Password Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37385

Horde Application Framework Administration Interface 'PHP_SELF' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37351

PHP 'tempnam()' 'safe_mode' Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/36555

Piwik 'unserialize()' PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/37312

GNOME NetworkManager Applet SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37313

ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118

MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
http://www.securityfocus.com/bid/37076

MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37075

MySQL Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/37297

Xpdf 'FoFiType1::parse' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37350

Scripts For Sites EZ e-store 'searchresults.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/32039

Cisco WebEx WRF File Handling Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37352

RETIRED: Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37349

GNU Automake Insecure Directory Permissions Vulnerability
http://www.securityfocus.com/bid/37378

Adobe Reader and Acrobat 'newplayer()' JavaScript Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37331

Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
http://www.securityfocus.com/bid/37370

Mozilla Firefox CVE-2009-3981 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37363

Mozilla Firefox CVE-2009-3979 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/37361

Mozilla Firefox 'window.opener' Property Chrome Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37365

Mozilla Firefox and Sea Monkey Insecure Protocol Location Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/37367

Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37366

TCP/IP Protocol Stack Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/31545

Xpdf Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36703

CUPS PDF File Multiple Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35195

Mozilla Firefox and SeaMonkey 'liboggplay' Media Library Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/37369

Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37368

Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/37364

Mozilla Firefox CVE-2009-3980 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/37362

Mozilla Firefox/SeaMonkey GeckoActiveXObject Exception Message COM Object Enumeration Vulnerability
http://www.securityfocus.com/bid/37360

cPanel 'fileop' Parameter Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37394

QuiXplorer 'lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/37393

ReVou Comment Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/37391

PHP 'session.save_path()' Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/37390

PHP 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37389

Sitecore CMS Staging Service 'api.asmx' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37388

Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37387

Pluxml-Blog 'core/admin/auth.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37384

Centreon Authentication Mechanism Security Bypass Vulnerability
http://www.securityfocus.com/bid/37383

Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/37374

0 件のコメント:

コメントを投稿