http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
- Security Vulnerability in the Solaris XScreenSaver (xscreensaver(1)) Program May Allow Unauthorized Access to Sensitive Information
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264048-1
- Multiple Integer Overflow Vulnerabilities in the FreeType 2 Font Engine May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1
UPDATE: Microsoft Security Bulletin Summary for April 2010
http://www.microsoft.com/technet/security/bulletin/MS10-apr.mspx?pubDate=2010-04-21
【注意喚起】 ゴールデンウィーク前に対策を
http://www.ipa.go.jp/security/topics/alert20100422.html
脆弱性対策情報データベースJVN iPediaの登録状況[2010年第1四半期(1月~3月)]
http://www.ipa.go.jp/security/vuln/report/JVNiPedia2010q1.html
How McAfee turned a Disaster Exercise Into a REAL Learning Experience for Our Community Disaster Team
http://isc.sans.org/diary.html?storyid=8671
HP System Management Homepage Unspecified Flaw Lets Remote Authenticated Users Access and Modify Data and Deny Service
http://securitytracker.com/alerts/2010/Apr/1023909.html
Adobe Download Manager Buffer Overflow in 'gp.ocx' ActiveX Control Lets Remote Users
Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Apr/1023908.html
Xftp client 3.0 PWD Remote Exploit
http://www.exploit-db.com/exploits/12332
+ HPSBUX02519 SSRT100004 rev.1 - HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02097674
+ Apache Tomcat 5.5.29 released
http://tomcat.apache.org/tomcat-5.5-doc/changelog.html
http://tomcat.apache.org/security-5.html#Fixed%20in%20Apache%20Tomcat%205.5.29
+ Fixed in Apache Tomcat 5.5.29
http://tomcat.apache.org/security-5.html#Fixed%20in%20Apache%20Tomcat%205.5.29
+ Fixed in Apache Tomcat 5.5.29
http://tomcat.apache.org/security-5.html#Fixed%20in%20Apache%20Tomcat%205.5.29
+ jetty 6.1.24 released
http://svn.codehaus.org/jetty/jetty/branches/jetty-6.1/VERSION.txt
- HPSBMA02494 SSRT090168 rev.1 - HP Virtual Machine Manager (VMM) for Windows, Remote Unauthorized Access, Privilege Elevation
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02031621
Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100421-vsc.shtml
Independent Researcher : Old school bugs in Intel compiler and debugger FLEXlm FlexNet DRM
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32393
SuSE : SUSE Security Announcement: acroread
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32388
London DEFCON April meet - DC4420 - Wed 28th April 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00199.html
ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution V
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00198.html
Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00197.html
Call for participation -- Eth0:2010 Summer
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00195.html
Secunia Research: imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00196.html
[security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enab
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00193.html
CORE-2010-0406 - User Invoices Persistent XSS Vulnerability in CactuShop
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00194.html
狙われるAdobe Readerの脆弱性、Web経由攻撃の5割が悪用
シマンテックが2009年のセキュリティ動向、Flash PlayerやIEも標的に
http://itpro.nikkeibp.co.jp/article/NEWS/20100422/347359/?ST=security
日本セーフネット、企業のPCI DSS準拠を支援するソリューションを発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100421/347356/?ST=security
JVN#87730223 複数のサイボウズ製品におけるアクセス制限に関する脆弱性
http://jvn.jp/jp/JVN87730223/index.html
JVNDB-2010-001307 VMware Server の WebAccess におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001307.html
JVNDB-2010-001306 複数の VMware 製品の WebAccess におけるリクエストの発信元を偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001306.html
JVNDB-2010-001305 複数の VMware 製品の WebAccess におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001305.html
JVNDB-2009-002532 GNU Automake の dist または distcheck ルールにおけるコンテンツを変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002532.html
JVNDB-2010-001304 libcurl の content_encoding.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001304.html
JVNDB-2010-001303 Linux kernel の virtio-net ドライバにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001303.html
JVNDB-2009-002531 pam_krb5 における有効なユーザ名を列挙される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002531.html
JVNDB-2010-001302 brltty の libbrlttybba.so における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001302.html
JVNDB-2010-001301 Linux Kernel の gfs2_lock または gfs_lock 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001301.html
JVNDB-2009-002530 Linux kernel の ext4_fill_flex_info 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002530.html
JVNDB-2010-001300 Linux kernel の net/ipv4/tcp_input.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001300.html
JVNDB-2009-002529 Linux kernel の mac80211 サブシステムにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002529.html
MS10-025 Security Update has been Pulled
http://isc.sans.org/diary.html?storyid=8668
McAfee DAT 5958 Update Issues
http://isc.sans.org/diary.html?storyid=8656
isc.sans.org SSL Certificate and URL extensions
http://isc.sans.org/diary.html?storyid=8659
New OWASP Top 10 - Final Release
http://isc.sans.org/diary.html?storyid=8662
Joomla! AWDwall Components SQL Injection and Local File Inclusion Vulnerabilities
http://secunia.com/advisories/39553/
Joomla Media Mall Factory Component "category" SQL Injection Vulnerability
http://secunia.com/advisories/39546/
openMairie openRegistreCIL Multiple File Inclusion Vulnerabilities
http://secunia.com/advisories/39534/
CactuShop Two Script Insertion Vulnerabilities
http://secunia.com/advisories/39485/
e107 "click_url" SQL Injection Vulnerability
http://secunia.com/advisories/39498/
Kerberos KDC Ticket Validation Double-Free Vulnerability
http://secunia.com/advisories/39420/
SpeedCommander ZIP Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/39535/
phpThumb() "fltr[]" Command Injection Vulnerability
http://secunia.com/advisories/39556/
Elastix "id_nodo" Local File Inclusion Vulnerability
http://secunia.com/advisories/39164/
vBulletin Two-Step External Links Module "url" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39552/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/39544/
Fedora update for gource
http://secunia.com/advisories/39555/
Red Hat update for sudo
http://secunia.com/advisories/39543/
imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error
http://secunia.com/advisories/39354/
Red Hat update for wireshark
http://secunia.com/advisories/39545/
Slackware update for sudo
http://secunia.com/advisories/39399/
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Apr/1023907.html
Cisco Video Surveillance Camera Discloses Passwords to Remote Authenticated Users
http://securitytracker.com/alerts/2010/Apr/1023906.html
RHBA-2010:0365-1: v7 bug fix and enhancement update
http://rhn.redhat.com/errata/RHBA-2010-0365.html
MIT Kerberos KDC "process_tgs_req()" Double Free Vulnerability
http://www.vupen.com/english/advisories/2010/0960
imlib2 "IMAGE_DIMENSIONS_OK()" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0959
Google Chrome Memory Corruption and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/0958
Redhat Security Update Fixes Scsi-target-utils Format String Vulnerabilities
http://www.vupen.com/english/advisories/2010/0957
Redhat Security Update Fixes Sudo Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/0956
Redhat Security Update Fixes Wireshark Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0955
Fedora Security Update Fixes Gource Predictable Temporary Filename
http://www.vupen.com/english/advisories/2010/0954
Mandriva Security Update Fixes Firefox Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0953
Mandriva Security Update Fixes Emacs File Permission Vulnerability
http://www.vupen.com/english/advisories/2010/0952
Turbolinux Security Update Fixes Kernel Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0951
Slackware Security Update Fixes KDE Display Manager Vulnerability
http://www.vupen.com/english/advisories/2010/0950
Slackware Security Update Fixes Sudo Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/0949
Viscom Software Movie Player Pro SDK ActiveX 6.8 Remote Buffer Overflow
http://www.exploit-db.com/exploits/12320
ZipGenius zgtips.dll Stack Buffer Overflow
http://www.exploit-db.com/exploits/12326
MIT Kerberos KDC 'handle_tgt_authdata()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38260
MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
http://www.securityfocus.com/bid/37749
MIT Kerberos 'gss_accept_sec_context()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38904
MIT Kerberos 'src/kdc/do_tgs_req.c' Ticket Renewal Double Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/39599
Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37366
MIT Kerberos KDC Cross-Realm Referral NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37486
Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
http://www.securityfocus.com/bid/36867
Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability
http://www.securityfocus.com/bid/36851
Mozilla Firefox MFSA 2009-47, -48, -49, -50, -51 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36343
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Mozilla Thunderbird Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38831
Mozilla SeaMonkey Scriptable Plugin Content Security Bypass Vulnerability
http://www.securityfocus.com/bid/38830
Microsoft Windows SMB Client Response Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39336
Microsoft Windows SMB Client Memory Allocation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39312
Microsoft Windows SMB Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36989
Microsoft Windows SMB Client Message Size Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39340
Microsoft Windows SMB Client Transaction Response Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39339
Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39303
Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39328
Microsoft Windows Cabinet File Viewer Cabview Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39332
Simasy CMS 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/30774
Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37543
Adobe Acrobat and Reader CVE-2010-0193 Denial of Service Vulnerability
http://www.securityfocus.com/bid/39524
Adobe Acrobat and Reader CVE-2010-0192 Denial of Service Vulnerability
http://www.securityfocus.com/bid/39523
Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39417
Adobe Acrobat and Reader CVE-2010-0204 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39522
Adobe Acrobat and Reader CVE-2010-0190 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/39515
Adobe Acrobat and Reader CVE-2010-0197 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39518
Adobe Acrobat and Reader GIF Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39514
Adobe Acrobat and Reader Prefix Protocol Handler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39517
Adobe Acrobat and Reader CVE-2010-0201 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39520
Adobe Acrobat and Reader CLOD Mesh Declaration Block Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39521
Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39470
Adobe Acrobat and Reader CVE-2010-0194 X3D Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39469
Adobe Acrobat and Reader PNG Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39505
Adobe Acrobat and Reader BMP Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39507
Adobe Acrobat and Reader JPEG Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39511
Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39227
Joomla! Seber Cart Component 'view' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39237
uplusware UplusFtp Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/38102
LightNEasy 'get_file.php' Local File Disclosure Vulnerability
http://www.securityfocus.com/bid/39623
ZipGenius ZIP Archive Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39622
LightNEasy 'language' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39621
PortfolioDesign.org Portfolio for Joomla! 'phpThumb.php' Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/39620
v2marketplacescript Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/39618
SpeedProject SpeedCommander ZIP Archive Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39616
DBSite wb CMS 'index.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/39613
Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/39612
openMairie openRegistreCIL Local and Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/39611
Elastix 'id_nodo' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39610
e107 'e107_admin/banner.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/39609
Webmoney Web Merchant Interface Component for Joomla! Local File Include Vulnerability
http://www.securityfocus.com/bid/39608
MMS Blog Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39607
OrgChart Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39606
phpThumb() 'fltr[]' Parameter Command Injection Vulnerability
http://www.securityfocus.com/bid/39605
imlib2 'src/lib/image.h' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39604
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02097674
+ Apache Tomcat 5.5.29 released
http://tomcat.apache.org/tomcat-5.5-doc/changelog.html
http://tomcat.apache.org/security-5.html#Fixed%20in%20Apache%20Tomcat%205.5.29
+ Fixed in Apache Tomcat 5.5.29
http://tomcat.apache.org/security-5.html#Fixed%20in%20Apache%20Tomcat%205.5.29
+ Fixed in Apache Tomcat 5.5.29
http://tomcat.apache.org/security-5.html#Fixed%20in%20Apache%20Tomcat%205.5.29
+ jetty 6.1.24 released
http://svn.codehaus.org/jetty/jetty/branches/jetty-6.1/VERSION.txt
- HPSBMA02494 SSRT090168 rev.1 - HP Virtual Machine Manager (VMM) for Windows, Remote Unauthorized Access, Privilege Elevation
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02031621
Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100421-vsc.shtml
Independent Researcher : Old school bugs in Intel compiler and debugger FLEXlm FlexNet DRM
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32393
SuSE : SUSE Security Announcement: acroread
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32388
London DEFCON April meet - DC4420 - Wed 28th April 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00199.html
ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution V
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00198.html
Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00197.html
Call for participation -- Eth0:2010 Summer
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00195.html
Secunia Research: imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00196.html
[security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enab
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00193.html
CORE-2010-0406 - User Invoices Persistent XSS Vulnerability in CactuShop
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00194.html
狙われるAdobe Readerの脆弱性、Web経由攻撃の5割が悪用
シマンテックが2009年のセキュリティ動向、Flash PlayerやIEも標的に
http://itpro.nikkeibp.co.jp/article/NEWS/20100422/347359/?ST=security
日本セーフネット、企業のPCI DSS準拠を支援するソリューションを発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100421/347356/?ST=security
JVN#87730223 複数のサイボウズ製品におけるアクセス制限に関する脆弱性
http://jvn.jp/jp/JVN87730223/index.html
JVNDB-2010-001307 VMware Server の WebAccess におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001307.html
JVNDB-2010-001306 複数の VMware 製品の WebAccess におけるリクエストの発信元を偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001306.html
JVNDB-2010-001305 複数の VMware 製品の WebAccess におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001305.html
JVNDB-2009-002532 GNU Automake の dist または distcheck ルールにおけるコンテンツを変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002532.html
JVNDB-2010-001304 libcurl の content_encoding.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001304.html
JVNDB-2010-001303 Linux kernel の virtio-net ドライバにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001303.html
JVNDB-2009-002531 pam_krb5 における有効なユーザ名を列挙される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002531.html
JVNDB-2010-001302 brltty の libbrlttybba.so における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001302.html
JVNDB-2010-001301 Linux Kernel の gfs2_lock または gfs_lock 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001301.html
JVNDB-2009-002530 Linux kernel の ext4_fill_flex_info 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002530.html
JVNDB-2010-001300 Linux kernel の net/ipv4/tcp_input.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001300.html
JVNDB-2009-002529 Linux kernel の mac80211 サブシステムにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002529.html
MS10-025 Security Update has been Pulled
http://isc.sans.org/diary.html?storyid=8668
McAfee DAT 5958 Update Issues
http://isc.sans.org/diary.html?storyid=8656
isc.sans.org SSL Certificate and URL extensions
http://isc.sans.org/diary.html?storyid=8659
New OWASP Top 10 - Final Release
http://isc.sans.org/diary.html?storyid=8662
Joomla! AWDwall Components SQL Injection and Local File Inclusion Vulnerabilities
http://secunia.com/advisories/39553/
Joomla Media Mall Factory Component "category" SQL Injection Vulnerability
http://secunia.com/advisories/39546/
openMairie openRegistreCIL Multiple File Inclusion Vulnerabilities
http://secunia.com/advisories/39534/
CactuShop Two Script Insertion Vulnerabilities
http://secunia.com/advisories/39485/
e107 "click_url" SQL Injection Vulnerability
http://secunia.com/advisories/39498/
Kerberos KDC Ticket Validation Double-Free Vulnerability
http://secunia.com/advisories/39420/
SpeedCommander ZIP Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/39535/
phpThumb() "fltr[]" Command Injection Vulnerability
http://secunia.com/advisories/39556/
Elastix "id_nodo" Local File Inclusion Vulnerability
http://secunia.com/advisories/39164/
vBulletin Two-Step External Links Module "url" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39552/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/39544/
Fedora update for gource
http://secunia.com/advisories/39555/
Red Hat update for sudo
http://secunia.com/advisories/39543/
imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error
http://secunia.com/advisories/39354/
Red Hat update for wireshark
http://secunia.com/advisories/39545/
Slackware update for sudo
http://secunia.com/advisories/39399/
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Apr/1023907.html
Cisco Video Surveillance Camera Discloses Passwords to Remote Authenticated Users
http://securitytracker.com/alerts/2010/Apr/1023906.html
RHBA-2010:0365-1: v7 bug fix and enhancement update
http://rhn.redhat.com/errata/RHBA-2010-0365.html
MIT Kerberos KDC "process_tgs_req()" Double Free Vulnerability
http://www.vupen.com/english/advisories/2010/0960
imlib2 "IMAGE_DIMENSIONS_OK()" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/0959
Google Chrome Memory Corruption and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/0958
Redhat Security Update Fixes Scsi-target-utils Format String Vulnerabilities
http://www.vupen.com/english/advisories/2010/0957
Redhat Security Update Fixes Sudo Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/0956
Redhat Security Update Fixes Wireshark Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0955
Fedora Security Update Fixes Gource Predictable Temporary Filename
http://www.vupen.com/english/advisories/2010/0954
Mandriva Security Update Fixes Firefox Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/0953
Mandriva Security Update Fixes Emacs File Permission Vulnerability
http://www.vupen.com/english/advisories/2010/0952
Turbolinux Security Update Fixes Kernel Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/0951
Slackware Security Update Fixes KDE Display Manager Vulnerability
http://www.vupen.com/english/advisories/2010/0950
Slackware Security Update Fixes Sudo Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/0949
Viscom Software Movie Player Pro SDK ActiveX 6.8 Remote Buffer Overflow
http://www.exploit-db.com/exploits/12320
ZipGenius zgtips.dll Stack Buffer Overflow
http://www.exploit-db.com/exploits/12326
MIT Kerberos KDC 'handle_tgt_authdata()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38260
MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
http://www.securityfocus.com/bid/37749
MIT Kerberos 'gss_accept_sec_context()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38904
MIT Kerberos 'src/kdc/do_tgs_req.c' Ticket Renewal Double Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/39599
Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37366
MIT Kerberos KDC Cross-Realm Referral NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37486
Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
http://www.securityfocus.com/bid/36867
Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability
http://www.securityfocus.com/bid/36851
Mozilla Firefox MFSA 2009-47, -48, -49, -50, -51 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36343
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Mozilla Thunderbird Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38831
Mozilla SeaMonkey Scriptable Plugin Content Security Bypass Vulnerability
http://www.securityfocus.com/bid/38830
Microsoft Windows SMB Client Response Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39336
Microsoft Windows SMB Client Memory Allocation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39312
Microsoft Windows SMB Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36989
Microsoft Windows SMB Client Message Size Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39340
Microsoft Windows SMB Client Transaction Response Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39339
Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39303
Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39328
Microsoft Windows Cabinet File Viewer Cabview Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39332
Simasy CMS 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/30774
Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/37543
Adobe Acrobat and Reader CVE-2010-0193 Denial of Service Vulnerability
http://www.securityfocus.com/bid/39524
Adobe Acrobat and Reader CVE-2010-0192 Denial of Service Vulnerability
http://www.securityfocus.com/bid/39523
Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39417
Adobe Acrobat and Reader CVE-2010-0204 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39522
Adobe Acrobat and Reader CVE-2010-0190 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/39515
Adobe Acrobat and Reader CVE-2010-0197 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39518
Adobe Acrobat and Reader GIF Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39514
Adobe Acrobat and Reader Prefix Protocol Handler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39517
Adobe Acrobat and Reader CVE-2010-0201 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39520
Adobe Acrobat and Reader CLOD Mesh Declaration Block Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39521
Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39470
Adobe Acrobat and Reader CVE-2010-0194 X3D Component Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39469
Adobe Acrobat and Reader PNG Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39505
Adobe Acrobat and Reader BMP Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39507
Adobe Acrobat and Reader JPEG Data Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39511
Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39227
Joomla! Seber Cart Component 'view' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39237
uplusware UplusFtp Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/38102
LightNEasy 'get_file.php' Local File Disclosure Vulnerability
http://www.securityfocus.com/bid/39623
ZipGenius ZIP Archive Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39622
LightNEasy 'language' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39621
PortfolioDesign.org Portfolio for Joomla! 'phpThumb.php' Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/39620
v2marketplacescript Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/39618
SpeedProject SpeedCommander ZIP Archive Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39616
DBSite wb CMS 'index.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/39613
Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/39612
openMairie openRegistreCIL Local and Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/39611
Elastix 'id_nodo' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39610
e107 'e107_admin/banner.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/39609
Webmoney Web Merchant Interface Component for Joomla! Local File Include Vulnerability
http://www.securityfocus.com/bid/39608
MMS Blog Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39607
OrgChart Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39606
phpThumb() 'fltr[]' Parameter Command Injection Vulnerability
http://www.securityfocus.com/bid/39605
imlib2 'src/lib/image.h' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39604
0 件のコメント:
コメントを投稿