Jakarta BSF 3.1 released
http://jakarta.apache.org/site/news/news-2010-q2.html#20100624.1
Twitter、プライバシー侵害問題でFTCと和解へ
http://itpro.nikkeibp.co.jp/article/NEWS/20100625/349605/?ST=security
JVN#67120749 ActiveGeckoBrowser における複数の脆弱性
http://jvn.jp/jp/JVN67120749/index.html
JVN#17293765 一太郎シリーズにおける任意のコードが実行される脆弱性
http://jvn.jp/jp/JVN17293765/index.html
JVN#82465391 e-Pares におけるクロスサイトリクエストフォージェリの脆弱性
http://jvn.jp/jp/JVN82465391/index.html
JVN#58439007 e-Pares におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN58439007/index.html
JVN#36925871 e-Pares におけるセッション固定の脆弱性
http://jvn.jp/jp/JVN36925871/index.html
MySQL Connector/J 5.1.13 Has Been Released!
http://dev.mysql.com/downloads/connector/j/5.1.html
[ANNOUNCE] Warning: End-of-Support for 7.4, 8.0
http://wiki.postgresql.org/wiki/PostgreSQL_Release_Support_Policy
[ANNOUNCE] Slony-I 2.0.4 released
http://www.slony.info/
APSB10-15: Security Advisory for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb10-15.html
Thunderbird 3.1 is now available for free download
https://developer.mozilla.org/devnews/index.php/2010/06/24/thunderbird-3-1-is-now-available-for-free-download/
Lightning 1.0 beta2 released
http://www.mozilla.org/projects/calendar/lightning/download.html
Mozilla Delivers Thunderbird 3.1 Upgrade to Millions of Users
http://www.mozillamessaging.com/en-US/about/press/archive/-01
SUN ALERT WEEKLY SUMMARY REPORT
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021776.1-1
Warning: End of support for 7.4, 8.0
http://www.postgresql.org/about/news.1214
Mandriva : pulseaudio
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32966
Mandriva : firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32967
Core Security Technologies : Novell iManager Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32969
CYBSEC : InterScan Web Security 5.0 Local Privilege Escalation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32970
CYBSEC : InterScan Web Security 5.0 Arbitrary File Upload
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32971
CYBSEC : InterScan Web Security 5.0 Arbitrary File Download
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32972
DcLabs : Weborf Vulnerability Report
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32974
Hewlett-Packard : HP OpenView SNMP Emanate Master Agent Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthor
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32975
共通セキュリティ設定一覧CCE概説
http://www.ipa.go.jp/security/vuln/CCE.html
プレス発表
「第 6 回 IPA 情報セキュリティ標語・ポスターコンクール」の募集開始
~日韓共同による小中高校生の情報セキュリティ意識向上に向けた創作コンクール~
http://www.ipa.go.jp/about/press/20100624.html
[Suspected Spam]Vulnerabilities in Cimy Counter for WordPress
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00227.html
[ MDVSA-2010:126 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00225.html
SQL injection vulnerability in WebDB
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00224.html
SQL injection vulnerability in WebDB
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00223.html
XSS vulnerability in ForumCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00226.html
[ MDVSA-2010:125 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00222.html
[ MDVSA-2010:124 ] pulseaudio
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00221.html
CORE-2010-0316 - Novell iManager Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-06/msg00220.html
Help your competitor - Advise them of vulnerability
http://isc.sans.edu/diary.html?storyid=9064
2daybiz Photo Sharing Script Two Vulnerabilities
http://secunia.com/advisories/40327/
2daybiz Job Site Script Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/40301/
2daybiz Multi Level Marketing Software "nwsid" SQL Injection Vulnerability
http://secunia.com/advisories/40340/
2daybiz Freelance Script "pid" SQL Injection Vulnerability
http://secunia.com/advisories/40339/
2daybiz Matrimonial Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/40338/
2daybiz Web Template Software Multiple Vulnerabilities
http://secunia.com/advisories/40348/
2daybiz Real Estate Portal Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/40347/
Joomla E-portfolio Component Arbitrary File Upload Vulnerability
http://secunia.com/advisories/40251/
Mozilla Firefox Address Bar Spoofing Vulnerability
http://secunia.com/advisories/40283/
D-Link DIR-615 Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40238/
OpenEMR Two Script Insertion Vulnerabilities
http://secunia.com/advisories/40264/
Drupal Case Tracker Module Script Insertion and Security Bypass Vulnerabilities
http://secunia.com/advisories/40308/
Drupal Masquerade Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/40304/
VooDoo cIRCle OpenSSL Multiple Vulnerabilities
http://secunia.com/advisories/40345/
Novell iManager Two Vulnerabilities
http://secunia.com/advisories/40281/
HP-UX update for Kerberos
http://secunia.com/advisories/40346/
Fedora update for moodle
http://secunia.com/advisories/40352/
Vulnerability Note VU#251133: S2 NetBox allows unauthenticated HTTP access to node logs, backups, and employee photographs
http://www.kb.cert.org/vuls/id/251133
Grering card 2.2 SQL Injection Vulnerability
http://securityreason.com/securityalert/7531
Trend Micro InterScan Web Security Virtual Appliance Flaws Let Local Users Gain Elevated Privileges and Remote Users Upload/Download Arbitrary Files
http://securitytracker.com/alerts/2010/Jun/1024153.html
Novell iManager Bugs Let Remote Users Deny Service and Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jun/1024152.html
LibTIFF Integer Overflow in TIFFroundup() Lets Remote Users Execute Arbitary Code
http://securitytracker.com/alerts/2010/Jun/1024151.html
LibTIFF Incorrect Image Flipping Computation Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jun/1024150.html
LibTIFF Buffer Overflow in Processing EXIF Tags Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jun/1024149.html
2daybiz Online Classified Script "cid" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1587
getaphpsite Job Search "topic" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1586
2daybiz Video Community Portal "videoid" Cross Site Scripting Issue
http://www.vupen.com/english/advisories/2010/1585
getaphpsite Webring Script "cat" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1584
getaphpsite Top Sites Script "cat" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1583
2daybiz Social Community Script SQL Injection Vulnerabilities
http://www.vupen.com/english/advisories/2010/1582
2daybiz Job Search Engine Script "keyword" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1581
YBG Gallery for Joomla "catid" Parameter SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1580
Cornerstone CMS "id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1579
Pre Multi-Vendor Shopping Malls "prodid" SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1578
SoftComplex PHP Event Calendar Multiple Input Validation Vulnerabilities
http://www.vupen.com/english/advisories/2010/1577
BoatScripts Classifieds "ID" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1576
Novell iManager Buffer Overflow and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1575
HP-UX Security Update Fixes Multiple Kerberos Vulnerabilities
http://www.vupen.com/english/advisories/2010/1574
Trend Micro InterScan Web Security Virtual Appliance Vulnerabilities
http://www.vupen.com/english/advisories/2010/1573
F-Secure Policy Manager Server Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1572
Fedora Security Update Fixes Moodle Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1571
Mandriva Security Update Fixes PulseAudio Temporary Directory
http://www.vupen.com/english/advisories/2010/1570
Mandriva Security Update Fixes Libneon Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1569
NO-IP.com Dynamic DNS Update Client v2.2.1 "Request" Insecure Encoding Algorithm
http://www.exploit-db.com/exploits/14029/
Mozilla Firefox CVE-2010-1201 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41093
Mozilla Firefox and SeaMonkey Plugin Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41102
Mozilla Firefox/SeaMonkey Attachment With Content-Disposition HTTP Header Bypass Vulnerability
http://www.securityfocus.com/bid/41103
Mozilla Firefox CVE-2010-1202 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41094
Mozilla Firefox CVE-2010-1200 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41090
Mozilla Firefox 'jstracer.cpp' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41099
Mozilla Firefox/Thunderbird/SeaMonkey DOM Nodes Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41087
Mozilla Firefox/Thunderbird/SeaMonkey XSLT Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41082
Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33276
Mozilla Firefox Keyboard Focus Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40701
Mozilla Firefox Cross Document DOM Node Movement Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38952
Mozilla Firefox & SeaMonkey 'nsCycleCollector::MarkRoots()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41100
Cisco Unified MeetingPlace Web Conference Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/25237
LibTIFF 'TIFFroundup()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41011
LibTIFF Multiple Remote Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/35652
LibTIFF FAX3 Decoder Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40823
LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/35451
ISC DHCP Server Host Definition Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/35669
ISC DHCP Server "find_length()" Zero-Length Client Identifier Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40775
ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35668
Belitsoft E-portfolio Joomla! Component Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/40994
TeX Live '.dvi' File Parsing (CVE-2010-0827) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39971
RETIRED: TeX Live DVI Font Data Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39981
IsolSoft Support Center 'lang' Parameter Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/35997
Adobe Flash Player and AIR (CVE-2010-2169) Invalid Pointer Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40807
Adobe Flash Player and AIR URI Parsing Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/40808
Adobe Flash Player and AIR (CVE-2010-2173) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40800
Adobe Flash Player (CVE-2009-3793) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40809
Adobe Flash Player (CVE-2010-2183) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40793
Adobe Flash Player and AIR (CVE-2010-2180) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40791
Adobe Flash Player (CVE-2010-2181) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40792
Adobe Flash Player and AIR (CVE-2010-2182) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40794
Adobe Flash Player and AIR (CVE-2010-2188) ActionScript Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40798
Adobe Flash Player and AIR (CVE-2010-2178) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40790
Adobe Flash Player and AIR (CVE-2010-2176) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40787
Adobe Flash Player and AIR 'DefineBit' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40784
Adobe Flash Player (CVE-2010-2170) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40789
Adobe Flash Player, Acrobat Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40586
Adobe Flash Player and AIR (CVE-2010-2174) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40805
Adobe Flash Player and AIR (CVE-2010-2185) Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40806
Adobe Flash Player (CVE-2010-2162) Heap Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40801
Adobe Flash Player (CVE-2010-2167) Multiple Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40802
Adobe Flash Player (CVE-2010-2163) Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/40803
Adobe Flash Player and AIR (CVE-2010-2166) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40783
Adobe Flash Player and AIR (CVE-2010-2165) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40782
Adobe Flash Player and AIR (CVE-2010-2187) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40797
Adobe Flash Player and AIR (CVE-2010-2184) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40796
Adobe Flash Player (CVE-2010-2186) Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40786
Adobe Flash Player and AIR (CVE-2010-2177) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40788
Adobe Flash Player and AIR (CVE-2010-2175) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40785
Adobe Flash Player and AIR (CVE-2010-2160) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40779
Adobe Flash Player and AIR Image Processing Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40780
Adobe Flash Player (CVE-2010-2161) Memory Index Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40781
GNU gzip LZW Compression Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37886
Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
http://www.securityfocus.com/bid/40302
dvipng '.dvi' File Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39969
Microsoft Excel 'FEATHEADER' Record Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/36945
MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40235
MIT Kerberos 5 KAdminD Server RPC Type Conversion Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/24657
MIT Kerberos Administration Daemon RPC Library Free Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/24655
MIT Kerberos 5 KAdminD Server Rename_Principal_2_SVC() Function Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/24653
OpenSSL 'ssl3_get_record()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39013
OpenSSL 'EVP_PKEY_verify_recover()' Invalid Return Value Security Bypass Vulnerability
http://www.securityfocus.com/bid/40503
OpenSSL 'dtls1_retrieve_buffered_fragment()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38533
OpenSSL Cryptographic Message Syntax Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40502
BlazeVideo BlazeDVD Professional '.PLF' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/35918
PulseAudio Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/38768
RETIRED: phpBazarPicLib 'cat' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/41073
SmartISoft phpBazar 'picturelib.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/40546
Wincalc '.num' File Parsing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41136
Big Forum 'forum.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41135
S2 NetBox Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/41134
Big Forum Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/41133
Adobe Acrobat and Reader June 2010 Advance Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/41130
Twitter for iPhone Unspecified Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41129
Winstats '.fma' File Parsing Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41128
Fenrir ActiveGeckoBrowser Unspecified Denial Of Service Vulnerability
http://www.securityfocus.com/bid/41127
Lois Software WebDB Script Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/41124
2daybiz Job Site Script Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/41123
2daybiz B2B Portal Script 'companyinfo.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41122
Dynamic DNS Update Client Credentials Obfuscation Vulnerability
http://www.securityfocus.com/bid/41121
activeCollab 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/41120
AbleDating 'news.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41119
2daybiz Web Template Software SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/41118
2daybiz Real Estate Portal Script 'viewpropertydetails.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41117
AdaptCMS 'init.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/41116
2daybiz Photo Sharing Script 'freesearch.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41115
2daybiz Video Community Portal Script 'user-profile.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41114
D-LINK DIR-615 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/41113
I do not understand your comments... Could you plese use English.
返信削除