+ J2SE JDK/JRE 1.6.0_20 released
http://java.sun.com/javase/6/webnotes/6u20.html
InterScan for Domino 3.0 AIX/Linux/Solaris版 Critical Patch 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1395
プレス発表 「国内外の自動車の情報セキュリティ動向と意識向上策に関する調査報告書」の公開
http://www.ipa.go.jp/about/press/20100415.html
JVNTA10-103A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA10-103A/index.html
JVNTA10-103B Oracle 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA10-103B/index.html
JVNTA10-103C Adobe Reader および Acrobat における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA10-103C/index.html
Apple Mac OS X Apple Type Services Indexing Vulnerability
http://secunia.com/advisories/39426/
Mac OS X Apple Type Services Font Processing Index Validation Error Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023885.html
Oracle JRE Java Platform SE and Java Deployment Toolkit Plugins Code Execution Vulnerabilities
http://www.securityfocus.com/bid/39346
Adobe Flash Player and AIR (CVE-2010-0187) Unspecified Denial of Service Vulnerability
http://www.securityfocus.com/bid/38200
Multiple Adobe Products Unspecified Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/38198
PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37333
Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39303
PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37334
Microsoft Windows ISATAP Component IPv6 Address Spoofing Vulnerability
http://www.securityfocus.com/bid/39352
Apache 'mod_proxy_ajp' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/34663
Apache 'mod_proxy' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35565
Pidgin Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38294
Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
http://www.securityfocus.com/bid/39308
Microsoft Windows SMTP Server Memory Allocation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39381
Apache HTTP Server Solaris Event Port Pollset Support Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36596
RETIRED: Oracle April 2010 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/39333
LibThai Unspecified Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37822
PhpMesFilms 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/33105
Apple Mac OS X Apple Type Services Embedded Font Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38955
Intel BIOS System Management Mode Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38251
+ cURL 7.20.1 released
http://curl.haxx.se/
http://curl.haxx.se/changes.html
+ RHSA-2010:0348-1: Important: kdebase security update
https://rhn.redhat.com/errata/RHSA-2010-0348.html
++ GCC 4.5.0 Released
http://gcc.gnu.org/gcc-4.5/
http://gcc.gnu.org/gcc-4.5/changes.html
- This Alert covers CVE-2010-0897 for the Sun Java System Directory Server product.
http://sunsolve.sun.com/search/document.do?assetkey=1-66-276210-1
- This Alert covers the Address Book component of the Sun Java System Communications Express product.
http://sunsolve.sun.com/search/document.do?assetkey=1-66-276630-1
- Security update available for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb10-09.html
- Linux Kernel 'proc_oom_score()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39477
About the content of Security Update 2010-003
http://support.apple.com/kb/HT4131
GCC 4.5.0 Status Report ()
http://gcc.gnu.org/ml/gcc/2010-04/msg00321.html
Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100414-csd.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Cisco Secure Desktop ActiveX Control Command Execution Vulnerability
http://www.cisco.com/warp/public/707/cisco-amb-20100414-csd.shtml
Document ID: 349947: The Symantec Product Authentication Service service fails to start if the Symantec Private Branch Exchange service is not started
http://seer.entsupport.symantec.com/docs/349947.htm
Red Hat : Critical: acroread security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32304
Red Hat : Important: kdebase security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32305
Hewlett-Packard : Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorize
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32317
Independent Researcher : Vana CMS Remote File Download
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32316
Mandriva : Security Announce firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32301
Mandriva : Security Announce krb5
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32302
Windowsなどの修正パッチが多数公開、「[F1]キー攻撃」にも対応
セキュリティ情報が11件、そのうち深刻度「緊急」は5件
http://itpro.nikkeibp.co.jp/article/NEWS/20100415/347116/?ST=security
JVNDB-2010-001263 Apple Mac OS X の Mail における脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001263.html
JVNDB-2010-001262 Apple Mac OS X の画像 RAW におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001262.html
JVNDB-2010-001261 Apple Mac OS X の画像 RAW におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001261.html
JVNDB-2010-001260 Apple Mac OS X の ImageIO における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001260.html
JVNDB-2010-001259 Apple Mac OS X の iChat サーバにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001259.html
JVNDB-2010-001258 Apple Mac OS X の iChat サーバにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001258.html
JVNDB-2010-001257 Apple Mac OS X の iChat サーバにおけるメッセージの監査を回避可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001257.html
JVNDB-2006-000996 Jabber Studio jabberd の SASL ネゴシエーションにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000996.html
JVNDB-2010-001256 Apple Mac OS X の FTP サーバにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001256.html
JVNDB-2010-001255 Apple Mac OS X の FreeRADIUS サーバにおけるネットワーク接続を確立される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001255.html
JVNDB-2010-001254 Apple Mac OS X の Event Monitor におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001254.html
JVNDB-2010-001253 Apple Mac OS X の Dovecot におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001253.html
JVNDB-2010-001252 Apple Mac OS X のディレクトリサービスにおける権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001252.html
JVNDB-2010-001251 Apple Mac OS X のディスクイメージにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001251.html
[ MDVSA-2010:072 ] cups
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00120.html
RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00119.html
Secunia Research: Visualization Library DAT File Parsing Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00116.html
Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00121.html
Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00110.html
60cycleCMS (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00122.html
ClamAV 0.94 EOL Reminder
http://isc.sans.org/diary.html?storyid=8635
And let the patching games continue
http://isc.sans.org/diary.html?storyid=8638
KDE Display Manager Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Apr/1023883.html
Cisco Secure Desktop ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023881.html
SUSE update for Multiple Packages
http://secunia.com/advisories/39276/
Sun Java Communications Suite Convergence Component Two Vulnerabilities
http://secunia.com/advisories/39430/
TYPO3 Tip-A-Friend Extension Cross Site Scripting Vulnerability
http://secunia.com/advisories/39425/
TYPO3 Front End User Registration Extension Cross Site Scripting Vulnerability
http://secunia.com/advisories/39424/
openMairie openStock "dsn[phptype]" Local File Inclusion Vulnerability
http://secunia.com/advisories/39403/
openMairie openTel "dsn[phptype]" Local File Inclusion Vulnerability
http://secunia.com/advisories/39398/
openMairie File Inclusion Vulnerabilities
http://secunia.com/advisories/39389/
CMS SiteLogic Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/39286/
Sun Java System Access Manager Two Vulnerabilities
http://secunia.com/advisories/39431/
Sun Management Center Zone Log Script Insertion Vulnerability
http://secunia.com/advisories/39433/
Oracle Retail Products Multiple Online Help Vulnerabilities
http://secunia.com/advisories/39339/
Red Hat update for kdebase
http://secunia.com/advisories/39419/
Red Hat update for acroread
http://secunia.com/advisories/39422/
Oracle Thesaurus Management System TMS Browser Vulnerability
http://secunia.com/advisories/39139/
Oracle Clinical Remote Data Capture Option RDC Onsite Vulnerability
http://secunia.com/advisories/39257/
Oracle Communications Unified Inventory Management Online Help Vulnerability
http://secunia.com/advisories/39443/
Visualization Library DAT Parsing Buffer Overflow Vulnerabilities
http://secunia.com/advisories/38162/
Oracle PeopleSoft and JD Edwards EnterpriseOne Multiple Vulnerabilities
http://secunia.com/advisories/39442/
Sun Cluster Data Service for Oracle E-Business Suite Vulnerabilities
http://secunia.com/advisories/39429/
Sun Ray Server Software Device Services Unspecified Vulnerability
http://secunia.com/advisories/39432/
Oracle Database Multiple Vulnerabilities
http://secunia.com/advisories/39438/
Oracle Fusion Middleware Products Multiple Vulnerabilities
http://secunia.com/advisories/39439/
Sun Solaris Trusted Extensions Privilege Escalation Vulnerability
http://secunia.com/advisories/39434/
Oracle Collaboration Suite User Interface Components Vulnerability
http://secunia.com/advisories/39440/
Oracle E-Business Suite Multiple Vulnerabilities
http://secunia.com/advisories/39441/
Axon Virtual PBX Multiple Vulnerabilities
http://secunia.com/advisories/39098/
Sun Java System Communications Express Information Disclosure
http://secunia.com/advisories/39436/
Joomla! Q-Personel Component "katid" SQL Injection Vulnerability
http://secunia.com/advisories/39445/
Sun Solaris Kernel Component Local Denial of Service Vulnerability
http://secunia.com/advisories/39435/
Sun Java System Directory Server Multiple Vulnerabilities
http://secunia.com/advisories/39437/
Sun Java System Directory Server Two Vulnerabilities
http://secunia.com/advisories/39428/
Red Hat update for nss_db
http://secunia.com/advisories/39421/
sudo "sudoedit" Privilege Escalation Security Issue
http://secunia.com/advisories/39384/
KDE KDM Socket Race Condition Privilege Escalation
http://secunia.com/advisories/39393/
KDE KDM Control Socket Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/0879
Oracle and Sun Products Code Execution and Security Bypass Issues
http://www.vupen.com/english/advisories/2010/0878
Fedora Security Update Fixes mimeTeX Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0877
Mandriva Security Update Fixes krb5 Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0876
Mandriva Security Update Fixes Firefox Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0875
Redhat Security Update Fixes nss_db Information Disclosure Issue
http://www.vupen.com/english/advisories/2010/0874
Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit http://www.exploit-db.com/exploits/12213
CUPS 'kerberos' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/36958
CUPS 'lppasswd' Tool Localized Message String Security Weakness
http://www.securityfocus.com/bid/38524
CUPS File Descriptors Handling Use-After-Free Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38510
Pango Glyph Definition Table Denial of Service Vulnerability
http://www.securityfocus.com/bid/38760
KDE KDM Insecure File Permission Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39467
CUPS File Descriptors Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37048
GIMP PSD Image Parsing Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37040
ViewVC Regular Expression Search Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/39053
GIMP BMP Image Parsing Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37006
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
AWD Solution AWDwall Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39331
Aircrack-ng EAPOL Packet Processing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39045
Joomla! 'com_qpersonel' Component 'katid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39466
OpenSSL 'zlib' Compression Memory Leak Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/31692
OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/38562
OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39013
OpenSSL 'dtls1_retrieve_buffered_fragment()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38533
MIT Kerberos kadmind 'server_stubs.c' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39247
Oracle Java SE and Java for Business JRE Trusted Method Chaining Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39065
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38628
Microsoft Visio Attribute Validation Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39300
Microsoft Visio Index Calculation Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39302
Oracle Sun Java System Directory Server CVE-2010-0897 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/39453
GNU libnss_db Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39132
mimeTeX Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/36632
mimeTeX Multiple Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36631
Network Vulnerabilities Scan system 'roleManager.jsp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/39481
Cisco Secure Desktop ActiveX Control Executable File Arbitrary File Download Vulnerability
http://www.securityfocus.com/bid/39478
Linux Kernel 'proc_oom_score()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39477
TYPO3 404 Error Page Handling (error_404_handling) Unspecified SQL Injection Vulnerability
http://www.securityfocus.com/bid/39476
TYPO3 Tip-A-Friend ('tipafriend') Extension Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/39475
Iomega Home Media Network Hard Drive 'smbwebclient.php' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/39474
Imperva SecureSphere Web Application Firewall and Database Firewall Security Bypass Vulnerability
http://www.securityfocus.com/bid/39472
Visualization Library DAT File Handling Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/39471
Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39468
0 件のコメント:
コメントを投稿