[JS10001] 一太郎の脆弱性を悪用した不正なプログラムの実行危険性について
http://www.justsystems.com/jp/info/js10001.html
Thunderbird 2.0.0.24 security update available for download
http://developer.mozilla.org/devnews/index.php/2010/04/09/thunderbird-2-0-0-24-security-update-available-for-download/
XMAP3におけるWebブラウザが異常終了する問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-004/index.html
税申告シーズンのフィッシング攻撃、還付金振り込みを装う手口が増加
http://itpro.nikkeibp.co.jp/article/Research/20100412/346941/?ST=security
JVN#98467259 一太郎シリーズにおける任意のコードが実行される脆弱性
http://jvn.jp/jp/JVN98467259/index.html
JVNDB-2010-000015 一太郎シリーズにおける任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.html
JVNDB-2010-001237 HP HP-UX におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001237.html
JVNDB-2010-001236 IntelliCom NetBiter Config HICP におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001236.html
JVNDB-2010-001235 PHP の セッション拡張子における open_basedir または safe_mode 制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001235.html
JVNDB-2010-001234 PHP の safe_mode 実装におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001234.html
JVNDB-2010-001233 PHP の Linear Congruential Generator における値を推測される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001233.html
Debian update for libpng
http://secunia.com/advisories/39251/
+ Zimbra Collaboration Suite 6.0.6, 5.0.23 released
http://www.zimbra.com/downloads/os-downloads.html
http://files2.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.6.pdf
http://files2.zimbra.com/website/docs/archives/5.0/Zimbra%20OS%20Release%20Notes%205.0.23.pdf
+ NTP 4.2.6p1 released
http://support.ntp.org/bin/view/Main/SoftwareDownloads
http://archive.ntp.org/ntp4/ChangeLog-stable
+ SA39316: Linux Kernel ReiserFS ".reiserfs_priv" Security Bypass
http://secunia.com/advisories/39316/
http://www.securityfocus.com/bid/39344
- Sun JRE Java Deployment Toolkit Lets Remote Users Inject Arbitrary Commands
http://securitytracker.com/alerts/2010/Apr/1023840.html
RHBA-2009:1605-4: tcpdump bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1605.html
RHBA-2009:1629-4: OpenIPMI bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1629.html
RHBA-2009:1653-4: xorg-x11-xdm bug fix update
http://rhn.redhat.com/errata/RHBA-2009-1653.html
RHBA-2010:0074-1: strace bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0074.html
RHBA-2010:0346-1: glibc bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0346.html
RHBA-2010:0345-1: shadow-utils bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0345.html
Independent Researcher : Java Deployment Toolkit Performs Insufficient Validation of Parameters
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32263
MustLive : Vulnerabilities in phpCOIN
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32266
Secunia : Pulse CMS Arbitrary File Upload Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32264
Secunia : Pulse CMS Cross-Site Request Forgery
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32265
Ubuntu Security Notice : Erlang vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32260
VMware : VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32262
Adobe Readerで「自動更新」が利用可能に、パッチを自動的に適用
Acrobatも対応、ただし初期設定では「ダウンロードのみ」
http://itpro.nikkeibp.co.jp/article/NEWS/20100412/346931/?ST=security
ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00078.html
JAVA web start arbitrary command-line injection - "-XXaltjvm" arbitrary dll loading (0da
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00080.html
Secunia Research: VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00083.html
Secunia Research: VMWare VMnc Codec HexTile Encoding Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00084.html
Vulnerabilities in phpCOIN
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00081.html
VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple secur
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00076.html
Secunia Research: Pulse CMS Cross-Site Request Forgery
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00074.html
Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00073.html
[USN-624-2] Erlang vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00077.html
WinSoftMagic Photo Editor .PNG File Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00079.html
[USN-926-1] ClamAV vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00075.html
JVNDB-2010-001232 Zope におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001232.html
JVNDB-2010-001231 HP HP-UX の NFS/ONCplus にあるインストールプロセスにおけるファイルシステムのアクセス権を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001231.html
JVNDB-2010-001230 GnuTLS の gnutls_x509_crt_get_serial 関数におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001230.html
JVNDB-2010-001229 OpenSSL における複数の関数に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001229.html
JVNDB-2010-001228 OpenSSL の kssl_keytab_is_available 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001228.html
JVNDB-2010-001227 OpenSSL の ssl3_get_record 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001227.html
PUBLIC ADVISORY: 04.09.10 VMware VMnc Codec Heap Overflow Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=866
Network and process forensics toolset
http://isc.sans.org/diary.html?storyid=8611
New bug/exploit for javaws
http://isc.sans.org/diary.html?storyid=8608
Outage Update - isc.sans.org
http://isc.sans.org/diary.html?storyid=8605
Sun JRE Java Deployment Toolkit Lets Remote Users Inject Arbitrary Commands
http://securitytracker.com/alerts/2010/Apr/1023840.html
memcached try_read_command() Function Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Apr/1023839.html
VMware Heap Overflows in VMnc Codec Let Remote Users Cause Arbitrary Code to Be Executed
http://securitytracker.com/alerts/2010/Apr/1023838.html
VMware Remote Console Format String Flaw Lets Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023837.html
VMware Networking Stack Memory Leak Lets Local Users Obtain Potentially Sensitive Information
http://securitytracker.com/alerts/2010/Apr/1023836.html
VMware vmrun Command Format String Flaw Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Apr/1023835.html
VMware Workstation and Player USB Service Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Apr/1023834.html
VMware ESX Server VMware Tools Executable/Library Loading/Unloading Flaws Let Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023833.html
VMware Tools Executable/Library Loading/Unloading Flaws Let Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023832.html
TYPO3 Unspecified Command Execution Vulnerability
http://secunia.com/advisories/39287/
VMware Server Multiple Vulnerabilities
http://secunia.com/advisories/39215/
VMware Products Multiple Vulnerabilities
http://secunia.com/advisories/39206/
VMware Fusion 3 Virtual Networking Information Disclosure
http://secunia.com/advisories/39203/
VMware VIX API "vmrun" Format String Vulnerability
http://secunia.com/advisories/39201/
VMware Products VMware Tools Two Vulnerabilities
http://secunia.com/advisories/39198/
VMware Remote Console Plugin Format String Vulnerability
http://secunia.com/advisories/39110/
VMware Workstation Movie Decoder VMnc Multiple Vulnerabilities
http://secunia.com/advisories/36712/
Fujitsu IntelligentSearch Information Disclosure Vulnerability
http://secunia.com/advisories/39366/
Accela / eAccela BizSearch Information Disclosure Vulnerability
http://secunia.com/advisories/39283/
Tiny Java Web Server (TJWS) Multiple Vulnerabilities
http://secunia.com/advisories/39274/
Linux Kernel ReiserFS ".reiserfs_priv" Security Bypass
http://secunia.com/advisories/39316/
memcached Packet Processing Memory Consumption Weakness
http://secunia.com/advisories/39306/
Joomla JA Voice Component "view" File Inclusion Vulnerability
http://secunia.com/advisories/39202/
Ubuntu update for erlang
http://secunia.com/advisories/39300/
Ubuntu update for clamav
http://secunia.com/advisories/39293/
Ubuntu update for moin
http://secunia.com/advisories/39284/
Fedora update for moin
http://secunia.com/advisories/39267/
Fedora update for alienarena
http://secunia.com/advisories/39266/
Fedora update for spamass-milter
http://secunia.com/advisories/39265/
Fedora update for krb5
http://secunia.com/advisories/39264/
Fedora update for java-1.6.0-openjdk
http://secunia.com/advisories/39263/
Edimax AR-7084gA Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39326/
IE/Opera source code viewer Null Character Handling
http://www.exploit-db.com/exploits/12156
Trellian FTP Client PASV BOF exploit
http://www.exploit-db.com/exploits/12152
Fedora Security Update Fixes spamass-milter Code Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0837
Fedora Security Update Fixes AlienArena Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/0836
Fedora Security Update Fixes Java OpenJDK Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0835
Fedora Security Update Fixes Moin Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0834
Ubuntu Security Update Fixes Erlang PCRE Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0833
Ubuntu Security Update Fixes ClamAV Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/0832
Ubuntu Security Update Fixes MoinMoin Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/0831
udisks 'probers/udisks-dm-export.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39265
IBM Systems Director Agent Insecure File Permissions Vulnerabilities
http://www.securityfocus.com/bid/39305
Drupal Internationalization Module Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/39304
Alien Arena 'M_AddToServerList()' UDP Packet Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/36782
Apple QuickTime CoreMedia H.263 Encoded '.3g2' Movie Files Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39167
FacilCMS Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/29692
MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
http://www.securityfocus.com/bid/37749
MIT Kerberos kadmind 'server_stubs.c' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39247
PCRE Regular Expression Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30087
Oracle Java SE and Java for Business CVE-2010-0091 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39096
ViewVC Regular Expression Search Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/39053
Oracle Java SE and Java for Business CVE-2010-0085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39094
Oracle Java SE and Java for Business CVE-2010-0084 Remote Vulnerability
http://www.securityfocus.com/bid/39093
Oracle Java SE and Java for Business CVE-2010-0092 Remote Vulnerability
http://www.securityfocus.com/bid/39090
Oracle Java SE and Java for Business CVE-2010-0845 Remote HotSpot Server Vulnerability
http://www.securityfocus.com/bid/39089
Oracle Java SE and Java for Business CVE-2010-0093 Remote Vulnerability
http://www.securityfocus.com/bid/39088
Oracle Java SE and Java for Business CVE-2010-0095 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39086
Oracle Java SE and Java for Business CVE-2010-0082 HotSpot Server Remote Vulnerability
http://www.securityfocus.com/bid/39085
Oracle Java SE and Java for Business CVE-2010-0088 Remote Java Runtime Environme Vulnerability
http://www.securityfocus.com/bid/39081
Oracle Java SE and Java for Business CVE-2010-0848 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39078
CUPS 'lppasswd' Tool Localized Message String Security Weakness
http://www.securityfocus.com/bid/38524
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39075
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Oracle Java SE and Java for Business CVE-2010-0837 Remote Vulnerability
http://www.securityfocus.com/bid/39072
Oracle Java SE and Java for Business CVE-2010-0847 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39071
Oracle Java SE and Java for Business 'readMabCurveData()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39069
Oracle Java SE and Java for Business ImageIO 'JPEGImageReader' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39067
Oracle Java SE and Java for Business JRE Trusted Method Chaining Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39065
Linux Kernel PI Futex Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38165
ID Software Quake II Server Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/11551
Libpng 1-bit Interlaced Images Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35233
GNU libnss_db Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39132
Drupal Views Module Cross Site Scripting and PHP Code Injection Vulnerabilities
http://www.securityfocus.com/bid/39301
Mozilla Firefox Cross Document DOM Node Movement Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38952
OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39013
OpenSSL 'zlib' Compression Memory Leak Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/31692
OpenSSL 'dtls1_retrieve_buffered_fragment()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38533
OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/38562
SpamAssassin Milter Plugin 'mlfi_envrcpt()' Remote Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/38578
MoinMoin 'Despam' Action HTML Injection Vulnerability
http://www.securityfocus.com/bid/39110
Microsoft Internet Explorer 'Tabular Data Control' ActiveX Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39025
PC Chess Joomla! Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39367
Huru Helpdesk Joomla! Component 'cid[0]' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39366
Uiga Proxy 'template.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/39365
VMware Hosted Products Integer Truncation Multiple Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/39364
VMware Hosted Products HexTile Encoded Video Chunk Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39363
MassMirror Uploader 'MM_ROOT_DIRECTORY' Parameter Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/39362
'am-utils' Package 'amqsvc_is_client_allowed()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/39357
TYPO3 'autoloader' Remote File Include Vulnerability
http://www.securityfocus.com/bid/39355
Fujitsu Accela BizSearch Unspecified Search Result Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39350
Edimax AR-7084gA Wireless ADSL Router Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/39349
givesight PowerMail Pro Component for Joomla! Local File Include Vulnerability
http://www.securityfocus.com/bid/39348
Oracle JRE Java Platform SE and Java Deployment Toolkit Plugins Code Execution Vulnerabilities
http://www.securityfocus.com/bid/39346
VMware Hosted Products VMSA-2010-0007 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/39345
Linux Kernel ReiserFS Security Bypass Vulnerability
http://www.securityfocus.com/bid/39344
0 件のコメント:
コメントを投稿