:: IT Security Neophyte Investigator's MEMO ::: 14日水曜日、先負

2010年4月14日水曜日

14日水曜日、先負

MySQL 5.1.47 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html

US-CERT Technical Cyber Security Alert TA10-103C -- Adobe Reader and Acrobat Vulnera
http://www.derkeiler.com/Mailing-Lists/Cert/2010-04/msg00002.html

US-CERT Technical Cyber Security Alert TA10-103B -- Oracle Updates for Multiple Vuln
http://www.derkeiler.com/Mailing-Lists/Cert/2010-04/msg00001.html

US-CERT Technical Cyber Security Alert TA10-103A -- Microsoft Updates for Multiple V
http://www.derkeiler.com/Mailing-Lists/Cert/2010-04/msg00000.html

Facebook、安全性に関する情報センター「Safety Center」をリニューアル
http://itpro.nikkeibp.co.jp/article/NEWS/20100414/347011/?ST=security

JVNTA10-103C Adobe Reader および Acrobat における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA10-103C/index.html

JVNTA10-103B Oracle 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA10-103B/index.html

JVNTA10-103A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA10-103A/index.html

Oracle has released 47 critical patches (Includes SUN patches)
http://isc.sans.org/diary.html?storyid=8632

Adobe Reader / Acrobat Multiple Vulnerabilities
http://secunia.com/advisories/39272/

Solaris Trusted Extensions Lets Local Users Gain Full Control of the Target System
http://www.securitytracker.com/id?1023880

Sun Java System Communications Express Address Book Access Control Flaw Lets Remote Users View Files on the Target System
http://www.securitytracker.com/id?1023879

Solaris Kernel Flaw Lets Local Users View Files
http://www.securitytracker.com/id?1023878

Sun Convergence Address Book and Mail Filter Access Control Flaw Lets Remote Users View Files on the Target System
http://www.securitytracker.com/id?1023877

Sun Java System Directory Server Bugs Let Remote Users Deny Service and Execute Arbitrary Code
http://www.securitytracker.com/id?1023876

Solaris IP Filter Lets Local Users Deny Service and Modify Data
http://www.securitytracker.com/id?1023875

Solaris sendfile Deadlock Error Lets Local Users Deny Service
http://www.securitytracker.com/id?1023874

Sun Cluster Discloses Passwords to Local Users
http://www.securitytracker.com/id?1023873

Oracle Industry Applications Multiple Flaws Let Remote Users Partially Modify Data
http://www.securitytracker.com/id?1023872

Oracle Collaboration Suite UI Components Let Remote Users Partially Modify Data
http://www.securitytracker.com/id?1023871

Oracle Internet Directory Unspecified Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id?1023870

Oracle Portal Flaws Let Remote Users Deny Service and Modify Data
http://www.securitytracker.com/id?1023869

Solaris Flaw in /dev/ucode Driver Lets Local Users Deny Service
http://www.securitytracker.com/id?1023868

Oracle PeopleSoft PeopleTools Bugs Let Remote Users Partially Access and Modify Data
http://www.securitytracker.com/id?1023867

Sun Java System Access Manager Input Validation Holes Permit Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1023865

Sun Convergence Input Validation Hole in Mail Folder Names Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1023864

Sun Management Center (SunMC) Zone Log Validation Flaw Lets Remote Users Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id?1023863

libnss-db Lets Local Users Access Portions of Local Files
http://www.securitytracker.com/id?1023862

Sun Ray Memory Corruption Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id?1023861

Oracle E-Business Suite Bugs Let Remote Users Access and Modify Data
http://www.securitytracker.com/id?1023859

+ マイクロソフトセキュリティ情報 2010 年 4 月のセキュリティ情報
http://www.microsoft.com/japan/technet/security/bulletin/ms10-apr.mspx

+ MS10-019 Windows の脆弱性により、リモートでコードが実行される (981210)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-019.mspx

+ MS10-020 SMB クライアントの脆弱性により、リモートでコードが実行される (980232)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-020.mspx

+ MS10-025 Microsoft Windows Media Services の脆弱性により、リモートでコードが実行される (980858)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-025.mspx

+ MS10-026 MPEG Layer-3 コーデックの脆弱性により、リモートでコードが実行される (977816)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-026.mspx

+ MS10-027 Windows Media Player の脆弱性により、リモートでコードが実行される (979402)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-027.mspx

+ MS10-021 Windows カーネルの脆弱性により、特権が昇格される (979683)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-021.mspx

+ MS10-022 VBScript スクリプトエンジンの脆弱性により、リモートでコードが実行される (981169)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-022.mspx

+ MS10-023 Microsoft Office Publisher の脆弱性により、リモートでコードが実行される (981160)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-023.mspx

+ MS10-024 Microsoft Exchange および Windows SMTP サービスの脆弱性により、サービス拒否が起こる (981832)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-024.mspx

+ MS10-029 Windows ISATAP コンポーネントの脆弱性により、なりすましが行われる (978338)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-029.mspx

+ Microsoft Security Advisory (981169): Vulnerability in VBScript Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/981169.mspx

+ A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol(NTP) Service
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275590-1

+- This Alert Covers CVE-2010-0453 for the /dev/ucode Component of the Solaris and OpenSolaris Products.
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275910-1
http://www.securityfocus.com/bid/38016

+ This Alert covers CVE-2010-0882 for the Trusted Extensions component of the Solaris and OpenSolaris products.
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263689-1

+ This Alert covers CVE-2010-0890 for the kernel component of the Solaris and OpenSolaris products.
http://sunsolve.sun.com/search/document.do?assetkey=1-66-242386-1

+ HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02079216

+ ActivePerl 5.12.0.1200 released
http://www.activestate.com/activeperl/downloads/

+ Perl 5.12.0 is now available
http://use.perl.org/article.pl?sid=10/04/13/1953252

+ Sudo version 1.7.2p6 was released
http://www.sudo.ws/sudo/news.html
http://www.sudo.ws/sudo/stable.html

+ Additional privilege escalation bug with sudoedit
http://www.sudo.ws/sudo/alerts/sudoedit_escalate2.html

+ Oracle Critical Patch Update Advisory - April 2010
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html

++ RHSA-2010:0347-1: Moderate: nss_db security update
http://rhn.redhat.com/errata/RHSA-2010-0347.html

- MS10-028 Microsoft Visio の脆弱性により、リモートでコードが実行される (980094)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-028.mspx

MySQL 5.5.4 released
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-4.html

Apache Cassandra Release 0.6 released
https://blogs.apache.org/foundation/entry/the_apache_software_foundation_announces3

Microsoft : Vulnerabilities in Windows Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32290

Microsoft : Vulnerabilities in SMB Client Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32291

Microsoft : Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32293

Microsoft : Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32294

Microsoft : Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32295

Microsoft : Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32296

Microsoft : Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32297

Microsoft : Vulnerability in Windows Media Player Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32298

Microsoft : Vulnerability in Windows ISATAP Component Could Allow Spoofing
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32299

Microsoft : Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32300

Midicart : Vulnerability in Microsoft Windows Media Services Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32292

SektionEins GmbH : MyBB Password Reset Weak Random Numbers Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32287

Acros Security : Local Binary Planting in VMware Tools for Windows
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32283

Acros Security : Remote Binary Planting in VMware Tools for Windows
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32284

AmnPardaz Security Research Team : AneCMS Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32289

MustLive : Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32285

VUPEN Security : VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32288

[security bulletin] HPSBPI02398 SSRT080166 rev.5 - Certain HP LaserJet Printers, HP Color LaserJ
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00100.html

ACROS Security: Local Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-2)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00101.html

「アダルトサイトを表示して焦らせる」――新たな偽ソフト出現
偽のセキュリティ警告も表示、「ウイルス駆除したければ購入を」
http://itpro.nikkeibp.co.jp/article/NEWS/20100414/347033/?ST=security

Web App Testing Tools
http://isc.sans.org/diary.html?storyid=8617

More Legal Threat Malware E-Mail
http://isc.sans.org/diary.html?storyid=8620

Apache.org Bugtracker Breach
http://isc.sans.org/diary.html?storyid=8623

Microsoft April 2010 Patch Tuesday
http://isc.sans.org/diary.html?storyid=8626

Security update available for Adobe Reader and Acrobat
http://isc.sans.org/diary.html?storyid=8629

libnss-db Lets Local Users Access Portions of Local Files
http://securitytracker.com/alerts/2010/Apr/1023862.html

Oracle Database Flaws Let Remote Authenticated Users Take Full Control of the Database
http://securitytracker.com/alerts/2010/Apr/1023858.html

Windows IPv6 Stack ISATAP Tunnel Validation Flaw Lets Remote Users Spoof IPv4 Addresses
http://securitytracker.com/alerts/2010/Apr/1023857.html

Microsoft Visio Index Calculation and Attribute Validation Flaws Let Remote Users Execute Code
http://securitytracker.com/alerts/2010/Apr/1023856.html

Microsoft Exchange May Disclose Message Fragments to Remote Users
http://securitytracker.com/alerts/2010/Apr/1023855.html

Microsoft Exchange Error in Parsing MX Records Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Apr/1023854.html

Microsoft Office Publisher TextBox Processing Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023853.html

Adobe Reader Multiple Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023852.html

Windows Media Services Stack Overflow in Processing Transport Information Packets Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023851.html

Windows Kernel Flaws Let Local Users Gain Elevated Privileges and Deny Service
http://securitytracker.com/alerts/2010/Apr/1023850.html

Windows Media Player ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023849.html

Microsoft MPEG Layer-3 Codecs Stack Overflow Lets Remote Users Execute Arbitary Code
http://securitytracker.com/alerts/2010/Apr/1023848.html

Windows Server Message Block Client Message Processing Bugs Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023847.html

Windows Authenticode Signature Verification Flaws Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023846.html

Microsoft Windows Kernel Denial of Service Vulnerabilities
http://secunia.com/advisories/39374/

Microsoft Windows Kernel Privilege Escalation and Denial of Service Vulnerabilities
http://secunia.com/advisories/39373/

Microsoft Windows SMB Client Multiple Vulnerabilities
http://secunia.com/advisories/39372/

Microsoft Exchange / Windows SMTP Service Two Vulnerabilities
http://secunia.com/advisories/39376/

Microsoft Exchange Server 2000 Information Disclosure Vulnerability
http://secunia.com/advisories/39253/

Microsoft Windows Media Services Buffer Overflow Vulnerability
http://secunia.com/advisories/39377/

Microsoft Windows Authentication Verification Two Vulnerabilities
http://secunia.com/advisories/39371/

Microsoft Office Publisher File Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/39375/

Microsoft Windows ISATAP Component IP Address Spoofing Vulnerability
http://secunia.com/advisories/39382/

Microsoft Windows MPEG Layer-3 Codecs Buffer Overflow
http://secunia.com/advisories/39379/

Microsoft Office Visio Two Memory Corruption Vulnerabilities
http://secunia.com/advisories/39381/

Windows Media Player Hosted Media Content Handling Vulnerability
http://secunia.com/advisories/39380/

Atlassian JIRA Two Vulnerabilities
http://secunia.com/advisories/39353/

openUrgence Vaccin File Inclusion Vulnerabilities
http://secunia.com/advisories/39400/

Joomla JoomMail Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39417/

Joomla Digital Diary Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39416/

Joomla My Files Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39415/

Joomla Online Exam Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39414/

Joomla Arcade Games Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39413/

Joomla! Jvehicles Component "aid" SQL Injection Vulnerability
http://secunia.com/advisories/39401/

Joomla! World Rates Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39392/

Joomla! SermonSpeaker Component "id" SQL Injection Vulnerabilities
http://secunia.com/advisories/39385/

Joomla Easy Ad Banner Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39410/

Joomla CV Maker Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39411/

Joomla AddressBook Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39412/

MyBB Multiple Vulnerabilities
http://secunia.com/advisories/39378/

Joomla Online Market Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39409/

Joomla Memory Book Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39408/

Joomla Online Flash Games Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39407/

Joomla Daily Horoscope Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39406/

Joomla Web TV Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39405/

Joomla! Sweety Keeper Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39388/

Joomla Preventive & Reservation Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39285/

Joomla Jproject Manager Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39282/

Joomla Jfeedback Component "controller" File Inclusion Vulnerability
http://secunia.com/advisories/39262/

MagnetoSoft SNTP ActiveX SntpGetReply BOF
http://www.exploit-db.com/exploits/12203

MagnetoSoft ICMP ActiveX AddDestinationEntry BOF
http://www.exploit-db.com/exploits/12202

Adobe Acrobat and Reader Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0873

Microsoft Windows ISATAP IPv6 Address Spoofing Vulnerability (MS10-029)
http://www.vupen.com/english/advisories/2010/0872

Microsoft Office Visio Memory Corruption Vulnerabilities (MS10-028)
http://www.vupen.com/english/advisories/2010/0871

Microsoft Windows Media Player Code Execution Vulnerability (MS10-027)
http://www.vupen.com/english/advisories/2010/0870

Microsoft Windows MPEG Layer-3 Codecs Overflow Vulnerability (MS10-026)
http://www.vupen.com/english/advisories/2010/0869

Microsoft Windows Media Services Buffer Overflow Vulnerability (MS10-025)
http://www.vupen.com/english/advisories/2010/0868

Microsoft Exchange and Windows SMTP Service Vulnerabilities (MS10-024)
http://www.vupen.com/english/advisories/2010/0867

Microsoft Office Publisher TextBox Buffer Overflow Vulnerability (MS10-022)
http://www.vupen.com/english/advisories/2010/0866

Microsoft Windows Kernel Privilege Escalation Vulnerabilities (MS10-021)
http://www.vupen.com/english/advisories/2010/0865

Microsoft Windows SMB Client Multiple Vulnerabilities (MS10-020)
http://www.vupen.com/english/advisories/2010/0864

Microsoft Windows Signature Verification Bypass Vulnerabilities (MS10-019)
http://www.vupen.com/english/advisories/2010/0863

AddressBook for Joomla "controller" Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0862

FlashGames for Joomla "controller" Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0861

Arcade Games for Joomla "controller" Local File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0860

Horoscope Component for Joomla "controller" File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0859

Web TV Component for Joomla "controller" File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/0858

jdrugstopics Component for Joomla "id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/0857

Irssi SSL Hostname Validation and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0856

F-Secure Products Archive Handling Detection Evasion Vulnerability
http://www.vupen.com/english/advisories/2010/0855

Cyrus SASL 'sasl_encode64()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34961

Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35891

Sun Solaris 'CODE_GET_VERSION IOCTL' Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38016

Oracle E-Business Suite CVE-2010-0868 Oracle iStore Remote Vulnerability
http://www.securityfocus.com/bid/39423

Oracle WebLogic Server Node Manager 'beasvc.exe' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/37926

Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
http://www.securityfocus.com/bid/39308

RETIRED: Microsoft April 2010 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/39313

Microsoft Windows Media Player ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39351

Adobe Acrobat and Reader April 2010 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/39329

Microsoft Publisher File Conversion Textbox Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39347

Microsoft VBScript 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38463

Microsoft Windows SMB Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36989

Microsoft Internet Explorer HTML Rendering Uninitialized Memory Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39024

Microsoft Internet Explorer CTimeAction Object Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39030

VMware Player and Workstation 'vmware-authd' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36630

NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37255

HP Multiple LaserJet Printers Unspecified Directory Traversal Vulnerability
http://www.securityfocus.com/bid/33611

VMware Hosted Products VMware Tools Library Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39392

MyBB 'set_common_header()' Email BCC Header Injection Vulnerability
http://www.securityfocus.com/bid/39400

RETIRED: VMware Hosted Products VMSA-2010-0007 Multiple Remote and Local Vulnerabilities
http://www.securityfocus.com/bid/39345

Agile Technologies Components for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39398

PHP 'str_transliterate()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39185

VMware Hosted Products 'vmware-vmx' Virtual Network Stack Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39395

Oracle JRE Java Platform SE and Java Deployment Toolkit Plugins Code Execution Vulnerabilities
http://www.securityfocus.com/bid/39346

VMware Hosted Products VMware Tools Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39394

Oracle Cluster CVE-2010-0884 Unspecified Local Vulnerability
http://www.securityfocus.com/bid/39464

Oracle Sun Management Center CVE-2010-0891 Remote Vulnerability
http://www.securityfocus.com/bid/39462

Oracle Sun Java System Communications Express CVE-2010-0885 Remote Address Book Vulnerability
http://www.securityfocus.com/bid/39461

Oracle Cluster CVE-2010-0883 Unspecified Local Vulnerability
http://www.securityfocus.com/bid/39460

Oracle Sun Convergence CVE-2010-0896 Remote Address Book/Mail Filter Vulnerability
http://www.securityfocus.com/bid/39458

Oracle Java System Access Manager CVE-2010-0894 Remote Vulnerability
http://www.securityfocus.com/bid/39457

Oracle OpenSolaris CVE-2010-0889 Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39456

Oracle Solaris CVE-2010-0895 Unspecified Local Vulnerability
http://www.securityfocus.com/bid/39455

Oracle Industry Product Suite CVE-2010-0863 Oracle Retail Plan In-Season Vulnerability
http://www.securityfocus.com/bid/39454

Oracle Sun Java System Directory Server CVE-2010-0897 Remote Vulnerability
http://www.securityfocus.com/bid/39453

Oracle E-Business Suite CVE-2010-0859 Remote Oracle Application Object Library Vulnerability
http://www.securityfocus.com/bid/39452

Oracle Industry Applications CVE-2010-0875 Remote Thesaurus Management System Vulnerability
http://www.securityfocus.com/bid/39451

Oracle Communications Industry Suite CVE-2010-0874 Remote Vulnerability
http://www.securityfocus.com/bid/39450

Oracle Industry Products Suite CVE-2010-0864 Remote Retail Place In-Season Vulnerability
http://www.securityfocus.com/bid/39448

Oracle Collaboration Suite CVE-2010-0881 Remote User Interface Components Vulnerability
http://www.securityfocus.com/bid/39447

Oracle Convergence CVE-2010-0893 Unspecified Remote Vulnerability
http://www.securityfocus.com/bid/39446

Oracle Life Sciences Industry Suite CVE-2010-0876 Remote Vulnerability
http://www.securityfocus.com/bid/39445

Oracle Industry Product Suite CVE-2010-0862 Remote Vulnerability
http://www.securityfocus.com/bid/39444

Oracle Fusion Middleware CVE-2010-0872 Remote Oracle Internet Directory Vulnerability
http://www.securityfocus.com/bid/39443

Oracle Fusion Middleware CVE-2010-0856 Remote Portal Vulnerability
http://www.securityfocus.com/bid/39442

PeopleSoft Enterprise and JD Edwards EnterpriseOne CVE-2010-0879 Remote PeopleTools Vulnerabity
http://www.securityfocus.com/bid/39441

Oracle Solaris CVE-2010-0882 Local Trusted Extensions Vulnerability
http://www.securityfocus.com/bid/39440

Oracle Database CVE-2010-0860 Remote Core RDBMS Vulnerability
http://www.securityfocus.com/bid/39439

Oracle Transportation Manager CVE-2010-0869 Oracle Transportation Management Remote Vulnerability
http://www.securityfocus.com/bid/39438

Oracle Fusion Middleware CVE-2010-0855 Remote Portal Vulnerability
http://www.securityfocus.com/bid/39437

Oracle E-Business Suite CVE-2010-0858 Remote E-Business Intelligence Vulnerability
http://www.securityfocus.com/bid/39436

Oracle E-Business Suite CVE-2010-0871 Oracle Application Object Library Remote Vulnerability
http://www.securityfocus.com/bid/39435

Oracle Database CVE-2010-0851 Remote XML DB Vulnerability
http://www.securityfocus.com/bid/39434

Oracle Fusion Middleware CVE-2010-0086 Remote Portal Vulnerability
http://www.securityfocus.com/bid/39433

Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne CVE-2010-0878 PeopleTools Vulnerability
http://www.securityfocus.com/bid/39432

Oracle E-Business Suite CVE-2010-0857 Remote Oracle Workflow Cartridge Vulnerability
http://www.securityfocus.com/bid/39431

Oracle E-Business Suite CVE-2010-0865 Oracle Agile Engineering Data Management Remote Vulnerability
http://www.securityfocus.com/bid/39430

Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne CVE-2010-0877 PeopleTools Vulnerability
http://www.securityfocus.com/bid/39429

Oracle Database CVE-2010-0854 Remote Audit Vulnerability
http://www.securityfocus.com/bid/39428

Oracle Database CVE-2010-0867 Remote JavaVM Vulnerability
http://www.securityfocus.com/bid/39427

Oracle E-Business Suite CVE-2010-0861 Oracle HRMS (Self Service) Remote Vulnerability
http://www.securityfocus.com/bid/39426

Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne CVE-2010-0880 PeopleTools Vulnerability
http://www.securityfocus.com/bid/39425

Oracle Database CVE-2010-0866 Remote JavaVM Vulnerability
http://www.securityfocus.com/bid/39424

Oracle Database CVE-2010-0870 Remote Change Data Capture Vulnerability
http://www.securityfocus.com/bid/39422

Oracle Database CVE-2010-0852 Remote XML DB Vulnerability
http://www.securityfocus.com/bid/39421

Oracle Sun Ray Server Software CVE-2010-0888 Remote Device Services Vulnerability
http://www.securityfocus.com/bid/39420

Oracle Fusion Middleware CVE-2010-0853 Oracle Internet Directory Remote Vulnerability
http://www.securityfocus.com/bid/39418

Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39417

Vana CMS 'filename' Parameter Remote File Download Vulnerability
http://www.securityfocus.com/bid/39415

openMairie openMaincourante Local and Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/39413

openUrgence Vaccin Multiple Local and Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/39412

MyBB Insecure Random Password Generation Vulnerability
http://www.securityfocus.com/bid/39404

MyBB Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/39402

Microsoft Windows SMTP Server Memory Allocation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39381

Microsoft Windows ISATAP Component IPv6 Address Spoofing Vulnerability
http://www.securityfocus.com/bid/39352

Microsoft Windows SMB Client Message Size Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39340

Microsoft Windows SMB Client Transaction Response Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39339

Microsoft Windows SMB Client Response Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39336

Microsoft Windows Cabinet File Viewer Cabview Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39332

Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39328

Microsoft Windows Kernel Symbolic Link Creation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39324

Microsoft Windows Kernel Registry Key Symbolic Link Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39323

Microsoft Windows Kernel Exception Handling Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39322

Microsoft Windows Kernel Image File Relocation Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39320

Microsoft Windows Kernel Virtual Path Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39319

Microsoft Windows Kernel Invalid Registry Key Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39318

Microsoft Windows SMB Client Memory Allocation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39312

Microsoft Windows Kernel Symbolic Link Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39309

Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39303

Microsoft Visio Index Calculation Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39302

Microsoft Visio Attribute Validation Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39300

Microsoft Windows Kernel NULL Pointer Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39297

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)