+ Microsoft Internet Explorer Frame Border Property Denial of Service Vulnerability
http://www.securityfocus.com/bid/41990
Firefox 4 Beta 2 now available for download
https://developer.mozilla.org/devnews/index.php/2010/07/27/firefox-4-beta-2-now-available-for-download/
http://www.mozilla.com/firefox/4.0b2/releasenotes/
HPSBMA02549 SSRT090158 rev.2 - HP Insight Control Power Management for Windows, Local Unauthorized Read Access to Data
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282361
SUN ALERT WEEKLY SUMMARY REPORT
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021776.1-1
Sudo 1.7.4rc1 was released
http://www.sudo.ws/sudo/devel.html#1.7.4rc1
(July 2010) Fixes for potential security vulnerabilities in Lotus Notes file viewers
http://www-01.ibm.com/support/docview.wss?uid=swg21440812
RHSA-2010:0565-1: Moderate: w3m security update
http://rhn.redhat.com/errata/RHSA-2010-0565.html
Document ID: 358006: The Windows Failover Cluster (WFC) Management Console displays incorrect volume information for Storage Foundation for Windows (SFW) 5.1 SP1 volumes that do not have a drive letter assigned. When viewing the volume properties, the Management Console will display foreign characters for the Drive Letter and will show an incorrect volume size.
http://seer.entsupport.symantec.com/docs/358006.htm
Document ID: 357880: The RHS.exe process in a Windows Server 2008 Failover Cluster (WFC) crashes unexpectedly when running Storage Foundation for Windows (SFW) 5.1 SP1. The crash dump output and information logged to the Application Event Log point to vxres.dll as the possible cause.
http://seer.support.veritas.com/docs/SFFW_index.htm
Mandriva : MDVSA-2010:139 - php
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33242
Mandriva : MDVSA-2010:140 - php
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33249
Red Hat : RHSA-2010:0565-01 Moderate: w3m security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33247
[ MDVSA-2010:141 ] samba
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00241.html
[ MDVSA-2010:140 ] php
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00240.html
TTVideo 1.0 Joomla Component SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00239.html
London DEFCON July meet - DC4420 - Wed 28th July 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00238.html
[MajorSecurity SA-079]PHPKIT WCMS - Multiple stored Cross Site Scripting Issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00237.html
[USN-964-1] Likewise Open vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00236.html
FuzzDiff tool
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00235.html
XSS vulnerability in Theeta CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00234.html
XSS vulnerability in Theeta CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00233.html
XSS vulnerability in SyndeoCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00232.html
XSS vulnerability in Theeta CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00231.html
XSS vulnerability in SyndeoCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00230.html
SQL injection vulnerability in Theeta CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00229.html
XSS vulnerability in SyndeoCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00228.html
Heap Overflow/DoS Vulnerability in Media Player Classic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00227.html
[USN-930-6] Firefox and Xulrunner vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00226.html
JVNDB-2010-001733 LibTIFF の OJPEGReadBufferFill 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001733.html
JVNDB-2010-001732 LibTIFF の TIFFroundup マクロにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001732.html
JVNDB-2010-001731 Cisco Industrial Ethernet 3000 シリーズに SNMP Community String がハードコードされている問題
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001731.html
JVNDB-2010-001730 libpng に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001730.html
JVNDB-2010-001729 Cisco Content Services Switch における HTTP Request Smuggling 攻撃の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001729.html
JVNDB-2010-001728 Cisco Content Services Switch における認証を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001728.html
SYM10-009: Security Advisories Relating to Symantec Products - Multi-Vendor Autonomy KeyView Filter Multiple Security Issues
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100727_01
HP Insight Orchestration for Windows Unauthorized Access Vulnerability
http://www.securiteam.com/windowsntfocus/5JP3G2020E.html
HP Insight Control Power Management for Windows Multiple Vulnerabilities
http://www.securiteam.com/windowsntfocus/5KP3H2020W.html
XnView MBM Processing Heap Overflow Vulnerability
http://www.securiteam.com/securitynews/5LP3I2020O.html
SyndeoCMS Script Insertion and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/40769/
PunBB Private messaging Extension "message_id" SQL Injection Vulnerability
http://secunia.com/advisories/40721/
Wing FTP Server SSH and Web Client Two Vulnerabilities
http://secunia.com/advisories/40731/
AKY Blog "id" SQL Injection Vulnerability
http://secunia.com/advisories/40746/
Fedora update for libvirt
http://secunia.com/advisories/40778/
libvirt iptables Rules and Disk Format Security Bypass
http://secunia.com/advisories/40758/
Joomla! TTVideo Component "cid" SQL Injection Vulnerability
http://secunia.com/advisories/40716/
PHPKIT Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/advisories/40754/
Nessus Web Server Plugin Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40722/
Ubuntu update for likewise-open
http://secunia.com/advisories/40736/
Likewise Open / Likewise-CIFS pam_lsass Logic Error Security Bypass
http://secunia.com/advisories/40725/
Fedora update for xulrunner
http://secunia.com/advisories/40757/
Fedora update for turba
http://secunia.com/advisories/40755/
SAP NetWeaver System Landscape Directory Component Cross-Site Scripting
http://secunia.com/advisories/40712/
Fedora update for pidgin
http://secunia.com/advisories/40764/
Fedora update for mysql
http://secunia.com/advisories/40762/
Fedora update for openttd
http://secunia.com/advisories/40760/
Fedora update for mingw32-libpng
http://secunia.com/advisories/40756/
Ubuntu update for thunderbird
http://secunia.com/advisories/40694/
Ubuntu update for firefox and xulrunner
http://secunia.com/advisories/40693/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/40743/
Responsible Disclosure or Full Disclosure?
http://isc.sans.edu/diary.html?storyid=9274
JBoss Seam Input Validation Flaw in Processing JBoss Expression Language Expressions Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Jul/1024253.html
w3m NULL Character Flaw in Common Name Field Lets Remote Users Spoof Certificates
http://securitytracker.com/alerts/2010/Jul/1024252.html
Nessus Web Server Input Validation Flaw Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Jul/1024248.html
PHPKIT WCMS - Multiple stored Cross Site Scripting
http://securityreason.com/securityalert/7613
PHPKIT WCMS - Reflected Cross Site Scripting Issue
http://securityreason.com/securityalert/7612
Vulnerabilities in SimpNews
http://securityreason.com/securityalert/7611
Joomla Music Manager Component LFI Vulnerability
http://securityreason.com/securityalert/7610
iScripts VisualCaster SQL Injection Vulnerability
http://securityreason.com/securityalert/7609
Microsoft Visual Studio 6.0 (VCMUTL.dll) 0day Unicode ActiveX Buffer Overflow
http://www.exploit-db.com/exploits/14487/
QQPlayer smi File Buffer Overflow Exploit
http://www.exploit-db.com/exploits/14482/
MC Content Manager SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1926
Visites for Joomla "mosConfig_absolute_path" File Inclusion Vulnerability
http://www.vupen.com/english/advisories/2010/1925
ZeeAdbox "bnnnerid" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1924
Joomdle for Joomla "course_id" Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1923
Google Chrome Memory Corruption and Information Disclosure Issues
http://www.vupen.com/english/advisories/2010/1922
Fujitsu Interstage Products HTTP Server Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1921
Fedora Security Update Fixes MinGW-Libpng Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1920
Fedora Security Update Fixes Xulrunner Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/1919
Fedora Security Update Fixes MySQL Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1918
Fedora Security Update Fixes Pidgin Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1917
Fedora Security Update Fixes OpenTTD Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/1916
Fedora Security Update Fixes Turba Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1915
Fedora Security Update Fixes Horde and IMP Information Disclosure
http://www.vupen.com/english/advisories/2010/1914
Ubuntu Security Update Fixes Likewise Open Password Expiration Issue
http://www.vupen.com/english/advisories/2010/1913
Ubuntu Security Update Fixes Firefox and Xulrunner Vulnerability
http://www.vupen.com/english/advisories/2010/1912
Ubuntu Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1911
Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41962
libvirt Multiple Local Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/41981
Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1211 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41859
Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41872
Multiple Mozilla Products Script Filename Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41860
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
Mozilla Firefox and SeaMonkey DOM Cloning Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41849
Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41853
Mozilla Firefox and Sea Monkey Location Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/41968
Mozilla Firefox/Thunderbird/SeaMonkey 'nsIContentPolicy' Security Bypass Vulnerability
http://www.securityfocus.com/bid/39479
Mozilla Firefox and SeaMonkey Plugin Parameters Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41842
Microsoft Internet Explorer Frame Border Property Denial of Service Vulnerability
http://www.securityfocus.com/bid/41990
Michelles L2J DropCalc I-Search.PHP SQL Injection Vulnerability
http://www.securityfocus.com/bid/22335
Mozilla Firefox Plugin Parameter Reference Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41933
Samba Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/40097
nuBuilder Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/41404
PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38708
PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/40948
CUPS Web Interface Unspecified Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/40889
CUPS Web Interface Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40897
CUPS File Descriptors Handling Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/37048
CUPS File Descriptors Handling Use-After-Free Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38510
CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability
http://www.securityfocus.com/bid/40943
W3M NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/40837
RETIRED: 4images 'command' Parameter Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/41974
Horde Turba Contact Manager '/imp/test.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/31168
Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40106
Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
http://www.securityfocus.com/bid/40109
Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40100
Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/41198
OpenTTD 'NetworkSyncCommandQueue()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/41804
OpenTTD Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/37487
OpenTTD Map Download File Descriptor Consumption Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39874
OpenTTD Spectator Company Password Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39871
OpenTTD Prior to 1.0.1 Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/39869
Libpurple MSN Protocol Custom Emoticons Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40138
Pidgin 'X-Status' Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/41881
Multiple Vendors Email Clients DNS prefetching Domain Name Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38046
Joomla Component Appointinator Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/42007
JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/41994
PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
http://www.securityfocus.com/bid/41991
Wing FTP Server Denial of Service Vulnerability and Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41987
Autonomy KeyView Filter Module Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/41928
0 件のコメント:
コメントを投稿