+ Zimbra Collaboration Suite 6.0.7 released
http://www.zimbra.com/downloads/os-downloads.html
http://files2.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.7.pdf
+ RHSA-2010:0474-1: Important: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0474.html
Mozilla Developer Preview (1.9.3 Number 5) Now Available
http://developer.mozilla.org/devnews/index.php/2010/06/14/mozilla-developer-preview-1-9-3-number-5-now-available/
ALERT WEEKLY SUMMARY REPORT
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021776.1-1
Postfix 2.7.2 stable release candidate 1 released
http://mirror.postfix.jp/postfix-release/index.html
http://mirror.postfix.jp/postfix-release/official/postfix-2.7.2-RC1.HISTORY
PGXN Development Project Launches
http://www.postgresql.org/about/news.1212
Core Security Technologies : XnView MBM Processing Heap Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32893
Gentoo Linux : UnrealIRCd: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32892
MajorSecurity : Subdreamer CMS - SQL injection vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32898
Red Hat : Critical: flash-plugin security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32891
[ GLSA 201006-21 ] UnrealIRCd: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00156.html
[security bulletin] HPSBMA02537 SSRT010027 rev.2 - HP OpenView Network Node Manager (OV NNM), Re
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00152.html
JVNVU#466161 XML 署名の検証において認証回避が可能な問題
http://jvn.jp/cert/JVNVU466161/index.html
JVNDB-2010-001527 OpenSSL の EVP_PKEY_verify_recover 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001527.html
JVNDB-2010-001526 OpenSSL の Cryptographic Message Syntax (CMS) の実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001526.html
JVNDB-2010-001525 RHEL の yum-rhn-plugin における Red Hat Network プロファイルを閲覧される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001525.html
JVNDB-2010-001524 IBM DB2 の kuddb2 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001524.html
JVNDB-2010-001523 PostgreSQL における任意のパラメータ設定を削除される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001523.html
JVNDB-2010-001522 MySQL の DROP TABLE コマンドにおけるシンボリックリンク攻撃の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001522.html
JVNDB-2010-001521 Adobe Photoshop CS4 におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001521.html
JVNDB-2010-001333 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001333.html
JVNDB-2010-001332 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001332.html
JVNDB-2010-001331 複数の Oracle 製品の ImageIO コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001331.html
JVNDB-2010-001328 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001328.html
JVNDB-2010-001325 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001325.html
JVNDB-2010-001323 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001323.html
JVNDB-2010-001322 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001322.html
JVNDB-2010-001319 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001319.html
JVNDB-2010-001318 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001318.html
JVNDB-2010-001314 複数の Oracle 製品の HotSpot Server コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001314.html
iPhone 4 Order Security Breach Exposes Private Information
http://isc.sans.edu/diary.html?storyid=9001
TCP evasions for IDS/IPS
http://isc.sans.edu/diary.html?storyid=8989
Mastercard delivering cards with OTP device included
http://isc.sans.edu/diary.html?storyid=8992
Microsoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
http://isc.sans.edu/diary.html?storyid=8995
Apple releases advisory for Mac OS X - Multiple vulnerabilities discovered
http://isc.sans.edu/diary.html?storyid=8998
HTMLファイル添付の迷惑メールが横行、ウイルス感染の危険性も
ファイルを開くと“オンライン薬局”に誘導、怪しいリンクも隠されている
http://itpro.nikkeibp.co.jp/article/NEWS/20100616/349234/?ST=security
RHBA-2010:0472-1: strace bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0472.html
XnView Heap Overflow in Processing MBM Files Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jun/1024100.html
Fedora update for python
http://secunia.com/advisories/40194/
Python audioop Module Denial of Service Vulnerabilities
http://secunia.com/advisories/40148/
AnNoText AdvoMahn IDAutomation Barcode ActiveX Controls Insecure Methods
http://secunia.com/advisories/40228/
AnNoText AdvoAkte KeyHelp ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/40153/
buymyscripts.net Daily Inspirational Quotes Script "id" SQL Injection
http://secunia.com/advisories/40177/
buymyscripts.net Membership Site Script "id" Script SQL Injection
http://secunia.com/advisories/40172/
ardeaCore PHP Framework File Inclusion Vulnerability
http://secunia.com/advisories/40207/
SUSE update for Multiple Packages
http://secunia.com/advisories/40167/
XnView MBM Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/40141/
Red Hat update for java-1.6.0-ibm
http://secunia.com/advisories/40182/
Fedora update for kernel
http://secunia.com/advisories/40192/
Fedora update for moin
http://secunia.com/advisories/40190/
Fedora update for sendmail
http://secunia.com/advisories/40189/
Fedora update for sudo
http://secunia.com/advisories/40188/
w3m SSL Certificate NULL Character Processing Vulnerability
http://secunia.com/advisories/40134/
Gentoo update for unrealircd
http://secunia.com/advisories/40147/
PHORTAIL v1.2.1 XSS Vulnerability
http://securityreason.com/securityalert/7501
phpCommunity 2 2.1.8 Multiple Vulnerabilities (SQL Injection / Directory Traversal /XSS)
http://securityreason.com/securityalert/7500
CA PSFormX and WebScan ActiveX Controls Security Notice
http://securityreason.com/securityalert/7499
Hewlett-Packard OpenView NNM ovutil.dll getProxiedStorageAddress Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7498
Hewlett-Packard OpenView NNM ovwebsnmpsrv.exe Bad Option Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7497
Subdreamer CMS "categoryids" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1476
WowBB "var" Parameter Prorcessing Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1475
xpandedMedia Job Board "msg1" Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1474
buymyscripts.net Daily Inspirational Quotes Script SQL Injection Issue
http://www.vupen.com/english/advisories/2010/1473
buymyscripts.net Joke Website Script "keyword" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1472
buymyscripts.net e-Book Store "keyword" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1471
buymyscripts.net Membership Site Script "id" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1470
buymyscripts.net Lyrics Script Multiple SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1469
XnView MBM File Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1468
w3m OpenSSL NULL Character Certificate Spoofing Vulnerability
http://www.vupen.com/english/advisories/2010/1467
MyOWNspace File Download and Local File Inclusion Vulnerabilities
http://www.vupen.com/english/advisories/2010/1466
UTStats SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1465
Digital Interchange Calendar "intDivisionID" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1464
Real-time ASP Calendar "dt" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1463
Eyeland Studio "id" Parameter Remote SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1462
Digital Interchange Document Library SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1461
VU Web Visitor Analyst "password" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1460
BrightSuite Groupware "ContactID" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1459
Infront "newsid" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1458
BDSMIS TraX "catid" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1457
PHP Planner SQL Injection and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2010/1456
E-Php B2B Marketplace SQL Injection and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2010/1455
Redhat Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1454
Redhat Security Update Fixes Flash Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1453
Fedora Security Update Fixes Sudo Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/1452
Fedora Security Update Fixes Sendmail Certificate Spoofing Vulnerability
http://www.vupen.com/english/advisories/2010/1451
Fedora Security Update Fixes Moin Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1450
Fedora Security Update Fixes Kernel Two Local Vulnerabilities
http://www.vupen.com/english/advisories/2010/1449
Fedora Security Update Fixes Multiple Python Vulnerabilities
http://www.vupen.com/english/advisories/2010/1448
SuSE Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1447
Gentoo Security Update Fixes UnrealIRCd Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1446
HP MFP Digital Sending Software Local Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/40147
Free Realty 'agentadmin.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/39712
TCExam 'admin/code/tce_functions_tcecode_editor.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40511
Todd Miller Sudo 'secure path' Security Bypass Vulnerability
http://www.securityfocus.com/bid/40538
SquirrelMail Form Submissions Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/36196
Multiple Adobe Products Unspecified Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/38198
SquirrelMail Prior to 1.4.18 Multiple Vulnerabilities
http://www.securityfocus.com/bid/34916
Adobe Flash Player and AIR (CVE-2010-0187) Unspecified Denial of Service Vulnerability
http://www.securityfocus.com/bid/38200
cURL/libcURL CURLOPT_ENCODING Option Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38162
LibTIFF FAX3 Decoder Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40823
MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities
http://www.securityfocus.com/bid/37749
MIT Kerberos KDC 'handle_tgt_authdata()' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38260
MIT Kerberos 'src/kdc/do_tgs_req.c' Ticket Renewal Double Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/39599
CUPS File Descriptors Handling Use-After-Free Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38510
Linux Kernel Ext4 'move extents' ioctl Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37277
Linux Kernel 'find_keyring_by_name()' Local Memory Corruption Vulnerability
http://www.securityfocus.com/bid/39719
Linux Kernel Btrfs Cloned File Security Bypass Vulnerability
http://www.securityfocus.com/bid/40241
Linux Kernel ReiserFS Security Bypass Vulnerability
http://www.securityfocus.com/bid/39344
Linux Kernel RTL8169 NIC 'RxMaxSize' Frame Size Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37521
Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38045
Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40490
File Sharing Wizard 'Content-Length' Header Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40866
UnrealIRCd Backdoor Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/40820
Cacti 'rra_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/40149
Python 'audioop' Module Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40370
Python 'audioop' Module Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40863
Adobe Flash Player and AIR (CVE-2010-2187) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40797
Adobe Flash Player and AIR (CVE-2010-2189) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40799
Adobe Flash Player and AIR (CVE-2010-2185) Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40806
Adobe Flash Player and AIR (CVE-2010-2188) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40798
Adobe Flash Player (CVE-2010-2186) Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40786
Adobe Flash Player (CVE-2010-2181) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40792
Adobe Flash Player and AIR (CVE-2010-2184) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40796
Adobe Flash Player and AIR (CVE-2010-2182) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40794
Adobe Flash Player (CVE-2010-2183) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40793
Adobe Flash Player and AIR (CVE-2010-2180) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40791
Adobe Flash Player (CVE-2010-2172) Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40795
Adobe Flash Player and AIR (CVE-2010-2173) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40800
Adobe Flash Player and AIR URI Parsing Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/40808
Adobe Flash Player and AIR (CVE-2010-2174) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40805
Adobe Flash Player and AIR (CVE-2010-2178) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40790
Adobe Flash Player and AIR (CVE-2010-2176) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40787
Adobe Flash Player and AIR (CVE-2010-2177) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40788
Adobe Flash Player and AIR (CVE-2010-2175) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40785
PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38708
MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40235
FUSE 'fusermount' Race Condition Vulnerability
http://www.securityfocus.com/bid/37983
memcached Memory Consumption Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39577
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37368
ncpfs Multiple Local Vulnerabilities
http://www.securityfocus.com/bid/38563
Pango Glyph Definition Table Denial of Service Vulnerability
http://www.securityfocus.com/bid/38760
Reductive Labs Puppet '/tmp' Insecure File Permissions Vulnerabilities
http://www.securityfocus.com/bid/38474
OpenSSL 'bn_wexpend()' Error Handling Unspecified Vulnerability
http://www.securityfocus.com/bid/38562
Adobe Flash Player (CVE-2010-2170) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40789
Adobe Flash Player and AIR (CVE-2010-2171) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40784
Adobe Flash Player and AIR (CVE-2010-2169) Invalid Pointer Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40807
Adobe Flash Player and AIR (CVE-2010-2165) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40782
Adobe Flash Player and AIR (CVE-2010-2166) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40783
Adobe Flash Player and AIR Image Processing Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40780
Adobe Flash Player (CVE-2010-2163) Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/40803
Adobe Flash Player (CVE-2010-2167) Multiple Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40802
Mozilla Firefox/Thunderbird/SeaMonkey 'nsIContentPolicy' Security Bypass Vulnerability
http://www.securityfocus.com/bid/39479
TeX Live '.dvi' File Parsing Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39966
dvipng '.dvi' File Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39969
TeX Live DVI Font Data Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39981
TeX Live 'dospecial.c' '.dvi' File Parsing Integer Overflow Vulnerability
http://www.securityfocus.com/bid/39500
TeX Live '.dvi' File Parsing (CVE-2010-0827) Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39971
Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37203
Adobe Flash Player and AIR (CVE-2010-2160) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40779
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
Sun Java Runtime Environment XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/35958
Adobe Flash Player, Acrobat Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40586
Adobe Flash Player (CVE-2010-2161) Memory Index Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40781
IDAutomation Barcode ActiveX Controls Multiple Arbitrary File Overwrite Vulnerabilities
http://www.securityfocus.com/bid/29204
Adobe Flash Player (CVE-2009-3793) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40809
Adobe Flash Player (CVE-2010-2162) Heap Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40801
Adobe Flash Player SWF Version Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/31537
Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37366
Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
http://www.securityfocus.com/bid/36867
Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35769
Mozilla Firefox MFSA 2009-47, -48, -49, -50, -51 Multiple Vulnerabilities
http://www.securityfocus.com/bid/36343
Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability
http://www.securityfocus.com/bid/36851
Mozilla Thunderbird Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38831
Mozilla SeaMonkey Scriptable Plugin Content Security Bypass Vulnerability
http://www.securityfocus.com/bid/38830
Microsoft Excel 'DBQueryExt' ActiveX Data Object (ADO) Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40531
Microsoft Excel RTD Records Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40525
Microsoft Excel Real Time Data (RTD) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40524
Microsoft Excel SxView Record Parsing Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40523
Microsoft Excel CVE-2010-0821 'SxView' Record Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40518
0 件のコメント:
コメントを投稿