- Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly
http://www.exploit-db.com/exploits/13808/
- Buffer Overflow ActivePerl v5.8.8.817
http://www.exploit-db.com/exploits/13806/
InterScan VirusWall スタンダードエディション 6.02 Linux版 Patch 2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1424
Twitter、セキュリティ強化に向け独自の短縮URL「t.co」を今夏に導入
http://itpro.nikkeibp.co.jp/article/NEWS/20100610/348971/?ST=security
CA PSFormX and WebScan ActiveX Controls Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1414
McAfee Unified Threat Management Firewall Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2010/1413
Sophos Anti-Virus "savonaccessfilter.sys" Privilege Escalation Issue
http://www.vupen.com/english/advisories/2010/1412
IBM WebSphere Application Server Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1411
HP OpenView Network Node Manager Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2010/1410
Google Chrome Memory Corruption and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/1409
+ Sophos Anti-Virus 'NtQueryAttributesFile()' System Call Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/40715
Thunderbird 3.1 release candidate 2 available for download
http://developer.mozilla.org/devnews/index.php/2010/06/09/thunderbird-3-1-release-candidate-2-available-for-download/
http://www.mozillamessaging.com/en-US/about/press/archive/-01
Wireshark 1.2.9 Released
http://www.wireshark.org/docs/relnotes/wireshark-1.2.9.html
jetty 7.1.4.v20100609 released
http://svn.codehaus.org/jetty/jetty/branches/jetty-7/VERSION.txt
Cisco Security Advisory: Vulnerabilities in Cisco Unified Contact Center Express
http://www.cisco.com/warp/public/707/cisco-sa-20100609-uccx.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Vulnerabilities in Unified Contact Center Express
http://www.cisco.com/warp/public/707/cisco-amb-20100609-uccx.shtml
Cisco Security Advisory: Cisco Application Extension Platform Privilege Escalation Vulnerability
http://www.cisco.com/warp/public/707/cisco-sa-20100609-axp.shtml
Patch to revise installation packages for all currently available and shipping versions of Veritas Storage Foundation and High Availability Solutions for Windows
http://seer.entsupport.symantec.com/docs/355184.htm
Frequently Asked Questions (FAQ) for Keyless Feature Enablement in Storage Foundation HA 5.1
http://seer.entsupport.symantec.com/docs/352035.htm
SUN ALERT WEEKLY SUMMARY REPORT - Week of 16-Mar-2008 to 22-Mar-2008
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019117.1-1
Windows 2000とXP SP2のサポート終了迫る、「パッチは2010年7月まで」
セキュリティ的にはWindows 7を推奨、「移行する価値は十分にある」
http://itpro.nikkeibp.co.jp/article/NEWS/20100610/349021/?ST=security
WindowsやIEなどに34件の脆弱性、最大深刻度は「緊急」
セキュリティ情報は10件、修正パッチの適用が急務
http://itpro.nikkeibp.co.jp/article/NEWS/20100610/349040/?ST=security
JVNDB-2010-001511 PostgreSQL における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001511.html
JVNDB-2010-001510 PostgreSQL の bitsubstr 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001510.html
McAfee UTM Firewall Help Reflected Cross-Site Scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00118.html
CA20100608-01: Security Notice for CA PSFormX and WebScan ActiveX Controls
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00111.html
Cisco Security Advisory: Cisco Application Extension Platform Privilege Escalation Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00112.html
Cisco Security Advisory: Vulnerabilities in Cisco Unified Contact Center Express
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00110.html
[USN-950-1] MySQL vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00106.html
[MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00108.html
[MajorSecurity SA-069]Invision Power Board - stored Cross site Scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00113.html
[MajorSecurity SA-068]Anantasoft Gazelle CMS - change admin password via Cross-site Requ
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00115.html
VUPEN Security Research - Microsoft Windows Kernel "GetDCEx()" Memory Corruption Vulnerability (
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00116.html
VUPEN Security Research - Microsoft Office Excel EDG Heap Overflow Vulnerability (CVE-2010&#
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00102.html
VUPEN Security Research - Microsoft Office Excel ExternName Buffer Overflow Vulnerability (CVE&#
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00117.html
VUPEN Security Research - Microsoft Office Excel HFPicture Buffer Overflow Vulnerability (CVE
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00114.html
VUPEN Security Research - Microsoft Office Excel RTD Heap Corruption Vulnerability (CVE-2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00101.html
VUPEN Security Research - Microsoft Office Excel RTD Stack Overflow Vulnerability (CVE-2010&
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00105.html
VUPEN Security Research - Microsoft Office Excel SxView Memory Corruption Vulnerability (CVE-
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00103.html
VUPEN Security Research - Microsoft Office Excel WOPT Heap Corruption Vulnerability (CVE-201
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00107.html
VUPEN Security Research - Microsoft Office Excel OBJ Stack Overflow Vulnerability (CVE-2010&
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00100.html
Dlink Di-604 router authenticated user ping tool Xss and DoS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00099.html
Adobe POC in the Wild
http://isc.sans.edu/diary.html?storyid=8932
Mass Infection of IIS/ASP Sites
http://isc.sans.edu/diary.html?storyid=8935
Best Practice to Prevent PDF Attacks
http://isc.sans.edu/diary.html?storyid=8938
SilverStripe File Renaming Security Issue
http://secunia.com/advisories/40095/
PhreeBooks Script Insertion and Local File Inclusion Vulnerabilities
http://secunia.com/advisories/40129/
CubeCart "shipKey" SQL Injection Vulnerability
http://secunia.com/advisories/40102/
Comodo Internet Security Kernel Hook "Argument Switching" Security Bypass
http://secunia.com/advisories/40094/
Rayzz Photoz "profileCommentTextArea" Script Insertion Vulnerability
http://secunia.com/advisories/40113/
IBM WebSphere Application Server for z/OS Multiple Vulnerabilities
http://secunia.com/advisories/40096/
MCLogin System "myusername" SQL Injection Vulnerability
http://secunia.com/advisories/40122/
odCMS Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/39942/
HP OpenView Network Node Manager Buffer Overflow Vulnerabilities
http://secunia.com/advisories/40101/
Fedora update for ircd-ratbox
http://secunia.com/advisories/40126/
Fedora update for ircd-hybrid
http://secunia.com/advisories/40125/
Fedora update for xinha
http://secunia.com/advisories/40124/
Fedora update for exim
http://secunia.com/advisories/40123/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/40072/
Cisco Application Extension Platform Tech Support Command Line Interface Lets Remote Authenticated Users Gain Administrative Privileges
http://securitytracker.com/alerts/2010/Jun/1024083.html
Cisco Unified Contact Center Express Directory Traversal Flaw Lets Remote Users View Arbitrary Files on the Target System
http://securitytracker.com/alerts/2010/Jun/1024082.html
Cisco Unified Contact Center Express CTI Server Bug Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Jun/1024081.html
0day Exploit for Adobe Flash and Reader PoC (from the wild)
http://www.exploit-db.com/exploits/13787/
Phreebooks Local File Inclusion and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1408
Pre Web Host "q" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1407
Image Store File Extension Handling Remote File Upload Vulnerability
http://www.vupen.com/english/advisories/2010/1406
Hotel / Resort Site Script "cat_id" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1405
EMO Realty Manager "cat1" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1404
FileNice "sstring" Parameter Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1403
Fedora Security Update Fixes Exim Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/1402
Fedora Security Update Fixes Xinha Security Bypass File Upload
http://www.vupen.com/english/advisories/2010/1401
Fedora Security Update Fixes ircd-hybrid/ircd-ratbox Vulnerabilities
http://www.vupen.com/english/advisories/2010/1400
Mandriva Security Update Fixes GNU C Library Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1399
IBM WebSphere Application Server 'addNode.log' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40699
WebKit IRC Port Blacklist Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40705
Content Management System module for PHProjekt 'path_pre' Remote File Include Vulnerability
http://www.securityfocus.com/bid/40545
SmartISoft phpBazar 'picturelib.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/40546
Visitor Logger 'banned.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/40469
phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/40506
log1 CMS Session Handling Remote Security Bypass and Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/40636
DDL CMS 'thanks.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/40567
Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38491
Apache 'mod_isapi' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/38494
Microsoft Excel 'ExternName' Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40527
Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40526
Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40520
Computer Associates PSFormX ActiveX Control Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/40494
Microsoft Excel EDG and Publisher Record Parsing Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40528
Microsoft Windows Kernel 'Win32k.sys' Data Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/40508
Microsoft Excel WOPT Record Parsing Heap Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40522
Microsoft Excel SxView Record Parsing Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40523
Microsoft Excel RTD Records Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40525
Microsoft Excel Real Time Data (RTD) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40524
Microsoft Internet Explorer Uninitialized Memory (CVE-2010-1259) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40410
Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/40257
Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40100
Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40106
MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
http://www.securityfocus.com/bid/39543
Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
http://www.securityfocus.com/bid/40109
WebKit Dragging or Pasting Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/40660
WebKit 'Node.normalize' Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40665
PG Auto Pro SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/40664
Webkit HTML Document Fragments Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40675
WebKit Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40661
WebKit Hover Event Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40662
Adobe Flash Player, Acrobat Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40586
Microsoft Excel CVE-2010-1251 Record Parsing Stack Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40529
Microsoft Excel CVE-2010-1252 String Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40530
Sophos Anti-Virus 'NtQueryAttributesFile()' System Call Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/40715
NCH Software Switch '.mpga' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40696
DMXReady Online Notebook Manager 'onlinenotebookmanager.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40692
Dlink Di-604 IP Textfield Size Cross-Site Scripting and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/40691
Joomla! JReservation Component Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/40690
Computer Associates WebScan ActiveX Control Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/40689
Virtual Real Estate Manager 'listing_detail.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40687
Invision Power Board Calendar Application HTML Injection Vulnerability
http://www.securityfocus.com/bid/40686
ImageStore HTTP Header Remote Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40685
Cisco Unified Contact Center Express CTI Messages Denial of Service Vulnerability
http://www.securityfocus.com/bid/40684
WebWiz Forum 'new_reply_form.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40683
Cisco Application Extension Platform CVE-2010-1572 Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/40682
Cisco Unified Contact Center Express Bootstrap Service Directory Traversal Vulnerability
http://www.securityfocus.com/bid/40680
odCMS Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/40678
eLMS Pro 'subscribe.php' SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/40677
GREEZLE - Global Real Estate Agent Login Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/40676
0 件のコメント:
コメントを投稿