APSB10-12: Security update available for Shockwave Player
http://www.adobe.com/support/security/bulletins/apsb10-12.html
APSB10-11: Security update: Hotfixes available for ColdFusion
http://www.adobe.com/support/security/bulletins/apsb10-11.html
HS10-006: Collaboration - Common Utilityにおけるスタックオーバーフローの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-006/index.html
US-CERT Technical Cyber Security Alert TA10-131A -- Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2010-05/msg00000.html
PUBLIC ADVISORY: 05.11.10: Abobe Shockwave Player Heap Memory Indexing Vulnerability
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=869
2010年5月 Microsoft セキュリティ情報 (緊急 2件含) に関する注意喚起
http://www.jpcert.or.jp/at/2010/at100012.txt
JPCERT/CC WEEKLY REPORT 2010-05-12
http://www.jpcert.or.jp/wr/2010/wr101701.html
JVNTA10-131A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA10-131A/index.html
JVNVU#943165 Apple Safari における window オブジェクトの処理に脆弱性
http://jvn.jp/cert/JVNVU943165/index.html
JVN#92854093 Movable Type におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN92854093/index.html
JVNDB-2010-001156 Internet Explorer において VBScript および Windows Help を使用する際に任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001156.html
JVNDB-2009-002397 Microsoft Windows の kernel における SMB 応答パケットの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002397.html
JVNDB-2010-001410 Oracle E-Business Suite の Oracle iStore コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001410.html
JVNDB-2010-001409 Oracle E-Business Suite の Oracle Application Object Library コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001409.html
JVNDB-2010-001408 Oracle Collaboration Suite の User Interface コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001408.html
JVNDB-2010-001407 Oracle Fusion Middleware の Portal コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001407.html
JVNDB-2010-001406 Oracle Fusion Middleware の Portal コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001406.html
JVNDB-2010-001405 Oracle Fusion Middleware の Portal コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001405.html
JVNDB-2010-001404 Oracle Fusion Middleware の Oracle Internet Directory コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001404.html
JVNDB-2010-001403 Oracle Database の Audit コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001403.html
JVNDB-2010-001402 Oracle Database の Change Data Capture コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001402.html
JVNDB-2010-001401 Oracle Database の XML DB コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001401.html
JVNDB-2010-001400 Oracle Database の JavaVM コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001400.html
JVNDB-2010-001399 Oracle Database の XML DB コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001399.html
JVNDB-2010-001398 Oracle Database の JavaVM コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001398.html
JVNDB-2010-001397 Oracle Database の Core RDBMS コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001397.html
JVNDB-2010-001396 複数の Oracle 製品の Oracle Internet Directory コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001396.html
JVNDB-2010-000017 Movable Type におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000017.html
HP OpenView Network Node Manager Unspecified Bugs Let Remote Users Execute Arbitrary Commands
http://securitytracker.com/alerts/2010/May/1023976.html
+ 2010 年 5 月のセキュリティ情報
http://www.microsoft.com/japan/technet/security/bulletin/ms10-may.mspx
+ MS10-030: Outlook Express および Windows メールの脆弱性により、リモートでコードが実行される (978542)
http://www.microsoft.com/japan/technet/security/bulletin/ms10-030.mspx
+ MS10-031: Microsoft Visual Basic for Applications (VBA) の脆弱性により、リモートでコードが実行される (978213)
http://www.microsoft.com/japan/technet/security/bulletin/ms10-031.mspx
+ Samba 3.4.8 Available for Download
http://samba.org/samba/history/samba-3.4.8.html
+ MOPS-2010-021: PHP fnmatch() Stack Exhaustion Vulnerability
http://php-security.org/2010/05/11/mops-2010-021-php-fnmatch-stack-exhaustion-vulnerability/index.html
- MS09-061: Microsoft .NET 共通言語ランタイムの脆弱性により、リモートでコードが実行される (974378)
http://www.microsoft.com/japan/technet/security/bulletin/MS09-061.mspx
HPSBMA02522 SSRT100086 rev.1 - HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02114879
HPSBMA02520 SSRT100071 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Unauthorized Access to Data
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02085876
HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02153379
Microsoft Security Bulletin Summary for May 2010
http://www.microsoft.com/technet/security/bulletin/ms10-may.mspx
Microsoft Security Bulletin MS10-031 - Critical: Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213)
http://www.microsoft.com/technet/security/Bulletin/MS10-031.mspx
Microsoft Security Bulletin MS10-030 - Critical: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542)
http://www.microsoft.com/technet/security/Bulletin/MS10-030.mspx
Debian : New vlc packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32529
Debian : New mplayer packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32530
Microsoft : Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32535
Microsoft : Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32536
High-Tech Bridge SA : XSS vulnerability in EasyPublish CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32531
High-Tech Bridge SA : XSS vulnerability in Advanced Poll
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32532
[security bulletin] HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00071.html
XSS in Saurus CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00062.html
XSS in DynamiXgate Affiliate Store Builder
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00067.html
{PRL} Microsoft Windows Outlook Express and Windows Mail Integer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00066.html
[SECURITY] [DSA 2044-1] New mplayer packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00059.html
[SECURITY] [DSA 2043-1] New vlc packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00070.html
29o3 CMS (LibDir) Multiple Remote File Inclusion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00061.html
[ MDVSA-2010:090-1 ] samba
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00065.html
[security bulletin] HPSBMA02528 SSRT100106 rev.1 - HP Performance Center Agent on Windows, Remote Unauthenticated Arbitrary Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-05/msg00069.html
Visual Basic for Applications Single-Byte Stack Overwrite Vulnerability
http://secunia.com/advisories/39663/
DynamiXgate Affiliate Store Builder Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39772/
IBM HTTP Server Multiple Vulnerabilities
http://secunia.com/advisories/39781/
Serendipity Xinha Configuration Variable Overwrite Vulnerabilities
http://secunia.com/advisories/39783/
Xinha Configuration Variable Overwrite Vulnerabilities
http://secunia.com/advisories/39782/
Debian update for vlc
http://secunia.com/advisories/39789/
Advanced Poll "mysql_host" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/39768/
Debian update for mplayer
http://secunia.com/advisories/39794/
Outlook Express / Windows Mail STAT Response Integer Overflow
http://secunia.com/advisories/39766/
Mereo Directory Traversal Vulnerability
http://secunia.com/advisories/39723/
SUSE update for Multiple Packages
http://secunia.com/advisories/39771/
Cisco IronPort Desktop Flag Plug-in for Outlook May Fail to Encrypt Certain E-Mail Messages
http://securitytracker.com/alerts/2010/May/1023977.html
Microsoft Office Memory Corruption Error in VBE6.DLL Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/May/1023975.html
Microsoft Visual Basic for Applications Memory Corruption Error in VBE6.DLL Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/May/1023974.html
Windows Mail Integer Overflow in Processing POP3/IMAP Responses Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/May/1023973.html
Microsoft Outlook Express Integer Overflow in Processing POP3/IMAP Responses Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/May/1023972.html
RHBA-2010:0406-1: up2date bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0406.html
RHBA-2010:0407-1: up2date bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0407.html
Microsoft VBA and Office Stack Memory Corruption Vulnerability (MS10-031)
http://www.vupen.com/english/advisories/2010/1121
29o3 CMS "LibDir" Parameter Remote File Inclusion Vulnerabilities
http://www.vupen.com/english/advisories/2010/1120
e-webtech "id" Parameter Handling Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1119
Family Connections Multiple Parameter SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1118
tekno.Portal "id" Parameter Remote SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1117
Netvidade "id" Parameter Remote SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1116
Tadbir CMS File Editor and Manager Arbitrary Upload Vulnerability
http://www.vupen.com/english/advisories/2010/1115
Waibrasil "conteudo" Parameter Remote File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/1114
Debian Security Update Fixes MPlayer Integer Underflow Vulnerability
http://www.vupen.com/english/advisories/2010/1113
Debian Security Update Fixes VLC Integer Underflow Vulnerability
http://www.vupen.com/english/advisories/2010/1112
Microsoft Outlook Express and Windows Mail Integer Overflow (MS10-030)
http://www.vupen.com/english/advisories/2010/1111
Fedora Security Update Fixes Irssi Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2010/1110
Fedora Security Update Fixes aMSN Improper SSL Validation Issue
http://www.vupen.com/english/advisories/2010/1109
Fedora Security Update Fixes Sahana Authentication Bypass Issue
http://www.vupen.com/english/advisories/2010/1108
SuSE Security Update Fixes Code Execution and Security Bypass
http://www.vupen.com/english/advisories/2010/1107
Mandriva Security Update Fixes Samba Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1106
Apple Safari 4.0.5 parent.close() (memory corruption) 0day Code Execution Exploit
http://www.exploit-db.com/exploits/12573
May 2010 Microsoft Patches
http://isc.sans.org/diary.html?storyid=8776
GNU TAR and CPIO safer_name_suffix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/26445
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38628
Microsoft Visual Basic for Applications Text Parsing Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39931
HP OpenView Network Node Manager 'getnnmdata.exe' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40071
HP OpenView Network Node Manager 'getnnmdata.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40070
HP OpenView Network Node Manager (CVE-2010-1552) 'doLoad()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40068
HP OpenView Network Node Manager (CVE-2010-1551) '_OVParseLLA()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40067
HP OpenView Network Node Manager 'getnnmdata.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40072
HP OpenView Network Node Manager ovet_demandpoll Format String Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40065
CouchDB Message Digest Verification Security Bypass Vulnerability
http://www.securityfocus.com/bid/39116
Microsoft Outlook Express And Windows Mail Common Library Integer Overflow Vulnerability
http://www.securityfocus.com/bid/39927
RETIRED: Microsoft Windows Outlook Express and Windows Mail Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40052
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Samba 'mount.cifs' Utility Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37992
RETIRED: Samba 'mount.cifs' Utility Symlink Attack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39898
Apache 'mod_isapi' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38494
Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability
http://www.securityfocus.com/bid/29653
Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35949
Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
http://www.securityfocus.com/bid/35251
Apache 'mod_deflate' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35623
Apache mod_proxy_ftp Module NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/36260
Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
http://www.securityfocus.com/bid/35221
Apache mod_proxy_ftp Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/36254
Apache 'mod_proxy_ftp' Wildcard Characters Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/30560
Apache 'mod_proxy_ftp' Undefined Charset UTF-7 Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/27234
Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/35253
phpscripte24 Vor und Rueckwaerts Auktions System 'id_auk' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39269
Date & Sex Vor und Rueckwaerts Auktions System 'auktion_text.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/39835
HP LoadRunner Agent 'magnetproc.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39965
MPlayer and VLC Player Real Data Transport Remote Integer Underflow Vulnerability
http://www.securityfocus.com/bid/35821
OpenSSL 'dtls1_retrieve_buffered_fragment()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38533
OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/38562
Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38326
Adobe Shockwave Player PAMI Chunk Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40079
Adobe Shockwave Player Director File Parsing Invalid Offset Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40078
Adobe Shockwave Player 3D Object Parsing Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40077
Adobe Shockwave Player 'DIRAPI.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40076
Visitor Data Component for Joomla! 'X-Forwarded-For' Header Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/40075
Adobe ColdFusion (CVE-2010-1294) Unspecified Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40074
Adobe ColdFusion (CVE-2010-1293) Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40073
Adobe ColdFusion (CVE-2009-3467) Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40069
Adobe Shockwave Player APSB10-12 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/40066
Cisco IronPort Desktop Flag Plug-in for Outlook Send Secure Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40061
Saurus CMS 'edit.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40059
Affiliate Store Builder 'edit_cms.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/40058
724CMS SQL 'section.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40055
724CMS 'section.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/40054
0 件のコメント:
コメントを投稿