Linux Kernel release: 2.6.33-rc5
http://www.linux.org/news/2010/01/21/0002.html
Internet Explorer の脆弱性(MS10-002)について
http://www.ipa.go.jp/security/ciadr/vul/20100122-ms10-002.html
修正プログラム提供前の脆弱性を悪用したゼロデイ攻撃について
http://www.ipa.go.jp/security/virus/zda.html
Microsoft Internet Explorer の未修正の脆弱性に関する注意喚起
http://www.jpcert.or.jp/at/2010/at100004.txt
JVNVU#492515 Microsoft Internet Explorer において任意のコードが実行される脆弱性
http://jvn.jp/cert/JVNVU492515/index.html
JVNTA10-021A Internet Explorer に複数の脆弱性
http://jvn.jp/cert/JVNTA10-021A/index.html
JVNDB-2009-002439 複数の Microsoft 製品のテキストコンバーターにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002439.html
JVNDB-2009-002438 Microsoft Windows の Active Directory フェデレーションサービスにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002438.html
JVNDB-2009-002437 Microsoft Windows の Active Directory フェデレーションサービスのシングルサインオン実装における認証情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002437.html
JVNDB-2009-002436 Microsoft Windows の LSASS におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002436.html
JVNDB-2009-002435 Microsoft Project における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002435.html
JVNDB-2009-002434 Microsoft Internet Explorer におけるメモリ破損の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002434.html
JVNDB-2009-002433 Microsoft Internet Explorer におけるメモリ破損の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002433.html
JVNDB-2009-002432 Microsoft Internet Explorer におけるメモリ破損の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002432.html
JVNDB-2009-002431 Microsoft Windows のインターネット認証サービスにおけるネットワークリソースにアクセスされる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002431.html
JVNDB-2009-002430 Microsoft Windows のインターネット認証サービスにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002430.html
IntelliTamper 2.07/2.08 (defer)Remote Buffer Overflow Poc
http://www.exploit-db.com/exploits/11217
+ [ANN] Apache Tomcat 6.0.24 released
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html
+ マイクロソフト セキュリティ情報 MS10-002 - 緊急: Internet Explorer 用の累積的なセキュリティ更新プログラム (978207)
http://www.microsoft.com/japan/technet/security/bulletin/ms10-002.mspx
http://www.microsoft.com/technet/security/advisory/979352.mspx
http://www.securityfocus.com/bid/37895
http://www.securityfocus.com/bid/37891
http://www.securityfocus.com/bid/37892
http://www.securityfocus.com/bid/37894
http://www.securityfocus.com/bid/37884
http://www.securityfocus.com/bid/37815
http://www.securityfocus.com/bid/37883
+ Multiple Security Vulnerabilities in BIND DNSSEC Software Shipped With Solaris May Cause Bogus NXDOMAIN Responses
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275890-1
+ A Security Vulnerability Relating to Certificate Handling in sendmail(1M) Versions Prior to 8.14.4 May Allow Server Identification Forgery
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275870-1
+ GCC 4.4.3 has been released
http://gcc.gnu.org/gcc-4.4/
http://gcc.gnu.org/gcc-4.4/changes.html
+ Linux Kernel ATI Radeon Drivers Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37903
+ マイクロソフト セキュリティ アドバイザリ (979682): Windows カーネルの脆弱性により、特権が昇格される
http://www.microsoft.com/japan/technet/security/advisory/979682.mspx
- [ANNOUNCE] Apache Jackrabbit 1.6.1 released
http://jackrabbit.apache.org/downloads.html
- [ANN] Apache Tomcat Native 1.1.19 released
http://tomcat.apache.org/native-doc/miscellaneous/changelog.html
- Linux Kernel 'ipv6_hop_jumbo()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37810
- Firefox 3.6 released
http://www.mozilla.com/en-US/firefox/3.6/releasenotes/
- IBM Lotus Domino Buffer Overflow Vulnerability
http://secunia.com/advisories/38275/
UPDATE: cisco-sa-20091109-tls: Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml
RHBA-2010:0063-1: selinux-policy bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0063.html
Mandriva : openssl
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31540
Mandriva : phpldapadmin
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31541
Microsoft : Cumulative Security Update for Internet Explorer
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31560
Red Hat : Important: kernel-rt security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31546
Sense of Security : TheGreenBow VPN Client Local Stack Overflow - Security Advisory
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31556
Cisco : Cisco IOS XR Software SSH Denial of Service Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31550
Cisco : CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31551
CodeScan : Insufficient User Input Validation in VP-ASP 6.50 Demo Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=31557
オンラインゲームをかたるフィッシング出現、ファンサイトから誘導
偽のログイン画面を表示、IDとパスワードを入力させる
http://itpro.nikkeibp.co.jp/article/NEWS/20100122/343647/?ST=security
トレンドマイクロが仮想サーバー向けセキュリティ製品を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100121/343636/?ST=security
US-CERT Technical Cyber Security Alert TA10-021A -- Microsoft Internet Explorer Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2010-01/msg00003.html
ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00200.html
ZDI-10-013: Microsoft Internet Explorer Table Layout Reuse Remote Code Execution Vulnerabili
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00199.html
ZDI-10-012: Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnera
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00202.html
ZDI-10-011: Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execut
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00201.html
US-CERT Technical Cyber Security Alert -- New US-CERT PGP Key
http://www.derkeiler.com/Mailing-Lists/Cert/2010-01/msg00002.html
ZDI-10-010: RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00196.html
ZDI-10-009: RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00190.html
ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00193.html
ZDI-10-007: RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00198.html
ZDI-10-006: RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00189.html
ZDI-10-005: RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00192.html
ZDI-10-004: Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00197.html
[SECURITY] [DSA-1972-2] New audiofile packages fix buffer overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00195.html
[ MDVSA-2010:023 ] phpldapadmin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00194.html
[ MDVSA-2010:022 ] openssl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00191.html
eWebeditor Directory Traversal Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00188.html
TheGreenBow VPN Client Local Stack Overflow Vulnerability - Security Advisory - SOS-10&#
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00187.html
ZDI-10-003: Novell ZENworks Asset Management docfiledownload Remote SQL Injection Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00185.html
Insufficient User Input Validation in VP-ASP 6.50 Demo Code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00184.html
[SECURITY] [DSA-1975-1] Security Support for Debian 4.0 to be discontinued on February 15th
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00183.html
Security Update Available for Shockwave Player
http://isc.sans.org/diary.html?storyid=8056
* Microsoft Out Of Band Patch Release
http://isc.sans.org/diary.html?storyid=8059
Microsoft January Out of Band Patch
http://isc.sans.org/diary.html?storyid=8062
Firefox Upgrade Available
http://isc.sans.org/diary.html?storyid=8065
Drupal Recent Comments Module Script Insertion Vulnerability
http://secunia.com/advisories/38281/
Drupal Control Panel Module Script Insertion Vulnerability
http://secunia.com/advisories/38280/
SAP BusinessObjects Spoofing Security Issues
http://secunia.com/advisories/38278/
IBM Lotus Domino Buffer Overflow Vulnerability
http://secunia.com/advisories/38275/
SAP BusinessObjects Multiple Vulnerabilities
http://secunia.com/advisories/38271/
KloNews "cat" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38268/
TheGreenBow VPN Client "tgb" File Processing Buffer Overflow
http://secunia.com/advisories/38262/
Blaze Apps Script Insertion and SQL Injection Vulnerabilities
http://secunia.com/advisories/38254/
Drupal Block Class Module Script Insertion Vulnerability
http://secunia.com/advisories/38244/
Ubuntu update for bind9
http://secunia.com/advisories/38240/
Debian update for glibc and eglibc
http://secunia.com/advisories/38238/
Ubuntu update for gzip
http://secunia.com/advisories/38232/
Ubuntu update for expat
http://secunia.com/advisories/38231/
Cisco InternetWork Performance Monitor GIOP Request Buffer Overflow
http://secunia.com/advisories/38230/
Cisco IOS XR SSH Denial of Service Vulnerability
http://secunia.com/advisories/38227/
Red Hat update for gzip
http://secunia.com/advisories/38225/
Red Hat update for bind
http://secunia.com/advisories/38224/
Debian update for gzip
http://secunia.com/advisories/38223/
GNU gzip "unlzw()" Integer Underflow Vulnerability
http://secunia.com/advisories/38220/
SAP BusinessObjects Disclosure of System Information and Cross-Site Scripting
http://secunia.com/advisories/38217/
Red Hat update for acroread
http://secunia.com/advisories/38215/
Tor Directory Authorities Directory Queries Information Disclosure
http://secunia.com/advisories/38198/
Redatam+SP WebServer Cross-Site Scripting and Path Disclosure
http://secunia.com/advisories/38170/
Fedora update for bind
http://secunia.com/advisories/38169/
Fedora update for kernel
http://secunia.com/advisories/38168/
GNU gzip "huft_build()" Input Sanitation Vulnerability
http://secunia.com/advisories/38132/
Microsoft Internet Explorer URL Validation Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023495.html
Microsoft Internet Explorer Cross-Site Scripting Filter Can Be Bypassed
http://securitytracker.com/alerts/2010/Jan/1023494.html
Microsoft Internet Explorer Multiple Memory Access Flaws Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jan/1023493.html
Sun Java System Directory Server LDAP Search Request Processing Flaw Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Jan/1023492.html
Microsoft Internet Explorer Multiple Code Execution Vulnerabilities (MS10-002)
http://www.vupen.com/english/advisories/2010/0187
GNU gzip Integer Underflow and Input Validation Vulnerabilities
http://www.vupen.com/english/advisories/2010/0185
CiscoWorks IPM CORBA GIOP Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0184
Cisco IOS XR SSH v2 Packets Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0183
Sun Java System Web Server Remote Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2010/0182
EFS Easy Chat server Universal BOF-SEH (Meta)
http://www.exploit-db.com/exploits/11210
jetAudio 8.0.0.2 Basic (m3u) Stack Overflow Exploit
http://www.exploit-db.com/exploits/11208
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37203
Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37895
Microsoft Internet Explorer 'Col' Element Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37891
Microsoft Internet Explorer Table Layout Reuse Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37892
Microsoft Internet Explorer Cloned DOM Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37894
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
RealNetworks RealPlayer IVR File Parsing Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/33652
Multiple RealNetworks Products Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/37880
OpenOffice Multiple Unspecified Remote Security Vulnerabilities
http://www.securityfocus.com/bid/36285
Microsoft Internet Explorer URI Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37884
SAP BusinessObjects Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/37900
Internet Explorer CVE-2010-0249 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37815
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118
ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37865
D-Bus 'dbus_signature_validate()' Type Signature Denial of Service Vulnerability
http://www.securityfocus.com/bid/31602
Audio File Library (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33066
PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35440
PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
http://www.securityfocus.com/bid/37079
PHP 5.2.10 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/36449
PHP 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37389
GD Graphics Library '_gdGetColors' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36712
COWON America jetAudio M3U File Processing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/26069
COWON America jetAudio ASX File Processing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/27698
phpLDAPadmin 'cmd.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/37327
Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37368
Mozilla Firefox and SeaMonkey 'liboggplay' Media Library Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/37369
Adobe Reader and Acrobat U3D Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37758
Cisco CiscoWorks Internetwork Performance Monitor CORBA GIOP Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37879
Linux e1000 Driver 'Jumbo Frame' Handling Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/37519
Linux Kernel RTL8169 NIC 'RxMaxSize' Frame Size Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37521
Linux e1000e Driver 'Jumbo Frame' Handling Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/37523
Linux Kernel 'fuse_direct_io()' Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/37069
Linux Kernel 'drivers/scsi/gdth.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37068
EFS Software Easy Chat Server Authentication Request Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25328
OpenSSL 'zlib' Compression Memory Leak Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/31692
YOOtheme Warp5 Joomla! Component 'yt_color' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37239
Linux Kernel 'ipv6_hop_jumbo()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37810
Microsoft Windows #GP Trap Handler Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37864
Windows Live Messenger ActiveX Control 'RichUploadControlContextData' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37908
Joomla! 'com_book' Component 'cid[]' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37907
Linux Kernel ATI Radeon Drivers Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37903
cPanel and WHM 'failurl' Parameter HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/37902
Tor Directory Authorities Directory Queries Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37901
Sun Java System Web Server Digest Authentication Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37896
Microsoft Internet Explorer Cross Site Scripting Filter Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37883
0 件のコメント:
コメントを投稿