+ RHSA-2010:0547-1: Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2010-0547.html
+ Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability
http://www.securityfocus.com/bid/41732
- UPDATE: マイクロソフト セキュリティ アドバイザリ (2286198): Windows シェルの脆弱性により、リモートでコードが実行される
http://www.microsoft.com/japan/technet/security/advisory/2286198.mspx
http://www.microsoft.com/technet/security/advisory/2286198.mspx
RHSA-2010:0546-1: Critical: seamonkey security update
http://rhn.redhat.com/errata/RHSA-2010-0546.html
RHSA-2010:0544-1: Moderate: thunderbird security update
http://rhn.redhat.com/errata/RHSA-2010-0544.html
脆弱性対策情報データベースJVN iPediaの登録状況
[2010年第2四半期(4月~6月)]
http://www.ipa.go.jp/security/vuln/report/JVNiPedia2010q2.html
デル、仮想化で防御力を高めたWebブラウザーを無償提供
http://itpro.nikkeibp.co.jp/article/NEWS/20100721/350481/?ST=security
正規表現を使用したキーワード6個以上の文字列検索方法
http://www.say-tech.co.jp/support/bom-for-windows/6/index.shtml
JVNDB-2008-001181 UnZip の NEEDBITS マクロにおける無効なバッファ領域を参照してしまう問題
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001181.html
JVNDB-2005-000874 UnZip のファイル解凍時におけるパーミッションの処理に競合状態の脆弱性
http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000874.html
Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code, Bypass Same-Domain Controls, and Spoof URLs
http://securitytracker.com/alerts/2010/Jul/1024229.html
Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs
http://securitytracker.com/alerts/2010/Jul/1024226.html
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024225.html
HP OpenView Network Node Manager Unspecified Bug Lets Remote Users Execute Arbitary Code
http://securitytracker.com/alerts/2010/Jul/1024224.html
SapGUI BI v7100.1.400.8 Heap Corruption Exploit
http://www.exploit-db.com/exploits/14416/
+ RHSA-2010:0542-1: Moderate: openldap security update
http://rhn.redhat.com/errata/RHSA-2010-0542.html
+ RHSA-2010:0543-1: Moderate: openldap security update
http://rhn.redhat.com/errata/RHSA-2010-0543.html
+ Microsoft DirectX DirectPlay Denial of Service Vulnerabilities
http://secunia.com/advisories/40636/
Firefox 3.6.7 and 3.5.11 security updates now available
http://developer.mozilla.org/devnews/index.php/2010/07/20/firefox-3-6-7-and-3-5-11-security-updates-now-available/
Thunderbird 3.1.1 and 3.0.6 security updates now available
http://developer.mozilla.org/devnews/index.php/2010/07/20/thunderbird-3-1-1-and-3-0-6-security-updates-now-available/
Thunderbird 3.1.1 and 3.0.6 Are Now Available
http://www.mozillamessaging.com/en-US/about/press/archive/-01
MFSA 2010-47 Cross-origin data leakage from script filename in error messages
http://www.mozilla.org/security/announce/2010/mfsa2010-47.html
MFSA 2010-46 Cross-domain data theft using CSS
http://www.mozilla.org/security/announce/2010/mfsa2010-46.html
MFSA 2010-45 Multiple location bar spoofing vulnerabilities
http://www.mozilla.org/security/announce/2010/mfsa2010-45.html
MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
MFSA 2010-43 Same-origin bypass using canvas context
http://www.mozilla.org/security/announce/2010/mfsa2010-43.html
MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
http://www.mozilla.org/security/announce/2010/mfsa2010-42.html
MFSA 2010-41 Remote code execution using malformed PNG image
http://www.mozilla.org/security/announce/2010/mfsa2010-41.html
MFSA 2010-40 nsTreeSelection dangling pointer remote code execution vulnerability
http://www.mozilla.org/security/announce/2010/mfsa2010-40.html
MFSA 2010-39 nsCSSValue::Array index integer overflow
http://www.mozilla.org/security/announce/2010/mfsa2010-39.html
MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
http://www.mozilla.org/security/announce/2010/mfsa2010-38.html
MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability
http://www.mozilla.org/security/announce/2010/mfsa2010-37.html
MFSA 2010-36 Use-after-free error in NodeIterator
http://www.mozilla.org/security/announce/2010/mfsa2010-36.html
MFSA 2010-35 DOM attribute cloning remote code execution vulnerability
http://www.mozilla.org/security/announce/2010/mfsa2010-35.html
MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
http://www.mozilla.org/security/announce/2010/mfsa2010-34.html
HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02290344
HPSBMA02557 SSRT100025 rev.1- HP OpenView Network Node Manager (OV NNM) Running on Windows, Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286088
[Dovecot-news] v2.0.rc3 released
http://www.dovecot.org/list/dovecot-news/2010-July/000162.html
Sudo 1.7.4b3 was released
http://www.sudo.ws/sudo/devel.html#1.7.4b3
MySQL 5.5.6 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html
Document ID: 355678: Veritas Storage Agent (vxvm) terminates unexpectedly on startup or addition of new disk
http://seer.entsupport.symantec.com/docs/355678.htm
Onapsis : SAP J2EE Web Services Navigator Cross-Site Scripting
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33181
Ubuntu Security Notice : USN-963-1 FreeType vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33178
Apple : APPLE-SA-2010-07-19-1 iTunes 9.2.1
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33179
[security bulletin] HPSBMA02425 SSRT080091 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00171.html
[USN-963-1] FreeType vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00170.html
CVE-2010-2384: Solaris wbem unsafe use of temporary files
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00169.html
CVE-2010-2382: Solaris nfslogd unsafe use of temporary files
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00168.html
CVE-2010-2382: Solaris flar unsafe use of temporary files
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00167.html
VMSA-2010-0012 VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00165.html
[SECURITY] [DSA 2072-1] New libpng packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00161.html
[ MDVSA-2010:137 ] freetype2
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00160.html
PoC for CVE-2010-1869 (ghostscript) and CVE-2010-1039 (rpc.pcnfsd)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00166.html
Windowsのゼロデイ攻撃を実行するウイルス見つかる、現在も修正パッチの提供なし
http://itpro.nikkeibp.co.jp/article/NEWS/20100720/350428/?ST=security
JVNDB-2010-001706 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001706.html
JVNDB-2010-001705 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001705.html
JVNDB-2010-001704 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001704.html
JVNDB-2010-001703 Adobe Reader および Acrobat における任意のローカルプログラムを実行させられる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001703.html
JVNDB-2010-001301 Linux Kernel の gfs2_lock または gfs_lock 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001301.html
JVNDB-2010-001195 Pango の hb_ot_layout_build_glyph_classes 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001195.html
JVNDB-2009-002200 Samba の smbd におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002200.html
JVNDB-2009-002199 Samba の mount.cifs における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002199.html
JVNDB-2009-002138 Apple Mac OS の SMB サブシステムにおけるファイル共有の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002138.html
eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AD20090710
iTunes buffer overflow vulnerability
http://isc.sans.edu/diary.html?storyid=9202
Truecrypt 7.0 released
http://isc.sans.edu/diary.html?storyid=9205
Lowering infocon back to green
http://isc.sans.edu/diary.html?storyid=9208
Firefox 3.6.7 is out!!
http://isc.sans.edu/diary.html?storyid=9214
Ubuntu update for freetype
http://secunia.com/advisories/40631/
NQcontent User Enumeration and "login" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40629/
IBM FileNet Content Manager "InheritParentPermissions" Security Issue
http://secunia.com/advisories/40614/
Novell Teaming Unspecified Code Execution Vulnerability
http://secunia.com/advisories/40673/
Debian update for libpng
http://secunia.com/advisories/40547/
VMware vCenter Update Manager Information Disclosure and Cross-Site Scripting
http://secunia.com/advisories/40577/
Haihaisoft PDF Reader ActiveX Control "URL" Property Buffer Overflow
http://secunia.com/advisories/40520/
Microsoft DirectX DirectPlay Denial of Service Vulnerabilities
http://secunia.com/advisories/40636/
Apple iTunes "itpc:" Handling Buffer Overflow
http://secunia.com/advisories/40660/
rpc.pcnfsd Remote Format String Exploit
http://securityreason.com/securityalert/7595
GhostScript PostScript File Stack Overflow Exploit
http://securityreason.com/securityalert/7594
Apple iTunes "itpc:" URL Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1853
Novell Teaming Unspecified Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/1852
Xinha "mode" Parameter Handling Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/1851
VMware vCenter Update Manager Jetty Information Disclosure Issues
http://www.vupen.com/english/advisories/2010/1850
OpenLDAP Memory Corruption and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1849
IBM AIX and VIOS ToolTalk "rpc.ttdbserver" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/1848
IBM FileNet Folders Inheritance "InheritParentPermissions" Weakness
http://www.vupen.com/english/advisories/2010/1847
Debian Security Update Fixes Libpng Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1846
Mandriva Security Update Fixes FreeType Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1845
SapGUI BI v7100.1.400.8 Heap Corruption Exploit
http://www.exploit-db.com/exploits/14416/
Hero DVD Buffer Overflow Exploit (meta)
http://www.exploit-db.com/exploits/14412/
Mozilla Firefox 'about:blank' Document URI Spoofing Vulnerability
http://www.securityfocus.com/bid/41055
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
Novell Teaming Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41795
Linux Kernel 'tipc' Module Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39120
Linux Kernel NFS Automount 'symlinks' Denial of Service Vulnerability
http://www.securityfocus.com/bid/39044
Linux Kernel 'find_keyring_by_name()' Local Memory Corruption Vulnerability
http://www.securityfocus.com/bid/39719
Linux Kernel 'sctp_process_unk_param()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39794
Linux Kernel PI Futex Invalid Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38165
Linux Kernel GFS2 File Attribute Security Bypass Vulnerability
http://www.securityfocus.com/bid/40356
Linux Kernel VM/VFS 'invalidatepage()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39569
Linux Kernel CVE-2010-0291 'mmap()' and 'mremap()' Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/37906
Oracle Solaris 'flar' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/41619
Avahi 'avahi-core/server.c' Multicast DNS Denial Of Service Vulnerability
http://www.securityfocus.com/bid/33946
Avahi 'avahi-core/socket.c' Zero Size Packet Denial Of Service Vulnerability
http://www.securityfocus.com/bid/41075
OpenLDAP 'modrdn' Request Multiple Vulnerabilities
http://www.securityfocus.com/bid/41770
OpenLDAP X.509 Certificate NULL Character Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36844
Oracle Solaris Management Console WBEM Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/41642
Oracle Solaris 'nfslogd' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/41637
HP OpenView Network Node Manager Remote Unspecified Code Execution Vulnerability
http://www.securityfocus.com/bid/34812
PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37333
Kayako eSupport 'functions.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41756
PostgreSQL JOIN Hashtable Size Integer Overflow Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38619
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/40215
PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37973
Customer Paradigm PageDirector 'result.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41196
Linux Kernel 'knfsd' 'current->mm' Modifier Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/40377
Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/35281
Linux Kernel for PowerPC KGDB '_PAGE_USER' Test Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/39798
Linux Kernel 'release_one_tty()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39480
Linux Kernel RTL8169 NIC 'RxMaxSize' Frame Size Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37521
FreeType Versions Prior to 2.4.0 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/41663
Hero DVD Player Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41423
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-34 Through -47 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/41824
Joomla! Administration Pages Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/41822
SAP J2EE Engine Core Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/41805
NQcontent CMS 'admin/index.cfm' Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/41799
0 件のコメント:
コメントを投稿