2010年5月11日火曜日

11日 火曜日、赤口

JVNDB-2010-001395 複数の EUR Form 製品 および EUR 製品における任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001395.html

JVNDB-2010-001394 Microsoft Windows における ISATAP パケットの処理に関する IPv4 ソースアドレスの制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001394.html

JVNDB-2010-001393 Microsoft Office Visio における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001393.html

JVNDB-2010-001392 Microsoft Office Visio における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001392.html

JVNDB-2010-001391 Microsoft Windows の SMTP コンポーネントにおける情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001391.html

JVNDB-2010-001390 Microsoft Windows の SMTP コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001390.html

JVNDB-2010-001389 Microsoft Office Publisher におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001389.html

JVNDB-2010-001388 Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001388.html

JVNDB-2010-001387 Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001387.html

JVNDB-2010-001386 Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001386.html

JVNDB-2010-001385 Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001385.html

JVNDB-2010-001384 Microsoft Windows の kernel における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001384.html

JVNDB-2010-001383 Microsoft Windows の kernel における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001383.html

JVNDB-2010-001382 Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001382.html

JVNDB-2010-001381 Microsoft Windows の kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001381.html

Fedora update for amsn
http://secunia.com/advisories/39796/

Fedora update for irssi
http://secunia.com/advisories/39797/




HPSBMA02528 SSRT100106 rev.1 - HP Performance Center Agent on Windows, Remote Unauthenticated Arbitrary Code Execution
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02153865

phpMyAdmin 3.3.3 is released
http://sourceforge.net/news/?group_id=23067&id=286471

Wireshark 1.2.8 released
http://www.wireshark.org/docs/relnotes/wireshark-1.2.8.html

Linux Kernel release: 2.6.33.4-rc1
http://www.linux.org/news/2010/05/10/0003.html

Linux Kernel release: 2.6.32.13-rc1
http://www.linux.org/news/2010/05/10/0002.html

InterScan for Microsoft Exchange 10.0 公開とサポートサービス開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1399

RHBA-2010:0403-1: openais bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0403.html

- RHBA-2010:0405-1: initscripts bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0405.html
コメント:情報種別対象外

Independent Researcher : Drupal Context Module XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32520

Independent Researcher : xitami-5.0a0-windows DOS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32519

MustLive : Vulnerabilities in Sebo - webstore
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32518

FFR、ゼロデイ攻撃対策に特化した「yarai」シリーズの廉価版を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100510/347881/?ST=security

JVNDB-2010-001380 Microsoft Windows Media Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001380.html

JVNDB-2010-001379 Microsoft Windows の MPEG Layer-3 オーディオコーデックにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001379.html

JVNDB-2010-001378 Microsoft Windows の Media Services におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001378.html

JVNDB-2010-001377 Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001377.html

JVNDB-2010-001376 Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001376.html

JVNDB-2010-001375 Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001375.html

JVNDB-2010-001374 Microsoft Windows の SMB クライアントにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001374.html

JVNDB-2010-001373 Microsoft Windows の Cabinet File Viewer Shell Extension における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001373.html

JVNDB-2010-001372 Microsoft Windows の Authenticode Signature Verification における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001372.html

JVNDB-2010-001371 複数のアンチウィルス製品に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001371.html

JVNDB-2010-001203 x86_64 プラットフォーム上の Linux kernel の load_elf_binary 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001203.html

JVNDB-2010-001202 x86_64 および amd64 プラットフォーム上 Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001202.html

JVNDB-2010-001201 Linux Kernel の The ip6_dst_lookup_tail 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001201.html

JVNDB-2010-001199 Linux Kernel の do_pages_move 関数におけるカーネルメモリの情報が漏えいする脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001199.html

JVNDB-2010-001198 Linux kernel の ebtables モジュールにおけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001198.html

JVNDB-2010-001197 Linux kernel の print_fatal_signal 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001197.html

JVNDB-2010-001004 Linux kernel の e1000 ドライバにおけるパケットフィルタの制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001004.html

JVNDB-2009-002524 Linux kernel の ext4_decode_error 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002524.html

Month of PHP Security - Summary - 1st May - 10th May
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00057.html

Turnkey Innovations SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00058.html

Family Connections 2.2.3 Multiple Remote Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00056.html

SA00001-2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00055.html

XSS vulnerability in Advanced Poll
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00054.html

XSS vulnerability in EasyPublish CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00053.html

Vulnerabilities in Sebo - webstore
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00052.html

[ MDVSA-2010:093 ] mysql
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00051.html

rPSA-2010-0037-1 kernel
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00050.html

rPSA-2010-0036-1 openssl openssl-scripts
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00049.html

rPSA-2010-0034-1 ntp ntp-utils
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00048.html

New paper on using kernel hooking to bypass AV
http://isc.sans.org/diary.html?storyid=8773

Another round of WordPress Attacks
http://isc.sans.org/diary.html?storyid=8770

Vulnerability Note VU#943165: Apple Safari window object invalid pointer vulnerability
http://www.kb.cert.org/vuls/id/943165

MOPS-2010-020: Xinha WYSIWYG Plugin Configuration Injection Vulnerability
http://php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html

MOPS-2010-019: Serendipity WYSIWYG Editor Plugin Configuration Injection Vulnerability
http://php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html

Symantec Norton Internet Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023971.html

Trend Micro Internet Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023970.html

ZoneAlarm Extreme Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023969.html

Kaspersky Internet Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023968.html

Outpost Security Suite Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023967.html

F-Secure Internet Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023966.html

Panda Internet Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023965.html

CA Internet Security Suite Plus Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023964.html

BitDefender Total Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023963.html

avast! Internet Security Lets Local Users Bypass Anti-Malware Protection
http://securitytracker.com/alerts/2010/May/1023962.html

IBM WebSphere MQ Channel Control Process Can Be Crashed By Remote Authenticated Users
http://securitytracker.com/alerts/2010/May/1023961.html

Lexmark Printers HTTP Authorization Field Processing Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/May/1023960.html

Wireshark DOCSIS Dissector Lets Users Deny Service
http://securitytracker.com/alerts/2010/May/1023959.html

Aliens vs. Predator Denial of Service Vulnerabilities
http://secunia.com/advisories/39769/

HiWeb Wiesbaden Web 2.0 Social Network Freunde Community System "id" SQL Injection
http://secunia.com/advisories/39761/

HiWeb Wiesbaden Ruckwarts Auktionshaus Products "id" SQL Injection
http://secunia.com/advisories/39758/

HiWeb Wiesbaden Live Shopping Multi Portal System "artikel" SQL Injection
http://secunia.com/advisories/39718/

HiWeb Wiesbaden Shop - Lizenzsystem - Downloadsystem "id" SQL Injection
http://secunia.com/advisories/39696/

ESET Smart Security / NOD32 Antivirus LZH Processing Denial of Service
http://secunia.com/advisories/39736/

3Com H3C Products SSH Server Denial of Service Vulnerability
http://secunia.com/advisories/39785/

GNUStep Base "gdomap" Integer Overflow and Information Disclosure
http://secunia.com/advisories/39746/

eFront "chatrooms_ID" SQL Injection Vulnerability
http://secunia.com/advisories/39728/

Zolsoft Office Server Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39780/

Dolphin ELF Processing Memory Corruption Vulnerability
http://secunia.com/advisories/39692/

rPath update for ntp
http://secunia.com/advisories/39739/

rPath update for openssl
http://secunia.com/advisories/39743/

rPath update for kernel
http://secunia.com/advisories/39744/

3Com Switch Products SSH Server Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1105

ESET Smart Security and NOD32 Antivirus Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1104

Serendipity WYSIWYG Editor Security Bypass File Upload Issue
http://www.vupen.com/english/advisories/2010/1103

Xinha "xinha_read_passed_data()" Security Bypass File Upload Issue
http://www.vupen.com/english/advisories/2010/1102

eFront "chatrooms_ID" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1101

- PHP SQLite Extension Two Uninitialized Memory Vulnerabilities
http://www.vupen.com/english/advisories/2010/1100

DeluxeBB "memberid" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1099

- PHP Sysvshm Extension "shm_put_var()" Use-after-free Vulnerability
http://www.vupen.com/english/advisories/2010/1098

Apple Safari Parent Window Handling Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/1097

HP Mercury LoadRunner Agent Command Execution Vulnerability
http://www.vupen.com/english/advisories/2010/1096

BaoFeng Storm Playlist Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1095

PCRE Regular Expression Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1094

VMware View Data Processing Cross Site Sripting Vulnerability
http://www.vupen.com/english/advisories/2010/1093

Jaws "url" Parameter Processing Cross Site Sripting Vulnerability
http://www.vupen.com/english/advisories/2010/1092

Redhat Security Update Fixes teTeX Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1091

Redhat Security Update Fixes Kernel Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1090

rPath Security Update Fixes Kernel Local Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1089

rPath Security Update Fixes OpenSSL Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1088

rPath Security Update Fixes NTP Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1087

Ubuntu Security Update Fixes TeX Live Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1086

Ubuntu Security Update Fixes dvipng Array Indexing Vulnerabilities
http://www.vupen.com/english/advisories/2010/1085

SuSE Security Update Fixes Kernel Code Execution and DoS Issues
http://www.vupen.com/english/advisories/2010/1084

Multiple Hi Web Wiesbaden Rueckwaerts Auktion System Products 'cafe.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40035

Hi Web Wiesbaden Shop System 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40042

ESET Smart Security and NOD32 Antivirus Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39998

PHPKB Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/31279

aMSN SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/35507

Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37203

libESMTP NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/38528

libESMTP X.509 Certificate 'match_component()' Domain Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/38538

Irssi Denial of Service and SSL Hostname Verification Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/39377

MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
http://www.securityfocus.com/bid/38043

libmikmod Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/38114

Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478

MySQL Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/37297

MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
http://www.securityfocus.com/bid/37076

MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37075

Sun Java Runtime Environment XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35958

GNOME Evolution S/MIME Email Signature Verification Vulnerability
http://www.securityfocus.com/bid/33720

Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097

Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/35253

Alibaba Clone Multiple Products 'offers_buy.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/39832

GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38628

FUSE 'fusermount' Race Condition Vulnerability
http://www.securityfocus.com/bid/37983

Cacti 'export_item_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39653

Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35949

iScripts SocialWare Arbitrary File Upload and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/39787

RETIRED: Alibaba Clone Platinum Script 'offers_buy.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/39846

Multiple 3Com H3C Devices SSH Server Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40031

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935

Oracle Java SE and Java for Business CVE-2010-0847 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39071

Oracle Java SE and Java for Business CVE-2010-0848 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39078

Oracle Java SE and Java for Business JRE Trusted Method Chaining Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39065

Oracle Java SE and Java for Business CVE-2010-0085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39094

Oracle Java SE and Java for Business CVE-2010-0093 Remote Vulnerability
http://www.securityfocus.com/bid/39088

Oracle Java SE and Java for Business CVE-2010-0084 Remote Vulnerability
http://www.securityfocus.com/bid/39093

Oracle Java SE and Java for Business CVE-2010-0082 HotSpot Server Remote Vulnerability
http://www.securityfocus.com/bid/39085

Oracle Java SE and Java for Business CVE-2010-0095 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39086

Oracle Java SE and Java for Business CVE-2010-0088 Remote Java Runtime Environme Vulnerability
http://www.securityfocus.com/bid/39081

Oracle Java SE and Java for Business CVE-2010-0091 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39096

Oracle Java SE and Java for Business 'readMabCurveData()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39069

Oracle Java SE and Java for Business CVE-2010-0092 Remote Vulnerability
http://www.securityfocus.com/bid/39090

Oracle Java SE and Java for Business CVE-2010-0845 Remote HotSpot Server Vulnerability
http://www.securityfocus.com/bid/39089

Oracle Java SE and Java for Business CVE-2010-0837 Remote Vulnerability
http://www.securityfocus.com/bid/39072

Apple Safari 'window.parent.close()' Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39990

Moodle Prior to 1.9.8/1.8.12 Multiple Vulnerabilities
http://www.securityfocus.com/bid/39150

Pointdev IDEAL Migration & IDEAL Administration '.ipj' File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39729

Joomla! Newsfeeds Component 'feedid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39834

PHP 'sqlite_single_query()' and 'sqlite_array_query()' Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/40013

SAP MaxDB 'serv.exe' Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38769

Sun Java System Web Server WebDAV Unspecified Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37874

OpenX Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/37110

Oracle Java SE and Java for Business CVE-2010-0089 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39095

JBoss Java Class DeploymentFileRepository Directory Traversal Vulnerability
http://www.securityfocus.com/bid/21219

Oracle Java Runtime Environment 'HsbParser.getSoundBank()' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39559

Oracle Java SE and Java for Business CVE-2010-0090 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39091

Oracle Java SE and Java for Business Sound Component MIDI Stream Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39084

Oracle Java SE and Java for Business 'XNewPtr()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39083

Oracle Java SE and Java for Business CVE-2010-0850 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39082

Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39077

Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39075

Oracle Java SE and Java for Business CVE-2010-0849 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39073

Oracle Java SE and Java for Business CVE-2010-0839 Remote Sound Vulnerability
http://www.securityfocus.com/bid/39070

Oracle Java SE and Java for Business CVE-2010-0087 Remote Vulnerability
http://www.securityfocus.com/bid/39068

Oracle Java SE and Java for Business ImageIO 'JPEGImageReader' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39067

Oracle Java Runtime Environment 'JPEGImageEncoderImpl' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39062

AgentX++ 'AgentX::receive_agentx()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39564

Todd Miller Sudo 'sudoedit' Path Resolution Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39468

29o3 CMS 'LibDir' Parameter Multiple Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/40049

Hyplay '.asx' File Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40048

724CMS SQL 'ID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/40047

Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40045

OrangeHRM 2.5.0.4 Multiple Vulnerabilities
http://www.securityfocus.com/bid/40044

Family Connections 2.2.3 Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/40043

EasyPublish CMS URI Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40037

Xinha Dynamic Configuration Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40033

tekno.Portal 'makale.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40030

Dark Hart Portal 'include_path' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/40029

Live Shopping Multi Portal System 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40040

eFront 'ask_chat.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40032

Xitami '/AUX' Request Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40027

B2B Classic Script 'offers.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40034

Joomla! 'com_articleman' Component Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40026
ラベル:

1 件のコメント:

登録: コメントの投稿 (Atom)