「IE 8のフィルタ機能が10億件のマルウエアダウンロードを阻止」、MSが発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100726/350663/?ST=security
+ [FreeBSD-Announce] FreeBSD 8.1-RELEASE Available
http://www.freebsd.org/releases/8.1R/announce.html
http://www.freebsd.org/releases/8.1R/relnotes.html
http://www.freebsd.org/releases/8.1R/errata.html
+ [ANNOUNCEMENT] Apache HTTP Server 2.2.16 Released
http://www.apache.org/dist/httpd/Announcement2.2.html
http://www.apache.org/dist/httpd/CHANGES_2.2.16
+ DBI 1.613 released
http://search.cpan.org/~timb/DBI-1.613/
http://search.cpan.org/~timb/DBI/Changes#Changes_in_DBI_1.613_%28svn_r14271%29_22nd_July_2010
+ Dovecot 1.2.13 released
http://www.dovecot.org/list/dovecot-news/2010-July/000163.html
+ Suhosin Patch 0.9.10 released
http://www.hardened-php.net/suhosin/download.html#suhosin_patch_0.9.10
+ RHSA-2010:0556-1: Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2010-0556.html
+ RHSA-2010:0558-1: Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2010-0558.html
+ Linux Kernel CIFS Filesystem DNS Lookup Caching Bug Lets Local Users Poison the Cache
http://securitytracker.com/alerts/2010/Jul/1024241.html
+ SECURITY: CVE-2010-2068 (cve.mitre.org)
http://www.apache.org/dist/httpd/CHANGES_2.2.16
- HPSBUX02556 SSRT100014 rev.1 - rpc.ttdbserverを実行するHP-UX、任意コードのリモート実行
http://www11.itrc.hp.com/service/cki/docDisplay.do?docLocale=ja_JP&docId=emr_na-c02435328
- [ANN] Apache Tomcat 6.0.29 released
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html
- MySQL Community Server 5.1.49 has been released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
- Realloc Bug with X.509 certificates in GnuPG
http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html
Firefox 3.6.8 now available for download
https://developer.mozilla.org/devnews/index.php/2010/07/23/firefox-3-6-8-now-available-for-download/
http://mozilla.jp/firefox/3.6.8/releasenotes/
MFSA 2010-48: Dangling pointer crash regression from plugin parameter array fix
http://www.mozilla.org/security/announce/2010/mfsa2010-48.html
MFSA 2010-48: プラグイン引数配列問題の修正によるダングリングポインタクラッシュのリグレッション
http://www.mozilla-japan.org/security/announce/2010/mfsa2010-48.html
MySQL 5.1.50 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html
RHSA-2010:0557-1: Critical: seamonkey security update
http://rhn.redhat.com/errata/RHSA-2010-0557.html
Digital Security Research Group : DSECRG-09-040 - SAP Netweaver wsnavigator XSS Security Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33234
Digital Security Research Group : DSECRG-09-068 - SAP NetWaver SLD - multiple XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33235
Mandriva : MDVSA-2010:138 - iputils
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33225
Ubuntu Security Notice : USN-927-6 NSS vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33226
Ubuntu Security Notice : USN-927-7 nspr update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33227
Ubuntu Security Notice : USN-927-8 Thunderbird update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33228
Ubuntu Security Notice : USN-930-4 Firefox and Xulrunner vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33229
Ubuntu Security Notice : USN-930-5 ant, apturl, Epiphany, gluezilla, gnome-python-extras, liferea, mozvoikko, OpenJDK, packag
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33230
Ubuntu Security Notice : USN-957-1 Firefox and Xulrunner vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33231
「文書ファイルを開くだけでも被害」――Windowsのゼロデイ脆弱性
メールに添付されて送られてくる危険性大、修正パッチは未公開
http://itpro.nikkeibp.co.jp/article/NEWS/20100726/350657/?ST=security
JVNDB-2010-001721 Linux kernel における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001721.html
JVNDB-2010-001614 Microsoft Windows Help and Support Center に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001614.html
JVNDB-2010-001502 Microsoft Windows の Canonical Display Driver における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001502.html
JVNDB-2010-001053 Realnetworks RealPlayer における ASM RuleBook の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001053.html
[ MDVSA-2010:138 ] iputils
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00210.html
[USN-930-5] ant, apturl, Epiphany, gluezilla, gnome-python-extras, liferea, mozvoikk
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00207.html
[USN-930-4] Firefox and Xulrunner vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00208.html
[USN-927-8] Thunderbird update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00203.html
[USN-957-1] Firefox and Xulrunner vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00202.html
[USN-927-7] nspr update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00205.html
[USN-927-6] NSS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00209.html
[DSECRG-09-068] SAP NetWaver SLD - multiple XSS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00204.html
[DSECRG-09-040] SAP Netweaver wsnavigator XSS Security Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00201.html
Updated version of Mandiant's Web Historian
http://isc.sans.edu/diary.html?storyid=9265
Types of diary: One liners vs full diary
http://isc.sans.edu/diary.html?storyid=9250
GnuPG gpgsm bug
http://isc.sans.edu/diary.html?storyid=9253
Transmiting logon information unsecured in the network
http://isc.sans.edu/diary.html?storyid=9256
vBulletin vB 3.8.6 vulnerability
http://isc.sans.edu/diary.html?storyid=9238
LNK by any other name
http://isc.sans.edu/diary.html?storyid=9241
Mozilla Firefox Regression Error in Plugin Parameter Array Fix Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024243.html
Apple Safari AutoFill Discloses Potentially Sensitive Information to Remote Users
http://securitytracker.com/alerts/2010/Jul/1024242.html
Linux Kernel CIFS Filesystem DNS Lookup Caching Bug Lets Local Users Poison the Cache
http://securitytracker.com/alerts/2010/Jul/1024241.html
rekonq Error Page Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40646/
JBoss ESB Domain Context Security Issue
http://secunia.com/advisories/40568/
LILDBI-WEB Arbitrary File Upload Vulnerabilities
http://secunia.com/advisories/40671/
IBM Java Illegal UTF-8 Sequences Security Bypass
http://secunia.com/advisories/40710/
ZeeAdbox "bnnnerid" SQL Injection Vulnerability
http://secunia.com/advisories/40678/
Ubuntu update for firefox and xulrunner
http://secunia.com/advisories/40683/
Ubuntu update for firefox and xulrunner
http://secunia.com/advisories/40680/
WordPress myLinksDump Plugin "url" SQL Injection Vulnerability
http://secunia.com/advisories/40692/
Linux Kernel CIFS DNS Lookup Keyring Cache Poisoning Vulnerability
http://secunia.com/advisories/40691/
Fedora update for seamonkey
http://secunia.com/advisories/40708/
Fedora update for thunderbird and sunbird
http://secunia.com/advisories/40715/
Fedora update for thunderbird and sunbird
http://secunia.com/advisories/40706/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/40714/
Fedora update for firefox and xulrunner
http://secunia.com/advisories/40707/
Q2 Solutions ConnX - SQL Injection Vulnerability
http://securityreason.com/securityalert/7602
IBM AIX FTP Command Core Dump Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/1889
OpenTTD Commands Queuing Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1888
Pidgin "X-Status" Message Processing Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1887
Fedora Security Update Fixes Thunderbird and Sunbird Vulnerabilities
http://www.vupen.com/english/advisories/2010/1886
Fedora Security Update Fixes Firefox and Xulrunner Vulnerabilities
http://www.vupen.com/english/advisories/2010/1885
Fedora Security Update Fixes Bind Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1884
Fedora Security Update Fixes Seamonkey Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1883
Ubuntu Security Update Fixes krb5 Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1882
IBM AIX 5l FTPd Remote DES Hash Exploit
http://www.exploit-db.com/exploits/14456/
Mediacoder v0.7.3.4682 (.m3u) File Universal Buffer Overflow Exploit
http://www.exploit-db.com/exploits/14464/
Qt 'QTextEngine::LayoutData::reallocate()' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41873
Bitrix Site Manager Remote File Include Vulnerability
http://www.securityfocus.com/bid/13965
Intellectual Property Joomla! Component 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39495
Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution Vulnerability
http://www.securityfocus.com/bid/41732
Huru Helpdesk Joomla! Component 'cid[0]' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/39366
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Microsoft Internet Explorer 'onreadystatechange' Event Handler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39027
Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41872
Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41871
Multiple Browser JavaScript Engine 'Math.Random()' Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/33276
Mozilla Firefox CVE-2010-1200 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41090
Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41853
Mozilla Firefox and Thunderbird Character Mapping Security Weakness
http://www.securityfocus.com/bid/41866
Mozilla Firefox and SeaMonkey 'NodeIterator' Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41845
Mozilla Firefox CVE-2010-1201 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41093
Mozilla Firefox and Thunderbird 'SJOW' Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/41868
Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1211 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41859
Mozilla Firefox 'jstracer.cpp' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41099
Mozilla Firefox and SeaMonkey Plugin Parameters Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41842
Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41852
Mozilla Firefox CVE-2010-1202 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41094
Multiple Mozilla Products Script Filename Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41860
Mozilla Firefox and SeaMonkey DOM Cloning Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41849
Mozilla Firefox/Thunderbird/SeaMonkey DOM Nodes Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41087
Mozilla Firefox/SeaMonkey Attachment With Content-Disposition HTTP Header Bypass Vulnerability
http://www.securityfocus.com/bid/41103
Mozilla Firefox and SeaMonkey Plugin Object Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41102
Mozilla Firefox/Thunderbird/SeaMonkey XSLT Integer Overflow Vulnerability
http://www.securityfocus.com/bid/41082
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
Mozilla Firefox 'about:blank' Document URI Spoofing Vulnerability
http://www.securityfocus.com/bid/41055
Mozilla Firefox Keyboard Focus Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40701
Mozilla Firefox Cross Document DOM Node Movement Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/38952
Mozilla Firefox and Thunderbird Canvas Element Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41878
Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1212 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41865
ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/41730
SAP Netweaver 'wsnavigator' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/41925
IBM Java UTF8 Byte Sequences Security Bypass Vulnerability
http://www.securityfocus.com/bid/41918
libmikmod Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/41917
PhotoPost PHP 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41916
iputils 'ping.c' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/41911
ZEEWAYS ZeeMatri 'uploadsnaps.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/41910
LILDBI 'uploader.php' Remote File Upload Vulnerability
http://www.securityfocus.com/bid/41909
0 件のコメント:
コメントを投稿