BOM: プロセス監視で、カウンターオブジェクトの出力値を正しく取得できないことがある
http://www.say-tech.co.jp/support/bom-for-windows/post-42/index.shtml
Googleなどを狙う攻撃コードが流出、McAfeeが警戒を呼びかけ
http://itpro.nikkeibp.co.jp/article/NEWS/20100118/343297/?ST=security
JVNDB-2007-001201 GNU tar の safer_name_suffix 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001201.html
JVNDB-2009-002415 Expat の big2_toUtf8 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002415.html
JVNDB-2009-002414 Mac OS X 用の Java における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002414.html
JVNDB-2009-002090 複数の TCP の実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002090.html
JVNDB-2007-000621 GNU tar の contains_dot_dot() 関数におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000621.html
Zeus Web Server Buffer Overflow in SSL Implementation Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023465.html
IBM Lotus Web Content Management Input Validation Flaw in Login Page Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Jan/1023463.html
+ Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections
http://sunsolve.sun.com/search/document.do?assetkey=1-66-274870-1
+ [CPUJan2010] Oracle Critical Patch Update Advisory - January 2010
http://support.oracle.co.jp/krown_external/oisc_showDoc.do?id=139303
Firefox 3.6 Release Candidate updated
http://www.mozilla.com/en-US/firefox/all-rc.html
Samba-JP: 日本語マニュアルパッケージ v0.5.4を公開
http://sourceforge.jp/projects/samba-jp/releases/45474/
Postfix 2.7 Snapshot 20100117
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.7-20100117.HISTORY
MySQL 5.1.43 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-43.html
RHBA-2010:0045-1: cups bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0045.html
Debian : New libthai packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31468
Independent Researcher : Internet Explorer 0 day
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31471
Independent Researcher : Cross-site-scriping Vulnerabilites in Testlink Test Management and Execution System
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31473
Independent Researcher : Multiple Directory-traversal Vulnerabilites in Testlink Test Management and Execution System
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31474
SEC-CONSULT : Local file inclusion/execution and multiple CSRF vulnerabilities in LetoDMS (formerly MyDMS)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31475
SuSE : Linux kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31467
[security bulletin] HPSBUX02495 SSRT090151 rev.2 - HP-UX Running sendmail, Remote Denial of
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00112.html
Sprint / Verizon MiFi CSRF+CSS Gives up GPS info to attacker
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00103.html
=?GB2312?B?IHdvb2R3b3JraW5nIG1hY2hpbmVyeSZwbHl3b29kIG1hY2hpbmVyeSA=?=
http://www.derkeiler.com/Mailing-Lists/Securiteam/2010-01/msg00000.html
SEC Consult SA-20100115-0 :: Local file inclusion/execution and multiple CSRF vulnerabilitie
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00104.html
=?us-ascii?Q?C4_SCADA_Security_Advisory_-_Rockwell_Automation_=28Allen_Br?= =?us-ascii?Q
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00108.html
VUPEN Security Research - Adobe Acrobat and Reader U3D Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00106.html
[SECURITY] [DSA-1971-1] New libthai packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00102.html
Major security risk in the unlock pattern for Android devices
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00101.html
rPSA-2010-0004-1 openssl openssl-scripts
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00105.html
ハイチ大地震を悪用したオンライン詐欺が出現
http://itpro.nikkeibp.co.jp/article/NEWS/20100115/343278/?ST=security
JVNVU#492515 Microsoft Internet Explorer において任意のコードが実行される脆弱性
http://jvn.jp/cert/JVNVU492515/index.html
Why not Yellow?
http://isc.sans.org/diary.html?storyid=8005
Buffer overflow in Quicktime
http://isc.sans.org/diary.html?storyid=8008
Clearing some things up about Adobe
http://isc.sans.org/diary.html?storyid=7999
Exploit code available for CVE-2010-0249
http://isc.sans.org/diary.html?storyid=8002
D-Link Router DI-524 HNAP Security Bypass Vulnerability
http://secunia.com/advisories/38214/
Debian update for libthai
http://secunia.com/advisories/38213/
phpMyAdmin Multiple Security Issues
http://secunia.com/advisories/38211/
Microsoft Internet Explorer Arbitrary Code Execution
http://secunia.com/advisories/38209/
DokuWiki Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/38205/
Fedora update for ruby
http://secunia.com/advisories/38202/
Testlink Cross-Site Scripting and File Inclusion Vulnerabilities
http://secunia.com/advisories/38201/
libthai Integer Overflow Vulnerabilities
http://secunia.com/advisories/38196/
DokuWiki Multiple Vulnerabilities
http://secunia.com/advisories/38183/
IBM Lotus Web Content Management Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38174/
Xforum "nbpageliste" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38173/
D-Link Routers DIR-628 / DIR-655 HNAP Security Bypass Vulnerability
http://secunia.com/advisories/38092/
Zeus Web Server Buffer Overflow Vulnerability
http://secunia.com/advisories/38056/
Red Hat update for java-1.6.0-ibm
http://secunia.com/advisories/38049/
Sun Solaris NTP Mode 7 Request Denial of Service
http://secunia.com/advisories/38009/
Ubuntu update for transmission
http://secunia.com/advisories/38002/
Red Hat update for pidgin
http://secunia.com/advisories/38000/
Gentoo update for ruby
http://secunia.com/advisories/37980/
Microsoft Internet Explorer Use-after-free Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/0135
Windows Media Player 11 ActiveX launchURL() files download
http://www.exploit-db.com/exploits/11175
TrendMicro Web-Deployment ActiveX Remote Exec 0day POC
http://www.exploit-db.com/exploits/11173
Adobe GetPlus get_atlcom v1.6.2.48 ctiveX Remote Exec 0day POC
http://www.exploit-db.com/exploits/11172
Internet Explorer Aurora Exploit
http://www.exploit-db.com/exploits/11167
VLC vs 0.6.8 [b][c][d][a] .ASS file buffer overflow exploit(win32 universal)
http://www.exploit-db.com/exploits/11174
Audiotran v1.4.1 direct RET BOF
http://www.exploit-db.com/exploits/11171
Internet Explorer CVE-2010-0249 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37815
PHP 'ini_restore()' Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36009
PHP 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37389
PHP 5.2.4 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/26403
Ots Labs OtsTurntables OFL File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33257
Microsoft Windows Embedded OpenType Font Engine LZCOMP Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37671
Apple iTunes/QuickTime Malformed '.mov' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32540
phpMyAdmin Insecure Temporary File and Directory Creation Vulnerabilities
http://www.securityfocus.com/bid/37826
Sendmail check_relay Access Bypassing Vulnerability
http://www.securityfocus.com/bid/6548
TestLink Multiple Unspecified Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/37824
Adobe Flash Player and AIR JPEG File Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37266
LibThai Unspecified Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37822
Adobe Reader and Acrobat U3D Support Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37756
DokuWiki File Enumeration Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37821
DokuWiki 'ajax.php' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/37820
Joomla! 'com_marketplace' Component 'catid' Parameter Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37819
IBM Lotus Web Content Management Login Page Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37825
Linux Kernel 'drivers/firewire/ohci.c' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/37339
Linux e1000e Driver 'Jumbo Frame' Handling Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/37523
Linux Kernel 'hfc_usb.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37036
Linux e1000 Driver 'Jumbo Frame' Handling Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/37519
Linux Kernel 'drivers/scsi/gdth.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37068
Linux Kernel 'megaraid_sas' Driver Insecure File Permission Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37019
OpenSSL 'zlib' Compression Memory Leak Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/31692
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37203
BS.Player '.bsl' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37831
Novatel Wireless MiFi Mobile Hotspot Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/37830
Zeus Web Server Unspecified Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37829
LetoDMS 'lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/37828
MicroLogix 1100 and 1400 Controllers Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/37827
0 件のコメント:
コメントを投稿