+? fix SplObjectStorage unserialization (CVE-2010-2225)
http://svn.php.net/viewvc?view=revision&revision=300843
PHP 5.2.14RC2, 5.3.3RC2 Released
http://qa.php.net/
Windows のヘルプとサポートセンターの未修正の脆弱性について
http://www.ipa.go.jp/security/ciadr/vul/20100705-windows.html
プレス発表サポートが終了するWindowsを利用しているシステム管理者への注意喚起
http://www.ipa.go.jp/about/press/20100705.html
コンピュータウイルス・不正アクセスの届出状況[6月分および上半期]について
http://www.ipa.go.jp/security/txt/2010/07outline.html
Python-cjson Unicode Character Encoding Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41279
Ubiquiti Networks AirOS Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/41272
+ Microsoft Internet Information Services Basic Authentication Security Bypass
http://secunia.com/advisories/40412/
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00012.html
http://www.vupen.com/english/advisories/2010/1681
FreeBSD 8.1-RC2 available
http://www.freebsd.org/news/newsflash.html#event20100702:01
Dovecot 2.0rc1 released
http://www.dovecot.org/list/dovecot-news/2010-July/000159.html
DataArchitect version 4.2 is now available
http://www.postgresql.org/about/news.1216
「ウイルスバスター2011(仮)ベータ版」のご案内に関するお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1441
Enhanced VMotion Compatibility (EVC) processor support
http://kb.vmware.com/selfservice/microsites/microsite.do?cmd=displayKC&docType=kc&externalId=1003212&sliceId=1&docTypeID=DT_KB_1_1
Independent Researcher : Directory Authentication Bypass by using I30 Index Allocation
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33042
Justin C. Klein Keane : Drupal Views Module Information Disclosure Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33040
SuSE : Linux kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33034
Virtual Security Research : Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33041
VUPEN Security : Zoph Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33043
Adobe Readerの「危険な仕様」対策は不十分――専門家が指摘
警告画面に「開く」ボタンを表示可能、クリックすると被害の恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20100705/349869/?ST=security
JVNDB-2010-001607 複数の Microsoft 製品の Excel ファイルにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001607.html
JVNDB-2010-001606 複数の Microsoft 製品の Excel ファイルにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001606.html
JVNDB-2010-001605 Microsoft Office Excel の Excel ファイルにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001605.html
JVNDB-2010-001604 Microsoft Office Excel の Excel ファイルにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001604.html
JVNDB-2010-001603 複数の Microsoft 製品の Excel ファイルにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001603.html
JVNDB-2010-001602 複数の Microsoft 製品の Excel ファイルにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001602.html
JVNDB-2010-001601 複数の Microsoft 製品の Excel ファイルにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001601.html
JVNDB-2010-001600 複数の Microsoft 製品の Excel ファイルにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001600.html
JVNDB-2010-001599 複数の Microsoft 製品の Excel ファイルにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001599.html
JVNDB-2010-001598 複数の Microsoft 製品の Excel ファイルにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001598.html
Zoph Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00013.html
VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabiliti
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00011.html
IIS5.1 Directory Authentication Bypass by using “:$I30:$Index_Allocation”
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00012.html
iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00010.html
iScripts ReserveLogic 1.0 SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00008.html
[SECURITY] [DSA 2066-1] New wireshark packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00007.html
DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00001.html
Vulnerabilities in WP-UserOnline for WordPress
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00006.html
[Bkis-03-2010] Vulnerability in Flash Slideshow Maker Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00002.html
[USN-956-1] sudo vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-07/msg00000.html
Vulnerability Note VU#643615: libpng fails to limit number of rows in header
http://www.kb.cert.org/vuls/id/643615
New Winpcap Version
http://isc.sans.edu/diary.html?storyid=9124
Malware inside PDF Files
http://isc.sans.edu/diary.html?storyid=9127
Interesting analysis of the PHP SplObjectStorage Vulnerability
http://isc.sans.edu/diary.html?storyid=9133
Stored XSS vulnerability on YouTube actively abused?
http://isc.sans.edu/diary.html?storyid=9130
Delivery Status Failure Notice That Packed A Wallop
http://isc.sans.edu/diary.html?storyid=9118
Happy Independence Day
http://isc.sans.edu/diary.html?storyid=9121
Cisco Application Control Engine Newline Processing Flaw May Let Remote Users Modify HTTP Headers
http://securitytracker.com/alerts/2010/Jul/1024168.html
Cisco Content Services Switch HTTP and ClientCert Headers Can Be Spoofed or Modified By Remote USers
http://securitytracker.com/alerts/2010/Jul/1024167.html
Cerberus FTP Server MLSD and MLST Commands Display Hidden Files
http://securitytracker.com/alerts/2010/Jul/1024166.html
(Red Hat Issues Fix) Perl Archive::Tar Directory Traversal Flaw Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Jul/1024164.html
Microsoft Internet Information Services Authentication Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/1681
Zoph Multiple Parameter Processing Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/1680
Setiran CMS "id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1679
NinkoBB Admin Interface Cross Site Request Forgery Vulnerability
http://www.vupen.com/english/advisories/2010/1678
Specialist Bed and Breakfast website SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1677
Golf Club Site "pp_id" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/1676
Bugzilla ".bzr" and "data/webdot" Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/1675
TortoiseSVN neon Spoofing and Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/1674
Opera for UNIX File Upload and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2010/1673
Fedora Security Update Fixes CUPS Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1672
Fedora Security Update Fixes LibTIFF Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1671
Fedora Security Update Fixes Libpng Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/1670
Redhat Security Update Fixes Archive::Tar Directory Traversal Issue
http://www.vupen.com/english/advisories/2010/1669
Redhat Security Update Fixes Kernel Code Execution and DoS Issues
http://www.vupen.com/english/advisories/2010/1668
SuSE Security Update Fixes Two Samba Vulnerabilities
http://www.vupen.com/english/advisories/2010/1667
SuSE Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/1666
Debian Security Update Fixes Wireshark Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/1665
Registry OCX v1.5 ActiveX Buffer Overflow Exploit
http://www.exploit-db.com/exploits/14200/
ASX to MP3 Converter v3.1.2.1 Local Buffer Overflow (SEH)
http://www.exploit-db.com/exploits/14191/
Windows Vista/Server 2008 NtUserCheckAccessForIntegrityLevel Vulnerability
http://securityreason.com/securityalert/7560
AdaptCMS 2.0.0 Beta (init.php) Remote File Inclusion Vulnerability
http://securityreason.com/securityalert/7559
PHP Bible Search 0.99 Multiple Vunerable
http://securityreason.com/securityalert/7558
Grafik CMS XSS vulnerability
http://securityreason.com/securityalert/7557
Grafik CMS SQL injection vulnerability
http://securityreason.com/securityalert/7556
Joomla com_awd_song persistent xss Vulnerability
http://securityreason.com/securityalert/7555
i-netsolution jobsearch Engine SQLi Vulnerability
http://securityreason.com/securityalert/7554
Job Search Engine SQL Injection Vulnerability
http://securityreason.com/securityalert/7553
Fedora update for libtiff
http://secunia.com/advisories/40406/
D-Link DAP-1160 D-Link Security Bypass Vulnerabilities
http://secunia.com/advisories/40399/
LibTIFF Denial of Service Vulnerabilities
http://secunia.com/advisories/40422/
The Lord of the Rings Gamespy "NATHOST" and "NATINITED" Buffer Overflow Vulnerability
http://secunia.com/advisories/40460/
Command & Conquer Gamespy "NATHOST" and "NATINITED" Buffer Overflow Vulnerability
http://secunia.com/advisories/40459/
Mahara Multiple Vulnerabilities
http://secunia.com/advisories/40431/
Zoph Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/40430/
Microsoft Internet Information Services Basic Authentication Security Bypass
http://secunia.com/advisories/40412/
SUSE update for kernel
http://secunia.com/advisories/40418/
iScripts AutoHoster "planid" SQL Injection Vulnerability
http://secunia.com/advisories/40441/
iScripts SupportDesk "username" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/40443/
Bugzilla "data/webdot" and ".bzr" Information Disclosure
http://secunia.com/advisories/40455/
iScripts CyberMatch "id" SQL Injection Vulnerability
http://secunia.com/advisories/40434/
iScripts EasySnaps Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/40448/
TomatoCart Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/40454/
iScripts ReserveLogic "pid" SQL Injection Vulnerability
http://secunia.com/advisories/40435/
bitweaver "style" File Inclusion Vulnerability
http://secunia.com/advisories/40432/
Joomla JoomDOC Component File Disclosure Vulnerability
http://secunia.com/advisories/40314/
Red Hat update for kernel
http://secunia.com/advisories/40420/
Debian update for wireshark
http://secunia.com/advisories/40423/
Fedora update for libpng
http://secunia.com/advisories/40411/
Red Hat update for perl-Archive-Tar
http://secunia.com/advisories/40356/
HP OpenView Network Node Manager 'getnnmdata.exe' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40071
HP OpenView Network Node Manager 'getnnmdata.exe' Code Execution Vulnerability
http://www.securityfocus.com/bid/40072
HP OpenView Network Node Manager 'getnnmdata.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40070
Adobe Acrobat and Reader CVE-2010-2209 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41240
Adobe Acrobat and Reader CVE-2010-2207 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/41239
Mahara Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/41319
HTML Purifier Versions Prior to 4.1.1 Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/41259
'imlib2' Library Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/31880
Linux Kernel 'sctp_process_unk_param()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39794
TopManage OLK Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/41208
CUPS Web Interface Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40897
Docmint 'id' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/37721
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
RM Downloader '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41180
Microsoft Windows Help And Support Center Trusted Document Whitelist Bypass Vulnerability
http://www.securityfocus.com/bid/40725
Mp3 DigitalBox '.mp3' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41329
iScripts SocialWare 'photos.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/41328
iSCSI Enterprise Target Multiple Implementations iSNS Message Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41327
Joomla! Seyret Video Component 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/41324
Pointter PHP Micro-Blogging Social Network 'showphoto.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/41323
Xplico 'add.ctp' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/41322
Ruby ' ARGF.inplace_mode' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41321
Views Module for Drupal 'views_ajax_autocomplete_user' Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/41318
Joomla! JoomDOC Component Information Disclosure Vulnerability
http://www.securityfocus.com/bid/41317
Zoph Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/41316
Cisco CSS/ACE Certificate Spoofing and HTTP Response Splitting Vulnerabilities
http://www.securityfocus.com/bid/41315
iScripts AutoHoster 'planid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/41313
iScripts SupportDesk 'username' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/41311
iScripts EasyBiller Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/41304
Bitweaver 'style' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/41301
iScripts CyberMatch 'profile.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/41300
0 件のコメント:
コメントを投稿