++ Security Vulnerability in BIND DNS Software Shipped With Solaris May Allow DNS Cache Poisoning
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273169-1
+ Linux kernel 2.6.33.2, 2.6.32.11, 2.6.31.13, 2.6.27.46 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.2
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.11
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.13
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.46
Linux Kernel release: 2.6.33.2
http://www.linux.org/news/2010/04/02/0004.html
Linux Kernel release: 2.6.32.11
http://www.linux.org/news/2010/04/02/0003.html
Linux Kernel release: 2.6.31.13
http://www.linux.org/news/2010/04/02/0002.html
Linux Kernel release: 2.6.27.46
http://www.linux.org/news/2010/04/02/0001.html
JVNTA10-089A Internet Explorer に複数の脆弱性
http://jvn.jp/cert/JVNTA10-089A/index.html
JVN#60969543 HL-SiteManager における SQL インジェクションの脆弱性
http://jvn.jp/jp/JVN60969543/index.html
JVNDB-2010-000010 HL-SiteManager における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000010.html
JVNDB-2010-001205 Mozilla Firefox の Web Open Fonts Format デコーダ における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001205.html
JVNDB-2010-001204 Accela BizSearch のローカル収集におけるアクセス権限に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001204.html
JVNDB-2010-001174 Apache HTTP Server の ap_read_request 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001174.html
JVNDB-2010-001173 Apache HTTP Server の ap_proxy_ajp_request 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001173.html
JVNDB-2010-001057 Linux kernel における SCSI ホストの属性に任意の変更を加えられる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001057.html
JVNDB-2010-001006 Linux kernel の e1000e ドライバにおけるイーサネットフレームの処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001006.html
JVNDB-2010-001005 Linux kernel の r8169 ドライバにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001005.html
JVNDB-2010-001004 Linux kernel の e1000 ドライバにおけるパケットフィルタの制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001004.html
JVNDB-2010-001002 sendmail における X.509 証明書の処理に関する任意の SSL-based SMTP サーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001002.html
JVNDB-2009-002502 Linux kernel の poll_mode_io ファイルにおけるドライバの I/O モードを変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002502.html
JVNDB-2009-002501 Linux kernel におけるドライバの動作およびログレベルを変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002501.html
JVNDB-2009-002500 Linux kernel の hfs サブシステムにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002500.html
JVNDB-2009-002499 Linux kernel の drivers/firewire/ohci.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002499.html
JVNDB-2009-002498 Linux kernel の fuse_direct_io 関数におけるサービス運用妨害 (DoS)の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002498.html
JVNDB-2009-002497 Linux kernel の gdth_read_event 関数における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002497.html
JVNDB-2009-002471 Linux kernel の arch/x86/ia32/ia32entry.S におけるレジスタ値を読み取られる脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002471.html
JVNDB-2009-002470 Linux kernel の NFSv4 クライアントの nfs4_proc_lock 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002470.html
JVNDB-2009-002469 Linux kernel の net/unix/af_unix.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002469.html
JVNDB-2009-002468 Linux kernel の ATI Rage 128 ドライバにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002468.html
JVNDB-2009-002423 Linux kernel の tcf_fill_node 関数におけるカーネルメモリから重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002423.html
JVNDB-2007-001202 Linux kernel の ipv6_hop_jumbo 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001202.html
Security Advisory for ESX Service Console
http://isc.sans.org/diary.html?storyid=8563
Jabber Studio JabberD Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/17155
eDisplay Personal FTP server Multiple Commands Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/38860
PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38708
Firefox 3.6.3 security update now available
http://developer.mozilla.org/devnews/index.php/2010/04/01/firefox-3-6-3-security-update-now-available/
MFSA 2010-25: Re-use of freed object due to scope confusion
http://www.mozilla.org/security/announce/2010/mfsa2010-25.html
+ RHSA-2010:0339-1: Important: java-1.6.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2010-0339.html
MySQL 5.5.5 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html
Document ID: 346996: Mounting a formatted SFW dynamic volume to a empty NTFS Folder prompts for the volume to be formatted in Windows Server 2008.
http://seer.entsupport.symantec.com/docs/346996.htm
Document ID: 341277: The MOMhelper.exe process continually terminates after updating the Storage Foundation for Windows High Availability (SFW-HA) Management Pack for Microsoft System Center Operations Manager 2007
http://seer.entsupport.symantec.com/docs/341277.htm
VMware ESX and ESXi 3.5 Comparison
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1006543&sliceId=1&docTypeID=DT_KB_1_1
Dawid Golunski : Zabbix <= 1.8.1 SQL Injection http://www.criticalwatch.com/support/security-advisories.aspx?AID=32174
Independent Researcher : Advisory Optimal Archive 1.38
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32175
Red Hat : Critical: java-1.6.0-sun security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32169
Red Hat : Critical: java-1.5.0-sun security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32170
Red Hat : Important: java-1.6.0-openjdk security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32171
Apple : AirPort Base Station Update 2010-001
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32168
CONIX Security : Multiple XSS vulnerabilities in OSSIM 2.2.1
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32178
VMSA-2010-0006 ESX Service Console updates for samba and acpid
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00012.html
Juniper SRX Critical Denial of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00010.html
DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00005.html
CSRF Vulnerability in OSSIM 2.2.1
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00004.html
Zabbix <= 1.8.1 SQL Injection http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00007.html
VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00006.html
VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00011.html
VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00002.html
VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00001.html
VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00003.html
VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00009.html
VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00008.html
[USN-922-1] libnss-db vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00000.html
「ファイルを開くだけでプログラム実行の恐れ」、PDFの危険な仕様
脆弱性がなくても被害に遭う、閲覧ソフトによっては警告が出ない
http://itpro.nikkeibp.co.jp/article/NEWS/20100401/346544/?ST=security
Android携帯やiPhoneで使えるマルウエア対策技術、シマンテックが公開
http://itpro.nikkeibp.co.jp/article/NEWS/20100401/346529/?ST=security
JVNDB-2010-001203 x86_64 プラットフォーム上の Linux kernel の load_elf_binary 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001203.html
JVNDB-2010-001202 x86_64 および amd64 プラットフォーム上 Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001202.html
JVNDB-2010-001201 Linux Kernel の The ip6_dst_lookup_tail 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001201.html
JVNDB-2010-001200 Linux Kernel の SCTP 実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001200.html
JVNDB-2010-001199 Linux Kernel の do_pages_move 関数におけるカーネルメモリの情報が漏えいする脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001199.html
JVNDB-2010-001198 Linux kernel の ebtables モジュールにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001198.html
JVNDB-2010-001197 Linux kernel の print_fatal_signal 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001197.html
Alien Arena "SV_BeginDownload_f()" Denial of Service Vulnerabilities
http://secunia.com/advisories/39143/
Ubuntu update for libnss-db
http://secunia.com/advisories/39165/
OSSIM Spoofing and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39141/
Optimal Desktop Archive Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/39157/
leaftec cms Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/39166/
DynPG CMS "DefineRootToTool" File Inclusion Vulnerability
http://secunia.com/advisories/39185/
Optimal Archive Error Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/39154/
Linux SCSI Target Framework (tgt) Format String Vulnerabilities
http://secunia.com/advisories/39142/
Drupal Taxonomy Breadcrumb Module Script Insertion Vulnerabilities
http://secunia.com/advisories/39138/
Compiere Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39177/
Apple AirPort Base Station Network Access Restriction Bypass
http://secunia.com/advisories/39160/
Drupal Taxonomy Filter Module Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/39220/
Fedora update for thunderbird and sunbird
http://secunia.com/advisories/39204/
Fedora update for horde
http://secunia.com/advisories/39245/
Fedora update for imp
http://secunia.com/advisories/39247/
Red Hat update for java-1.6.0-openjdk
http://secunia.com/advisories/39210/
Fedora update for libnids
http://secunia.com/advisories/39249/
Libnids NULL Pointer Dereference Denial of Service
http://secunia.com/advisories/39225/
Red Hat update for java-1.6.0-sun
http://secunia.com/advisories/39216/
Fedora update for asterisk
http://secunia.com/advisories/39248/
Red Hat update for java-1.5.0-sun
http://secunia.com/advisories/39207/
Fedora update for ikiwiki
http://secunia.com/advisories/39244/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/39246/
Red Hat Global File System gfs_lock() Lets Local Users Deny Service
http://securitytracker.com/alerts/2010/Apr/1023809.html
Debian Security Update Fixes Icedove Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0768
Debian Security Update Fixes Moin Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0767
Redhat Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0766
Redhat Security Update Fixes SeaMonkey Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0765
Redhat Security Update Fixes Firefox Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0764
Redhat Security Update Fixes Automake Insecure Permissions Issue
http://www.vupen.com/english/advisories/2010/0763
Redhat Security Update Fixes GFS Local Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0762
Redhat Security Update Fixes cURL Data Callback Excessive Length
http://www.vupen.com/english/advisories/2010/0761
Redhat Security Update Fixes KVM Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0760
Redhat Security Update Fixes pam_krb5 Username Enumeration Issue
http://www.vupen.com/english/advisories/2010/0759
Redhat Security Update Fixes Sendmail Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/0758
Redhat Security Update Fixes Squid Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0757
Redhat Security Update Fixes OpenLDAP Certificate Spoofing Issue
http://www.vupen.com/english/advisories/2010/0756
Redhat Security Update Fixes brltty Untrusted Search Path Vulnerability
http://www.vupen.com/english/advisories/2010/0755
Redhat Security Update Fixes Kernel Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0754
Mozilla SeaMonkey Scriptable Plugin Content Security Bypass Vulnerability
http://www.securityfocus.com/bid/38830
VMware WebAccess URL Forwarding Vulnerability
http://www.securityfocus.com/bid/39103
Samba Oplock Break Notification Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36573
Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36572
Samba Format String And Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/35472
Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
http://www.securityfocus.com/bid/36363
acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692
VMware WebAccess '/ui/vmDirect.do' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39106
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Multiple Horde Products Cross-Site Scripting Vulnerabilities and File Overwrite Vulnerability
http://www.securityfocus.com/bid/36382
Horde Application Framework Administration Interface 'PHP_SELF' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37351
Horde Products Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/33491
Horde XSS Filter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/33367
Horde MIME Attachment Filename Insufficient Filtering Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/31110
Horde Application Framework Forward Slash Insufficient Filtering Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/31107
Foxit Reader Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39109
Libnids 'ip_fragment.c' Null Pointer Deference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39142
ikiwiki 'htmlscrubber' Plugin Remote Script Code Injection Vulnerability
http://www.securityfocus.com/bid/38844
MIT Kerberos 'gss_accept_sec_context()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38904
Trac Ticket Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/39040
RETIRED: VMware WebAccess Multiple Vulnerabilities
http://www.securityfocus.com/bid/39037
Fcron 'fcrontab' Symbolic Link Arbitrary File Access Vulnerabilities
http://www.securityfocus.com/bid/38531
Apple Mac OS X QuickDraw Manager Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36985
Linux Kernel USB interface Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39042
WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38684
WebKit Cross-Origin Stylesheet Request Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38692
Oracle Java SE and Java for Business CVE-2010-0085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39094
Oracle Java SE and Java for Business CVE-2010-0091 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39096
Oracle Java SE and Java for Business CVE-2010-0084 Remote Vulnerability
http://www.securityfocus.com/bid/39093
Oracle Java SE and Java for Business CVE-2010-0093 Remote Vulnerability
http://www.securityfocus.com/bid/39088
Oracle Java SE and Java for Business CVE-2010-0092 Remote Vulnerability
http://www.securityfocus.com/bid/39090
Oracle Java SE and Java for Business CVE-2010-0845 Remote HotSpot Server Vulnerability
http://www.securityfocus.com/bid/39089
Oracle Java SE and Java for Business CVE-2010-0848 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39078
Oracle Java SE and Java for Business CVE-2010-0095 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39086
Oracle Java SE and Java for Business CVE-2010-0082 HotSpot Server Remote Vulnerability
http://www.securityfocus.com/bid/39085
Oracle Java SE and Java for Business CVE-2010-0088 Remote Java Runtime Environme Vulnerability
http://www.securityfocus.com/bid/39081
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerablity
http://www.securityfocus.com/bid/39075
Oracle Java SE and Java for Business CVE-2010-0837 Remote Vulnerability
http://www.securityfocus.com/bid/39072
Oracle Java SE and Java for Business CVE-2010-0847 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39071
Oracle Java SE and Java for Business CVE-2010-0838 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39069
Oracle Java SE and Java for Business CVE-2010-0840 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39065
HP-UX AudFilter Rule Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39046
TikiWiki Versions Prior to 4.2 Multiple Vulnerabilities
http://www.securityfocus.com/bid/38608
ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36181
Horde Turba Contact Manager '/imp/test.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/31168
Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/33492
Asterisk T.38 'FaxMaxDatagram' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38047
Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37153
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Oracle Java SE and Java for Business CVE-2010-0089 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39095
Oracle Java SE and Java for Business CVE-2010-0090 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39091
Oracle Java SE and Java for Business CVE-2010-0844 Remote Vulnerability
http://www.securityfocus.com/bid/39084
Oracle Java SE and Java for Business CVE-2010-0842 Remote Vulnerability
http://www.securityfocus.com/bid/39077
Oracle Java SE and Java for Business CVE-2010-0843 Remote Vulnerability
http://www.securityfocus.com/bid/39083
VMware WebAccess JSON Cross-site Scripting Vulnerabliity
http://www.securityfocus.com/bid/39105
VMware WebAccess Virtual Machine Name Cross-site Scripting Vulnerability
http://www.securityfocus.com/bid/39104
Oracle Java SE and Java for Business CVE-2010-0849 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39073
Oracle Java SE and Java for Business CVE-2010-0839 Remote Sound Vulnerability
http://www.securityfocus.com/bid/39070
Oracle Java SE and Java for Business CVE-2010-0087 Remote Vulnerability
http://www.securityfocus.com/bid/39068
Oracle Java SE and Java for Business CVE-2010-0841 Remote ImageIO Vulnerability
http://www.securityfocus.com/bid/39067
Oracle Java SE and Java for Business CVE-2010-0846 Remote ImageIO Vulnerability
http://www.securityfocus.com/bid/39062
Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38615
HP OpenView Network Node Manager 'OvWebHelp.exe' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37340
WeBAM Denial of Service Vulnerability and CAPTCHA Bypass Vulnerability
http://www.securityfocus.com/bid/38967
Easy-Clanpage 'id' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/28309
DynPG CMS Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/39168
Apple QuickTime CoreMedia H.263 Encoded Movie Files Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39167
Apple Mac OS X PS Normalizer PostScript File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39151
Moodle Prior to 1.9.8/1.8.12 Multiple Vulnerabilities
http://www.securityfocus.com/bid/39150
ZABBIX 'DBcondition' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39148
Joomla! 'com_network' Component 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39147
Joomla! 'com_tour' Component 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39146
Joomla! 'com_trading' Component 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39143
http://rhn.redhat.com/errata/RHSA-2010-0339.html
MySQL 5.5.5 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-5.html
Document ID: 346996: Mounting a formatted SFW dynamic volume to a empty NTFS Folder prompts for the volume to be formatted in Windows Server 2008.
http://seer.entsupport.symantec.com/docs/346996.htm
Document ID: 341277: The MOMhelper.exe process continually terminates after updating the Storage Foundation for Windows High Availability (SFW-HA) Management Pack for Microsoft System Center Operations Manager 2007
http://seer.entsupport.symantec.com/docs/341277.htm
VMware ESX and ESXi 3.5 Comparison
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1006543&sliceId=1&docTypeID=DT_KB_1_1
Dawid Golunski : Zabbix <= 1.8.1 SQL Injection http://www.criticalwatch.com/support/security-advisories.aspx?AID=32174
Independent Researcher : Advisory Optimal Archive 1.38
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32175
Red Hat : Critical: java-1.6.0-sun security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32169
Red Hat : Critical: java-1.5.0-sun security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32170
Red Hat : Important: java-1.6.0-openjdk security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32171
Apple : AirPort Base Station Update 2010-001
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32168
CONIX Security : Multiple XSS vulnerabilities in OSSIM 2.2.1
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32178
VMSA-2010-0006 ESX Service Console updates for samba and acpid
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00012.html
Juniper SRX Critical Denial of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00010.html
DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00005.html
CSRF Vulnerability in OSSIM 2.2.1
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00004.html
Zabbix <= 1.8.1 SQL Injection http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00007.html
VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00006.html
VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00011.html
VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00002.html
VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00001.html
VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00003.html
VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00009.html
VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00008.html
[USN-922-1] libnss-db vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00000.html
「ファイルを開くだけでプログラム実行の恐れ」、PDFの危険な仕様
脆弱性がなくても被害に遭う、閲覧ソフトによっては警告が出ない
http://itpro.nikkeibp.co.jp/article/NEWS/20100401/346544/?ST=security
Android携帯やiPhoneで使えるマルウエア対策技術、シマンテックが公開
http://itpro.nikkeibp.co.jp/article/NEWS/20100401/346529/?ST=security
JVNDB-2010-001203 x86_64 プラットフォーム上の Linux kernel の load_elf_binary 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001203.html
JVNDB-2010-001202 x86_64 および amd64 プラットフォーム上 Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001202.html
JVNDB-2010-001201 Linux Kernel の The ip6_dst_lookup_tail 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001201.html
JVNDB-2010-001200 Linux Kernel の SCTP 実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001200.html
JVNDB-2010-001199 Linux Kernel の do_pages_move 関数におけるカーネルメモリの情報が漏えいする脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001199.html
JVNDB-2010-001198 Linux kernel の ebtables モジュールにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001198.html
JVNDB-2010-001197 Linux kernel の print_fatal_signal 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001197.html
Alien Arena "SV_BeginDownload_f()" Denial of Service Vulnerabilities
http://secunia.com/advisories/39143/
Ubuntu update for libnss-db
http://secunia.com/advisories/39165/
OSSIM Spoofing and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39141/
Optimal Desktop Archive Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/39157/
leaftec cms Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/39166/
DynPG CMS "DefineRootToTool" File Inclusion Vulnerability
http://secunia.com/advisories/39185/
Optimal Archive Error Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/39154/
Linux SCSI Target Framework (tgt) Format String Vulnerabilities
http://secunia.com/advisories/39142/
Drupal Taxonomy Breadcrumb Module Script Insertion Vulnerabilities
http://secunia.com/advisories/39138/
Compiere Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/39177/
Apple AirPort Base Station Network Access Restriction Bypass
http://secunia.com/advisories/39160/
Drupal Taxonomy Filter Module Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/39220/
Fedora update for thunderbird and sunbird
http://secunia.com/advisories/39204/
Fedora update for horde
http://secunia.com/advisories/39245/
Fedora update for imp
http://secunia.com/advisories/39247/
Red Hat update for java-1.6.0-openjdk
http://secunia.com/advisories/39210/
Fedora update for libnids
http://secunia.com/advisories/39249/
Libnids NULL Pointer Dereference Denial of Service
http://secunia.com/advisories/39225/
Red Hat update for java-1.6.0-sun
http://secunia.com/advisories/39216/
Fedora update for asterisk
http://secunia.com/advisories/39248/
Red Hat update for java-1.5.0-sun
http://secunia.com/advisories/39207/
Fedora update for ikiwiki
http://secunia.com/advisories/39244/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/39246/
Red Hat Global File System gfs_lock() Lets Local Users Deny Service
http://securitytracker.com/alerts/2010/Apr/1023809.html
Debian Security Update Fixes Icedove Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0768
Debian Security Update Fixes Moin Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/0767
Redhat Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0766
Redhat Security Update Fixes SeaMonkey Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0765
Redhat Security Update Fixes Firefox Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/0764
Redhat Security Update Fixes Automake Insecure Permissions Issue
http://www.vupen.com/english/advisories/2010/0763
Redhat Security Update Fixes GFS Local Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0762
Redhat Security Update Fixes cURL Data Callback Excessive Length
http://www.vupen.com/english/advisories/2010/0761
Redhat Security Update Fixes KVM Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/0760
Redhat Security Update Fixes pam_krb5 Username Enumeration Issue
http://www.vupen.com/english/advisories/2010/0759
Redhat Security Update Fixes Sendmail Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/0758
Redhat Security Update Fixes Squid Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0757
Redhat Security Update Fixes OpenLDAP Certificate Spoofing Issue
http://www.vupen.com/english/advisories/2010/0756
Redhat Security Update Fixes brltty Untrusted Search Path Vulnerability
http://www.vupen.com/english/advisories/2010/0755
Redhat Security Update Fixes Kernel Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0754
Mozilla SeaMonkey Scriptable Plugin Content Security Bypass Vulnerability
http://www.securityfocus.com/bid/38830
VMware WebAccess URL Forwarding Vulnerability
http://www.securityfocus.com/bid/39103
Samba Oplock Break Notification Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36573
Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36572
Samba Format String And Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/35472
Samba Misconfigured '/etc/passwd' File Security Bypass Vulnerability
http://www.securityfocus.com/bid/36363
acpid Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/34692
VMware WebAccess '/ui/vmDirect.do' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39106
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Multiple Horde Products Cross-Site Scripting Vulnerabilities and File Overwrite Vulnerability
http://www.securityfocus.com/bid/36382
Horde Application Framework Administration Interface 'PHP_SELF' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/37351
Horde Products Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/33491
Horde XSS Filter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/33367
Horde MIME Attachment Filename Insufficient Filtering Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/31110
Horde Application Framework Forward Slash Insufficient Filtering Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/31107
Foxit Reader Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39109
Libnids 'ip_fragment.c' Null Pointer Deference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39142
ikiwiki 'htmlscrubber' Plugin Remote Script Code Injection Vulnerability
http://www.securityfocus.com/bid/38844
MIT Kerberos 'gss_accept_sec_context()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38904
Trac Ticket Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/39040
RETIRED: VMware WebAccess Multiple Vulnerabilities
http://www.securityfocus.com/bid/39037
Fcron 'fcrontab' Symbolic Link Arbitrary File Access Vulnerabilities
http://www.securityfocus.com/bid/38531
Apple Mac OS X QuickDraw Manager Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36985
Linux Kernel USB interface Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39042
WebKit CSS 'format()' Arguments Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38684
WebKit Cross-Origin Stylesheet Request Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38692
Oracle Java SE and Java for Business CVE-2010-0085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39094
Oracle Java SE and Java for Business CVE-2010-0091 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39096
Oracle Java SE and Java for Business CVE-2010-0084 Remote Vulnerability
http://www.securityfocus.com/bid/39093
Oracle Java SE and Java for Business CVE-2010-0093 Remote Vulnerability
http://www.securityfocus.com/bid/39088
Oracle Java SE and Java for Business CVE-2010-0092 Remote Vulnerability
http://www.securityfocus.com/bid/39090
Oracle Java SE and Java for Business CVE-2010-0845 Remote HotSpot Server Vulnerability
http://www.securityfocus.com/bid/39089
Oracle Java SE and Java for Business CVE-2010-0848 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39078
Oracle Java SE and Java for Business CVE-2010-0095 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39086
Oracle Java SE and Java for Business CVE-2010-0082 HotSpot Server Remote Vulnerability
http://www.securityfocus.com/bid/39085
Oracle Java SE and Java for Business CVE-2010-0088 Remote Java Runtime Environme Vulnerability
http://www.securityfocus.com/bid/39081
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerablity
http://www.securityfocus.com/bid/39075
Oracle Java SE and Java for Business CVE-2010-0837 Remote Vulnerability
http://www.securityfocus.com/bid/39072
Oracle Java SE and Java for Business CVE-2010-0847 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39071
Oracle Java SE and Java for Business CVE-2010-0838 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39069
Oracle Java SE and Java for Business CVE-2010-0840 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39065
HP-UX AudFilter Rule Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39046
TikiWiki Versions Prior to 4.2 Multiple Vulnerabilities
http://www.securityfocus.com/bid/38608
ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
http://www.securityfocus.com/bid/36181
Horde Turba Contact Manager '/imp/test.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/31168
Horde IMP Webmail Client Cross Site Scripting And HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/33492
Asterisk T.38 'FaxMaxDatagram' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38047
Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37153
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Oracle Java SE and Java for Business CVE-2010-0089 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39095
Oracle Java SE and Java for Business CVE-2010-0090 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39091
Oracle Java SE and Java for Business CVE-2010-0844 Remote Vulnerability
http://www.securityfocus.com/bid/39084
Oracle Java SE and Java for Business CVE-2010-0842 Remote Vulnerability
http://www.securityfocus.com/bid/39077
Oracle Java SE and Java for Business CVE-2010-0843 Remote Vulnerability
http://www.securityfocus.com/bid/39083
VMware WebAccess JSON Cross-site Scripting Vulnerabliity
http://www.securityfocus.com/bid/39105
VMware WebAccess Virtual Machine Name Cross-site Scripting Vulnerability
http://www.securityfocus.com/bid/39104
Oracle Java SE and Java for Business CVE-2010-0849 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39073
Oracle Java SE and Java for Business CVE-2010-0839 Remote Sound Vulnerability
http://www.securityfocus.com/bid/39070
Oracle Java SE and Java for Business CVE-2010-0087 Remote Vulnerability
http://www.securityfocus.com/bid/39068
Oracle Java SE and Java for Business CVE-2010-0841 Remote ImageIO Vulnerability
http://www.securityfocus.com/bid/39067
Oracle Java SE and Java for Business CVE-2010-0846 Remote ImageIO Vulnerability
http://www.securityfocus.com/bid/39062
Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38615
HP OpenView Network Node Manager 'OvWebHelp.exe' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37340
WeBAM Denial of Service Vulnerability and CAPTCHA Bypass Vulnerability
http://www.securityfocus.com/bid/38967
Easy-Clanpage 'id' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/28309
DynPG CMS Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/39168
Apple QuickTime CoreMedia H.263 Encoded Movie Files Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39167
Apple Mac OS X PS Normalizer PostScript File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39151
Moodle Prior to 1.9.8/1.8.12 Multiple Vulnerabilities
http://www.securityfocus.com/bid/39150
ZABBIX 'DBcondition' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39148
Joomla! 'com_network' Component 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39147
Joomla! 'com_tour' Component 'cid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39146
Joomla! 'com_trading' Component 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39143
0 件のコメント:
コメントを投稿