Firefox 3.5.7 and 3.0.17 updates now available for download
http://firefox.com/
http://www.mozilla.com/firefox/3.5.7/releasenotes/
http://www.mozilla.com/firefox/3.0.17/releasenotes/
UPDATE: Vulnerability in Citrix Secure Gateway could result in Denial of Service
http://support.citrix.com/article/CTX121172
Apache Ant 1.8.0RC1 Available
http://ant.apache.org/
Trend Micro ビジネスセキュリティ 6.0 Active Updateサーバメンテナンスのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1347
定期サーバメンテナンスのお知らせ(2010年1月15日)
http://www.trendmicro.co.jp/support/news.asp?id=1349
2010年下半期(7月~12月)のサポートサービス終了予定製品のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1346
【注意喚起】ワンクリック不正請求に関する相談急増!
パソコン利用者にとっての対策は、まずは手口を知ることから!
http://www.ipa.go.jp/security/topics/alert20080909.html
コンピュータウイルス・不正アクセスの届出状況[12月分および2009年年間]について
http://www.ipa.go.jp/security/txt/2010/01outline.html
JVN#09872874 Movable Type におけるアクセス制限回避の脆弱性
http://jvn.jp/jp/JVN09872874/index.html
JVNDB-2010-000001 Movable Type におけるアクセス制限回避の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000001.html
JVNDB-2009-002392 Expat の libexpat におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002392.html
JVNDB-2009-002391 Microsoft Office Word および Open XML File Format Converter における、任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002391.html
JVNDB-2007-000217 Apache Tomcat の Apache HTTP Server との組合せによるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000217.html
Denial of Service Attack Aftermath (and what did Iran have to do with it?)
http://isc.sans.org/diary.html?storyid=7888
NetWare CIFS and AFP Protocol Processing Flaws Let Remote Users Deny Service
http://securitytracker.com/alerts/2010/Jan/1023400.html
Microsoft SQL Server 'sp_replwritetovarbin' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/32710
PHP 'exif_read_data()' JPEG Image Processing Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35440
GD Graphics Library '_gdGetColors' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36712
PHP 'ini_restore()' Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36009
PHP 'mbstring' Extension Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32948
PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
http://www.securityfocus.com/bid/33927
PHP 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33542
PHP 'session.save_path()' Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/37390
PHP SAPI 'php_getuid()' Safe Mode Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/32688
PHP 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37389
PHP ZipArchive::extractTo() '.zip' Files Directory Traversal Vulnerability
http://www.securityfocus.com/bid/32625
PHP 'imageRotate()' Uninitialized Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33002
PHP 5.2.7 'magic_quotes_gpc' Security Bypass Weakness
http://www.securityfocus.com/bid/32673
University of Washington IMAP c-client Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/32958
PHP 'error_log' Safe Mode Restriction-Bypass Vulnerability
http://www.securityfocus.com/bid/32383
PHP Multiple Functions 'safe_mode_exec_dir' and 'open_basedir' Restriction Bypass Vulnerabilities
http://www.securityfocus.com/bid/31064
- Multiple Security Vulnerabilities in the FreeType2 library for Printer Font Binary (PFB) or TrueType Font (TTF) format font files may lead to a Denial of Service (DoS) or allow Execution of Arbitrary Code
http://sunsolve.sun.com/search/document.do?assetkey=1-66-239006-1
SUN ALERT WEEKLY SUMMARY REPORT - Week of 20-Dec-2009 to 02-Jan-2010
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275070-1
Document ID: 339928: When changing zoning with a NETAPP array, the NETAPP Device Specific Module (DSM) is claiming the device; however, Windows Management Instrumentation (WMI) hasn't established with Symantec's DSM WMI interface.
http://seer.entsupport.symantec.com/docs/339928.htm
RHBA-2009:1598-2: cman bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1598.html
RHBA-2010:0004-1: acpid bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0004.html
Using the VMware SCSI Disk Driver for Windows Guest Operating Systems
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1006956&sliceId=1&docTypeID=DT_KB_1_1
JVNVU#571629 Linear eMerge のマネージメントコンポーネントにおけるサービス運用妨害 (DoS)
http://jvn.jp/cert/JVNVU571629/index.html
[ GLSA 201001-03 ] PHP: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00022.html
{PRL} Novell Netware CIFS And AFP Remote Memory Consumption DoS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00025.html
[ MDVSA-2009:220-1 ] davfs
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00023.html
REWTERZ-20100103 - Ofilter Player Local Denial of Service (DoS) Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00016.html
REWTERZ-20100102 - Nemesis Player (NSP) Local Denial of Service (DoS) Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00011.html
REWTERZ-20100101 - n.player Local Heap Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00015.html
Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00013.html
Multiple vulnerabilities in LineWeb 1.0.5
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00020.html
UPDATE: MITKRB5-SA-2009-003 [CVE-2009-3295] KDC denial of service in cross-r
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00019.html
Y2K10 spamassassin bug, 2010 year mails discared as spam
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00009.html
Secunia Research: PDF-XChange Viewer Content Parsing Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00001.html
Java vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00002.html
[USN-876-1] PostgreSQL vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00000.html
[ GLSA 201001-02 ] Adobe Flash Player: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00005.html
[ GLSA 201001-01 ] NTP: Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00008.html
[Tool] DeepToad 1.1.0
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00007.html
WASC Announcement: WASC Threat Classification v2.0 Published
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00004.html
httpdx webserver v1.5 Remote Source Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00006.html
Latest Intel Pro/10* ethernet adaptor drivers contain vulnerable MSVC runtime!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-01/msg00003.html
JVNDB-2009-002390 Microsoft Office Excel および Open XML File Format Converter におけるオブジェクトを含むスプレッドシートの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002390.html
JVNDB-2009-002389 Microsoft Office Excel および Open XML File Format Converter における BIFF レコードの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002389.html
JVNDB-2009-002388 複数の Microsoft 製品におけるエクセルファイルのフォーマットの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002388.html
JVNDB-2009-002387 複数の Microsoft 製品における計算式を含むスプレッドシートの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002387.html
JVNDB-2009-002386 複数の Microsoft 製品におけるセルに含まれる計算式の処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002386.html
JVNDB-2009-002385 複数の Microsoft 製品における FEATHEADER レコードの処理に関する任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002385.html
JVNDB-2009-002384 Microsoft Office Excel における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002384.html
JVNDB-2009-002383 Microsoft Office および Open XML File Format Converter における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002383.html
MS-Pro Portal Scripti Database Disclosure Security Issue
http://secunia.com/advisories/38119/
LXR Cross Referencer Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38117/
F5 Data Manager Directory Traversal Vulnerabilities
http://secunia.com/advisories/38113/
PD Portal Database Disclosure Security Issue
http://secunia.com/advisories/38109/
uF.Phpaw Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38106/
CNR Hikaye Portal Database Disclosure Security Issue
http://secunia.com/advisories/38103/
Deviant Art Clone "seid" SQL Injection Vulnerability
http://secunia.com/advisories/38096/
Fedora update for gimp
http://secunia.com/advisories/38094/
Pay Per Minute Video Chat Script Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38086/
Magento Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/38078/
KMSoft Guestbook Database Disclosure Security Issue
http://secunia.com/advisories/38076/
WordPress Events Manager "event_id" SQL Injection Vulnerability
http://secunia.com/advisories/38072/
Kayako SupportSuite / eSupport Multiple Vulnerabilities
http://secunia.com/advisories/38057/
Red Hat update for gd
http://secunia.com/advisories/38055/
Webace CMS "NewsId" SQL Injection Vulnerability
http://secunia.com/advisories/38054/
Red Hat update for PyXML
http://secunia.com/advisories/38050/
Linear eMerge Management Component Security Bypass
http://secunia.com/advisories/38048/
Dating Agent PRO Multiple Vulnerabilities
http://secunia.com/advisories/38047/
Mini-NUKE Information Disclosure Security Issue
http://secunia.com/advisories/38035/
MRWhois "type" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38019/
Bandwidth Meter Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/38012/
AL-Athkat "link" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/38010/
Left 4 Dead Stats "steamid" SQL Injection Vulnerability
http://secunia.com/advisories/38008/
Joomla! TPJobs Component "id_c[]" SQL Injection Vulnerability
http://secunia.com/advisories/38001/
My Book World Edition "lang" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/37930/
Linear eMerge Factory Reset Feature Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Jan/1023397.html
F5 Data Manager Directory Traversal Flaw Discloses Files to Remote Authenticated Administrators
http://securitytracker.com/alerts/2010/Jan/1023396.html
Vulnerability Note VU#750796: Liferay Portal p_p_id parameter vulnerable to persistent cross-site scripting
http://www.kb.cert.org/vuls/id/750796
Report of Java Object Serialization exploit in use in web drive-by attacks
http://isc.sans.org/diary.html?storyid=7879
Kodak EasyShare Wireless Picture Frame RSS Feed is world readable
http://isc.sans.org/diary.html?storyid=7882
Up,Phpaw,05 Remote File Upload and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0033
ASP Cnr Hikaye Scripti "hikaye.mdb" Database Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/0032
ImagoScripts Deviant Art Clone "seid" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0031
LightOpen CMS "cwd" Parameter Remote File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0030
WorldPay Script Shop "id" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0029
XOOPS Remote SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/0028
TYPO3 Diocese of Portsmouth Calendar Unspecified SQL Injection Vulnerability
2010-12-15
http://www.securityfocus.com/bid/37618
MIT Kerberos KDC Cross-Realm Referral NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37486
Multiple Vendor SizerOne ActiveX Control 'AddTab' Method Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33148
Joomla! Joaktree Component 'treeId' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37178
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
Microsoft Internet Explorer (CVE-2009-3671) Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37188
BLOG:CMS Comment Editing HTML Injection Vulnerability
http://www.securityfocus.com/bid/37587
httpdx Space Character Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/37586
Joomla! BF Survey Pro 'catid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/37585
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
RETIRED: w-Agora 'rss.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/37610
Symantec Veritas VRTSweb Incoming Data Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37012
SAPlpd and SAPSprint Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/27613
Linux Kernel Ext4 'move extents' ioctl Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37277
BF Survey Pro Joomla! Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/37584
LXR Cross Referencer Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/37612
Magento Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/37611
BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37520
Kayako eSupport 's_query' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/37563
Novell NetWare CIFS and AFP Handling Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/37616
Liferay Portal 'p_p_id' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/37615
Dating Agent PRO SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/37614
LineWeb 1.0.5 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/37613
Skype Technologies Skype for Linux GUI HTML Injection Vulnerability
http://www.securityfocus.com/bid/37603
Skype Technologies Skype for Linux SED Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37599
0 件のコメント:
コメントを投稿