+ HS10-025: JP1/NETM/Remote Control Agentにおける認証バイパスの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-025/index.html
- HS10-019: DoS Vulnerability in JP1/Automatic Job Management System 3 - Manager and JP1/Automatic Job Management System 2 - Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-019/index.html
- Red Hat update for kernel
http://secunia.com/advisories/41195/
[ANN] Apache Compress Ant Library 1.0 Released
http://ant.apache.org/antlibs/compress/index.html
MySQL 5.5.7 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-7.html
HS10-024: DoS Vulnerability in Hitachi Storage Command Suite
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-024/index.html
HS10-023: DoS Vulnerability in JP1/Desktop Navigation
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-023/index.html
HS10-022: DoS Vulnerability in JP1/NETM
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-022/index.html
HS10-021: DoS Vulnerability in JP1/Integrated Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-021/index.html
HS10-020: DoS Vulnerability in JP1/Performance Analysis - Manager and JP1/Performance Management - Analysis Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-020/index.html
HS10-018: DoS Vulnerability in JP1/ServerConductor/Control Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-018/index.html
HS10-017: DoS Vulnerability in Cosminexus
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS10-017/index.html
パターンファイルの8割をクラウド上に移行、トレンドマイクロがウイルスバスターの新版を発売
http://itpro.nikkeibp.co.jp/article/NEWS/20100831/351593/?ST=security
JVN#75101998 moobbs2 におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN75101998/index.html
JVN#24423311 moobbs におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN24423311/index.html
JVNDB-2010-000034 moobbs2 におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000034.html
JVNDB-2010-000033 moobbs におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000033.html
Debian update for openssl
http://secunia.com/advisories/41105/
Fedora update for bogofilter
http://secunia.com/advisories/41239/
Fedora update for php-pear-CAS
http://secunia.com/advisories/41240/
Novell Identity Manager Lets Local Users Obtain Passwords
http://securitytracker.com/alerts/2010/Aug/1024373.html
+ RHSA-2010:0659-1: Moderate: httpd security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0659.html
+ RHSA-2010:0661-1: Important: kernel security update
http://rhn.redhat.com/errata/RHSA-2010-0661.html
+? Microsoft Windows wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00355.html
MySQL Connector/Net 6.0.7 has been released
http://dev.mysql.com/doc/refman/5.1/en/connector-net-news-6-0-7.html
MySQL Connector/Net 6.1.5 has been released
http://dev.mysql.com/doc/refman/5.1/en/connector-net-news-6-1-5.html
MySQL Connector/Net 6.2.4 Maintenance release
http://dev.mysql.com/doc/refman/5.1/en/connector-net-news-6-2-4.html
PMASA-2010-6: XSS attack using debugging messages.
http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php
Wireshark 1.4.0 released
http://www.wireshark.org/docs/relnotes/wireshark-1.4.0.html
HPSBMA02571 SSRT100034 rev.1 - HP Insight Diagnostics Online Edition, Remote Cross Site Scripting (XSS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02492472
HPSBMA01212 SSRT5998 rev.4 - HP System Management Homepage Running PHP, Remote Denial of Service (DoS), Cross Site Scripting (XSS), Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01034748
Postfix 2.8 Snapshot 20100830
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100830.HISTORY
Debian : [DSA 2097-1] New phpmyadmin packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33585
Debian : [DSA 2098-1] New typo3-src packages fix several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33586
Securitylab.ir : Flash Player 9 DLL Hijacking Exploit (schannel.dll)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33584
Ubuntu Security Notice : [USN-979-1] okular buffer-overflow vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33582
Westpoint Ltd : wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33583
[SECURITY] [DSA 2100-1] New openssl packages fix double free
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00362.html
[ MDVSA-2010:165 ] libHX
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00361.html
{Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00359.html
R7-0036: FCKEditor.NET File Upload Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00357.html
[0day] Apple QuickTime "_Marshaled_pUnk" backdoor param arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00358.html
[ MDVSA-2010:164 ] phpmyadmin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00349.html
[ MDVSA-2010:163 ] phpmyadmin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00345.html
[SECURITY] [DSA 2099-1] New OpenOffice.org packages fix arbitrary code execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00354.html
ekoparty Security Conference 2010 Announcements
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00351.html
EC2ND 2010, Call for Participation
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00356.html
[SECURITY] [DSA 2098-1] New typo3-src packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00344.html
[SECURITY] [DSA 2097-1] New phpmyadmin packages fix several vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00343.html
QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00350.html
Maxthon Browser version 2.5.15.1000 Insecure DLL Hijacking Vulnerability (dwmapi.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00352.html
Notepad++ version 5.7 Insecure DLL Hijacking Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00353.html
Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00347.html
Microsoft Windows wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00355.html
The Smarter Safer Better Seminar Series
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00346.html
JVNDB-2010-001893 GnuPG の kbx/keybox-blob.c における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001893.html
JVNDB-2010-001892 FreeType 2 における CFF フォントの処理に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001892.html
JVNDB-2010-001891 Wonderware Archestra ConfigurationAccessComponent ActiveX コントロールにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001891.html
Apple QuickTime potential vulnerability/backdoor
http://isc.sans.edu/diary.html?storyid=9472
Adobe Shockwave Director rcsL Chunk Pointer Offset Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7706
Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7705
Adobe Shockwave Player Memory Corruption Vulnerability (CVE-2010-2868)
http://securityreason.com/securityalert/7704
Adobe Shockwave Player Memory Corruption Vulnerability (CVE-2010-2869)
http://securityreason.com/securityalert/7703
Adobe Shockwave Director mmap Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7702
Adobe Shockwave Player Director Remote Code Execution Vulnerability (2)
http://securityreason.com/securityalert/7701
Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7700
Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerdability
http://securityreason.com/securityalert/7699
Adobe Shockwave Player Director Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7698
TANDBERG MXP Videoconferencing System SNMP Processing Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Aug/1024372.html
SnackAmp Music Player SMP/WAV File Processing Buffer Overflows
http://secunia.com/advisories/41144/
CDisplay Insecure Library Loading Vulnerability
http://secunia.com/advisories/41229/
MS Visual Studio Insecure Library Loading Vulnerability
http://secunia.com/advisories/41212/
Seagull PHP Framework "frmQuestion" SQL Injection Vulnerability
http://secunia.com/advisories/41169/
Adobe Audition Insecure Library Loading Vulnerability
http://secunia.com/advisories/41232/
Red Hat update for httpd
http://secunia.com/advisories/41153/
EncFS Multiple Weaknesses
http://secunia.com/advisories/41158/
LEADTOOLS LEAD RasterTwain ActiveX Control "AppName" Property Buffer Overflow
http://secunia.com/advisories/41177/
GaleriaSHQIP "album_id" SQL Injection Vulnerability
http://secunia.com/advisories/41113/
Adobe Captivate Insecure Library Loading Vulnerability
http://secunia.com/advisories/41233/
Mereo HTTP Request Handling Denial of Service Vulnerability
http://secunia.com/advisories/41145/
UltraVNC Viewer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41208/
Maxthon Browser Insecure Library Loading Vulnerability
http://secunia.com/advisories/41200/
Wiccle Web Builder "post_text" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41191/
Qt SSL Certificate IP Address Wildcard Matching Vulnerability
http://secunia.com/advisories/41236/
Cisco IOS XR Border Gateway Protocol Denial of Service Vulnerability
http://secunia.com/advisories/41190/
Serendipity "Remember me" Script Insertion Vulnerability
http://secunia.com/advisories/41199/
QuickTime PictureViewer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41123/
CF Image Hosting Script Multiple Vulnerabilities
http://secunia.com/advisories/41170/
Debian update for openoffice.org
http://secunia.com/advisories/41235/
Novell Identity Manager Tree Credentials Information Disclosure
http://secunia.com/advisories/41194/
IBM DB2 Multiple Vulnerabilities
http://secunia.com/advisories/41218/
Debian update for phpmyadmin
http://secunia.com/advisories/41218/
Slackware update for php
http://secunia.com/advisories/41217/
Debian update for typo3-src
http://secunia.com/advisories/41186/
Cisco IOS XR Border Gateway Protocol Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2227
Novell Identity Manager Tree Login Credentials Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/2226
IBM DB2 Products Security Update Fixes Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2225
Debian Security Update Fixes TYPO3 Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2224
Debian Security Update Fixes phpMyAdmin Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2223
Slackware Security Update Fixes Xorg-server Privilege Escalation
http://www.vupen.com/english/advisories/2010/2222
Slackware Security Update Fixes Pidgin Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2221
Slackware Security Update Fixes PHP Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2220
Slackware Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2219
Slackware Security Update Fixes httpd Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2218
Slackware Security Update Fixes GnuPG Use-after-free Vulnerability
http://www.vupen.com/english/advisories/2010/2217
Apple QuickTime "_Marshaled_pUnk" Backdoor Param Client-Side Arbitrary Code Execution
http://www.exploit-db.com/exploits/14843/
Mereo v1.9.2 Remote HTTP Server Denial Of Service Vulnerability
http://www.exploit-db.com/exploits/14840/
2010年8月31日火曜日
2010年8月30日月曜日
30日 月曜日、先負
phpMyAdmin 3.3.6 is released
http://sourceforge.net/news/?group_id=23067&id=291082http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.3.6%2FphpMyAdmin-3.3.6-notes.html/view
Squid 3.1.7 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_7.html
Squid 3.1.6 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_6.html
Postfix 2.8-20100829-nonprod
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100829-nonprod.HISTORY
プレス発表
デジタル複合機の脆弱性に関する調査報告書の公開
~多機能化するデジタル複合機に潜む脆弱性の多角的な調査~
http://www.ipa.go.jp/about/press/20100830.html
JPCERT/CC WEEKLY REPORT 2010-08-25
http://www.jpcert.or.jp/wr/2010/wr103201.html
McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution
http://www.exploit-db.com/exploits/14818/
+ Linux kernel 2.6.27.53, 2.6.32.21, 2.6.34.6, 2.6.35.4 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4
- Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml
Postfix 2.8 Snapshot 20100827
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100827.HISTORY
CommandCentral Storage (CCS) 5.1.1 Managed Host (MH) installation or un-installation can cause some Storage Foundation for Windows (SFW) 5.x features to stop working.
http://seer.entsupport.symantec.com/docs/358390.htm
Check Point Software Technologies : [CVE-2010-1801] Apple CoreGraphics (Preview) Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33565
High-Tech Bridge SA : [HTB22586] SQL injection vulnerability in CompuCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33566
High-Tech Bridge SA : [HTB22584] XSS vulnerability in CompuCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33567
High-Tech Bridge SA : [HTB22568] XSS vulnerability in Webmatic
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33568
High-Tech Bridge SA : [HTB22570] XSRF (CSRF) in Webmatic
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33569
High-Tech Bridge SA : [HTB22564] XSS vulnerability in Auto CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33570
High-Tech Bridge SA : [HTB22575] XSS vulnerability in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33571
High-Tech Bridge SA : [HTB22571] SQL injection vulnerability in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33572
High-Tech Bridge SA : [HTB22573] Local File Inclusion in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33573
High-Tech Bridge SA : [HTB22579] File Content Disclosure in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33575
Mark van Tilburg : BugTracker.net 3.4.3 SQL Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33578
wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00339.html
Flash Player 9 DLL Hijacking Exploit (schannel.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00342.html
[USN-979-1] okular vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00340.html
JVNVU#707943 Windows プログラムの DLL 読み込みに脆弱性
http://jvn.jp/cert/JVNVU707943/index.html
JVNDB-2010-001890 複数の Cisco 製品の IKE におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001890.html
JVNDB-2010-001889 Cisco Adaptive Security Appliances の SIP 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001889.html
JVNDB-2010-001888 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001888.html
JVNDB-2010-001887 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001887.html
JVNDB-2010-001886 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001886.html
JVNDB-2010-001885 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001885.html
JVNDB-2010-001884 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001884.html
JVNDB-2010-001883 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001883.html
JVNDB-2009-002544 Blue Coat ProxySG の HTTP Host ヘッダにおけるアクセスコントロール回避の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002544.html
Abandoned free email accounts
http://isc.sans.edu/diary.html?storyid=9457
DLL hijacking - what are you doing ?
http://isc.sans.edu/diary.html?storyid=9460
FTP Brute Password guessing attacks
http://isc.sans.edu/diary.html?storyid=9454
CorelDRAW Graphics Suite Insecure Library Loading Vulnerability
http://secunia.com/advisories/41148/
DivX Plus Player Insecure Library Loading Vulnerability
http://secunia.com/advisories/41108/
BugTracker.NET Custom Field SQL Injection Vulnerability
http://secunia.com/advisories/41150/
Prometeo CMS "ID" SQL Injection Vulnerability
http://secunia.com/advisories/41138/
IBM WebSphere Application Server Web Services Time Stamp Security Issue
http://secunia.com/advisories/41173/
Red Hat update for gdm
http://secunia.com/advisories/41139/
Joomla! / Mambo Remository Component Arbitrary File Upload Vulnerability
http://secunia.com/advisories/41161/
Fedora update for bugzilla
http://secunia.com/advisories/41128/
Fedora update for kdegraphics
http://secunia.com/advisories/41132/
CyberLink Power2Go Insecure Library Loading Vulnerability
http://secunia.com/advisories/41174/
CyberLink PowerDirector Insecure Library Loading Vulnerability
http://secunia.com/advisories/41142/
Autodesk AutoCAD Insecure Library Loading Vulnerability
http://secunia.com/advisories/41156/
hinnendahl Kontakt Formular "script_pfad" Local File Inclusion Vulnerability
http://secunia.com/advisories/41155/
hinnendahl CMS & News Script light "script_pfad" File Inclusion Vulnerability
http://secunia.com/advisories/41160/
PHP Gastebuch Script "script_pfad" Local File Inclusion Vulnerability
http://secunia.com/advisories/41157/
RealPlayer Multiple Vulnerabilities
http://secunia.com/advisories/41154/
RealPlayer SP Multiple Vulnerabilities
http://secunia.com/advisories/41096/
SUSE update for Multiple Packages
http://secunia.com/advisories/41171/
Drupal BlastChat Client Module "Itemid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41172/
Ubuntu update for kdegraphics
http://secunia.com/advisories/41086/
Joomla! / Mambo BlastChat Client Component "Itemid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41129/
Hycus CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/41141/
「このソフトなら駆除できます」――偽ソフトを薦めるウイルス
複数の偽ソフトをリストアップ、「VirusTotal」風のサイトで配布
http://itpro.nikkeibp.co.jp/article/NEWS/20100830/351528/?ST=security
Cisco IOS XR BGP Attribute Processing Flaw Permits Denial of Service Attacks
http://securitytracker.com/alerts/2010/Aug/1024371.html
RealPlayer Bugs Let Remote Users Obtain Files and Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024370.html
HP MagCloud iPad App, Remote Unauthorized Access Bypass
http://securityreason.com/securityalert/7697
Omnistar Recruiting (resume_register.php job2) XSS Vulnerability
http://securityreason.com/securityalert/7696
AJauctionPro Oopd 3.0 (Search) Remote XSS Vulnerability
http://securityreason.com/securityalert/7695
SAP Business One 2005 6.80.320 Remote Buffer Overflow
http://securityreason.com/securityalert/7694
Silurus Classifieds 1.0 Remote XSS Vulnerabilities
http://securityreason.com/securityalert/7693
RealPlayer Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2216
IBM WebSphere Application Server WS-Security Policy Timestamp Issue
http://www.vupen.com/english/advisories/2010/2215
HP-UX Software Distributor Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2214
Adobe ExtendScript Toolkit Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2213
Adobe Extension Manager File Processing Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2212
Roxio MyDVD File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2211
Adobe InDesign File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2210
Adobe Premiere Pro File Processing Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2210
Roxio Creator File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2208
NetBSD Security Update Fixes CODA Memory Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/2207
Fedora Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2206
Fedora Security Update Fixes Multiple Bugzilla Vulnerabilities
http://www.vupen.com/english/advisories/2010/2205
SuSE Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2204
Redhat Security Update Fixes GDM Missing TCP Wrappers Support
http://www.vupen.com/english/advisories/2010/2203
Mandriva Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2202
nginx v0.6.38 Heap Corruption Exploit
http://www.exploit-db.com/exploits/14830/
SnackAmp 3.1.2 Malicious SMP Buffer Overflow Vulnerability (SEH)
http://www.exploit-db.com/exploits/14831/
SnackAmp 3.1.2 Malicious WAV Buffer Overflow Vulnerability (POC)
http://www.exploit-db.com/exploits/14832/
Leadtools ActiveX Raster Twain v16.5 (LtocxTwainu.dll) Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/14824/
http://sourceforge.net/news/?group_id=23067&id=291082http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.3.6%2FphpMyAdmin-3.3.6-notes.html/view
Squid 3.1.7 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_7.html
Squid 3.1.6 released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_6.html
Postfix 2.8-20100829-nonprod
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100829-nonprod.HISTORY
プレス発表
デジタル複合機の脆弱性に関する調査報告書の公開
~多機能化するデジタル複合機に潜む脆弱性の多角的な調査~
http://www.ipa.go.jp/about/press/20100830.html
JPCERT/CC WEEKLY REPORT 2010-08-25
http://www.jpcert.or.jp/wr/2010/wr103201.html
McAfee LinuxShield <= 1.5.1 Local/Remote Root Code Execution
http://www.exploit-db.com/exploits/14818/
+ Linux kernel 2.6.27.53, 2.6.32.21, 2.6.34.6, 2.6.35.4 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4
- Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4411f.shtml
Postfix 2.8 Snapshot 20100827
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20100827.HISTORY
CommandCentral Storage (CCS) 5.1.1 Managed Host (MH) installation or un-installation can cause some Storage Foundation for Windows (SFW) 5.x features to stop working.
http://seer.entsupport.symantec.com/docs/358390.htm
Check Point Software Technologies : [CVE-2010-1801] Apple CoreGraphics (Preview) Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33565
High-Tech Bridge SA : [HTB22586] SQL injection vulnerability in CompuCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33566
High-Tech Bridge SA : [HTB22584] XSS vulnerability in CompuCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33567
High-Tech Bridge SA : [HTB22568] XSS vulnerability in Webmatic
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33568
High-Tech Bridge SA : [HTB22570] XSRF (CSRF) in Webmatic
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33569
High-Tech Bridge SA : [HTB22564] XSS vulnerability in Auto CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33570
High-Tech Bridge SA : [HTB22575] XSS vulnerability in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33571
High-Tech Bridge SA : [HTB22571] SQL injection vulnerability in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33572
High-Tech Bridge SA : [HTB22573] Local File Inclusion in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33573
High-Tech Bridge SA : [HTB22579] File Content Disclosure in TCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33575
Mark van Tilburg : BugTracker.net 3.4.3 SQL Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33578
wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00339.html
Flash Player 9 DLL Hijacking Exploit (schannel.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00342.html
[USN-979-1] okular vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00340.html
JVNVU#707943 Windows プログラムの DLL 読み込みに脆弱性
http://jvn.jp/cert/JVNVU707943/index.html
JVNDB-2010-001890 複数の Cisco 製品の IKE におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001890.html
JVNDB-2010-001889 Cisco Adaptive Security Appliances の SIP 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001889.html
JVNDB-2010-001888 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001888.html
JVNDB-2010-001887 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001887.html
JVNDB-2010-001886 複数の Cisco 製品の Transport Layer Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001886.html
JVNDB-2010-001885 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001885.html
JVNDB-2010-001884 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001884.html
JVNDB-2010-001883 複数の Cisco 製品の SunRPC 検査機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001883.html
JVNDB-2009-002544 Blue Coat ProxySG の HTTP Host ヘッダにおけるアクセスコントロール回避の脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002544.html
Abandoned free email accounts
http://isc.sans.edu/diary.html?storyid=9457
DLL hijacking - what are you doing ?
http://isc.sans.edu/diary.html?storyid=9460
FTP Brute Password guessing attacks
http://isc.sans.edu/diary.html?storyid=9454
CorelDRAW Graphics Suite Insecure Library Loading Vulnerability
http://secunia.com/advisories/41148/
DivX Plus Player Insecure Library Loading Vulnerability
http://secunia.com/advisories/41108/
BugTracker.NET Custom Field SQL Injection Vulnerability
http://secunia.com/advisories/41150/
Prometeo CMS "ID" SQL Injection Vulnerability
http://secunia.com/advisories/41138/
IBM WebSphere Application Server Web Services Time Stamp Security Issue
http://secunia.com/advisories/41173/
Red Hat update for gdm
http://secunia.com/advisories/41139/
Joomla! / Mambo Remository Component Arbitrary File Upload Vulnerability
http://secunia.com/advisories/41161/
Fedora update for bugzilla
http://secunia.com/advisories/41128/
Fedora update for kdegraphics
http://secunia.com/advisories/41132/
CyberLink Power2Go Insecure Library Loading Vulnerability
http://secunia.com/advisories/41174/
CyberLink PowerDirector Insecure Library Loading Vulnerability
http://secunia.com/advisories/41142/
Autodesk AutoCAD Insecure Library Loading Vulnerability
http://secunia.com/advisories/41156/
hinnendahl Kontakt Formular "script_pfad" Local File Inclusion Vulnerability
http://secunia.com/advisories/41155/
hinnendahl CMS & News Script light "script_pfad" File Inclusion Vulnerability
http://secunia.com/advisories/41160/
PHP Gastebuch Script "script_pfad" Local File Inclusion Vulnerability
http://secunia.com/advisories/41157/
RealPlayer Multiple Vulnerabilities
http://secunia.com/advisories/41154/
RealPlayer SP Multiple Vulnerabilities
http://secunia.com/advisories/41096/
SUSE update for Multiple Packages
http://secunia.com/advisories/41171/
Drupal BlastChat Client Module "Itemid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41172/
Ubuntu update for kdegraphics
http://secunia.com/advisories/41086/
Joomla! / Mambo BlastChat Client Component "Itemid" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41129/
Hycus CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/41141/
「このソフトなら駆除できます」――偽ソフトを薦めるウイルス
複数の偽ソフトをリストアップ、「VirusTotal」風のサイトで配布
http://itpro.nikkeibp.co.jp/article/NEWS/20100830/351528/?ST=security
Cisco IOS XR BGP Attribute Processing Flaw Permits Denial of Service Attacks
http://securitytracker.com/alerts/2010/Aug/1024371.html
RealPlayer Bugs Let Remote Users Obtain Files and Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024370.html
HP MagCloud iPad App, Remote Unauthorized Access Bypass
http://securityreason.com/securityalert/7697
Omnistar Recruiting (resume_register.php job2) XSS Vulnerability
http://securityreason.com/securityalert/7696
AJauctionPro Oopd 3.0 (Search) Remote XSS Vulnerability
http://securityreason.com/securityalert/7695
SAP Business One 2005 6.80.320 Remote Buffer Overflow
http://securityreason.com/securityalert/7694
Silurus Classifieds 1.0 Remote XSS Vulnerabilities
http://securityreason.com/securityalert/7693
RealPlayer Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2216
IBM WebSphere Application Server WS-Security Policy Timestamp Issue
http://www.vupen.com/english/advisories/2010/2215
HP-UX Software Distributor Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2214
Adobe ExtendScript Toolkit Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2213
Adobe Extension Manager File Processing Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2212
Roxio MyDVD File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2211
Adobe InDesign File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2210
Adobe Premiere Pro File Processing Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2210
Roxio Creator File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2208
NetBSD Security Update Fixes CODA Memory Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/2207
Fedora Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2206
Fedora Security Update Fixes Multiple Bugzilla Vulnerabilities
http://www.vupen.com/english/advisories/2010/2205
SuSE Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2204
Redhat Security Update Fixes GDM Missing TCP Wrappers Support
http://www.vupen.com/english/advisories/2010/2203
Mandriva Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2202
nginx v0.6.38 Heap Corruption Exploit
http://www.exploit-db.com/exploits/14830/
SnackAmp 3.1.2 Malicious SMP Buffer Overflow Vulnerability (SEH)
http://www.exploit-db.com/exploits/14831/
SnackAmp 3.1.2 Malicious WAV Buffer Overflow Vulnerability (POC)
http://www.exploit-db.com/exploits/14832/
Leadtools ActiveX Raster Twain v16.5 (LtocxTwainu.dll) Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/14824/
2010年8月27日金曜日
27日 金曜日、赤口
+ Linux kernel 2.6.27.53, 2.6.32.21, 2.6.34.6, 2.6.35.4 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4
BIND 9.7.2rc1 is now available.
https://www.isc.org/software/bind/972rc1
http://ftp.isc.org/isc/bind9/9.7.2rc1/9.7.2rc1
Kernel release: 2.6.35.4
http://www.linux.org/news/2010/08/26/0004.html
Kernel release: 2.6.34.6
http://www.linux.org/news/2010/08/26/0003.html
Kernel release: 2.6.32.21
http://www.linux.org/news/2010/08/26/0002.html
Kernel release: 2.6.27.53
http://www.linux.org/news/2010/08/26/0001.html
プレス発表
ウェブサイト攻撃の検出ツール「iLogScanner」の性能向上版を公開
~ウェブサイト管理者は、ログを分析する習慣を~
http://www.ipa.go.jp/about/press/20100827.html
JVNTA10-238A Microsoft Windows における DLL 読み込みに関する脆弱性
http://jvn.jp/cert/JVNTA10-238A/index.html
DAEMON Tools Insecure Library Loading Vulnerability
http://secunia.com/advisories/41146/
NetBSD Buffer Length Check Error in CODA File System Lets Local Users Read Kernel Memory
http://securitytracker.com/alerts/2010/Aug/1024369.html
Adobe Shockwave Player Memory Corruption Vulnerability
http://securityreason.com/securityalert/7692
Firefox <= 3.6.8 DLL Hijacking Exploit [dwmapi.dll]
http://securityreason.com/securityalert/7691
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)
http://securityreason.com/securityalert/7690
+ RHSA-2010:0657-1: Low: gdm security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0657.html
+ Microsoft Windows Progman Group Converter Insecure Library Loading
http://secunia.com/advisories/41136/
+ Microsoft Windows Indeo Filter Insecure Library Loading Vulnerability
http://secunia.com/advisories/41114/
- Microsoft Windows Backup Insecure Library Loading Vulnerability
http://secunia.com/advisories/41122/
[ANNOUNCE] PostgreSQL PHP Generator 10.8 released
http://www.sqlmaestro.com/products/postgresql/phpgenerator/
RazorSQL 5.2 Database Query Tool Released
http://www.postgresql.org/about/news.1227
CAMシステムソフトウェア利用時にポップアップが表示される現象につきまして
http://www.trendmicro.co.jp/support/news.asp?id=1464
Check Point Software Technologies : [CVE-2010-2881] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33557
Check Point Software Technologies : [CVE-2010-2869] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33558
Check Point Software Technologies : [CVE-2010-2880] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33559
Check Point Software Technologies : [CVE-2010-2868] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33560
Check Point Software Technologies : [CVE-2010-2864] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33561
Check Point Software Technologies : [CVE-2010-2882] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33563
Dark2S Security Team : Deepin TFTP Server Directory Traversal Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33562
Independent Researcher : GFI WebMonitor Admin UI Remote Script Code Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33556
Secunia : KDE Okular PDB Parsing RLE Decompression Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33564
Ubuntu Security Notice : [USN-976-1] Tomcat DoS, Information Disclosure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33550
Ubuntu Security Notice : [USN-977-1] MoinMoin vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33551
ZDI : ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Vulnera
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33540
Debian : [DSA 2096-1] New zope-ldapuserfolder packages fix authentication bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33552
マカフィー、セキュリティ対策ソフトの新版を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100826/351508/?ST=security
携帯電話やスマートフォンで使える本人認証サービス、VISAが日本向けに導入
http://itpro.nikkeibp.co.jp/article/NEWS/20100826/351459/?ST=security
JVNDB-2010-001882 Wind River Systems VxWorks の認証 API (loginLib) における問題
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001882.html
JVNDB-2010-001881 Wind River Systems VxWorks においてデバッグサービスがデフォルトで有効になっている問題
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001881.html
JVNDB-2010-001880 LFTP の get1 コマンドにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001880.html
JVNDB-2010-001879 JP1/NETM 製品 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001879.html
JVNDB-2010-001878 JP1/Integrated Manager および JP1/Integrated Management 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001878.html
JVNDB-2010-001877 JP1/PAM におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001877.html
JVNDB-2010-001876 JP1/AJS の組み込みDB利用製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001876.html
JVNDB-2010-001875 JP1/ServerConductor/Control Manager におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001875.html
JVNDB-2010-001874 Cosminexus 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001874.html
US-CERT Technical Cyber Security Alert TA10-238A -- Microsoft Windows Insecurely Loa
http://www.derkeiler.com/Mailing-Lists/Cert/2010-08/msg00003.html
BugTracker.net 3.4.3 SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00338.html
ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00336.html
ZDI-10-166: RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00337.html
[HITB-Announce] HITB2010 SIGNINT Sessions
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00333.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00332.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00331.html
File Content Disclosure in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00330.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00329.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00328.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00326.html
XSRF (CSRF) in Webmatic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00327.html
XSS vulnerability in Auto CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00313.html
XSS vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00316.html
XSS vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00325.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00318.html
XSS vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00312.html
XSS vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00324.html
XSS vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00323.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00322.html
Local File Inclusion in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00320.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00319.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00317.html
XSS vulnerability in Webmatic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00315.html
XSS vulnerability in Webmatic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00314.html
Apple CoreGraphics (Preview) Memory Corruption Vulnerability - CVE-2010-1801
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00311.html
Details of cisco-sa-20081022-asa security advisory?
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00308.html
Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00307.html
Multiple vulnerabilities in eSitesBuilder
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00321.html
BlastChat Chat Client Component version 3.3 <= Cross Script Scripting (XSS) Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00334.html
Joomla! Component com_bc Cross Script Scripting (XSS) Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00335.html
IBM AIX Buffer Overflow in ftpd Lets Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024368.html
HP Software Distributor Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Aug/1024367.html
OpenOffice.org Impress Buffer Overflows Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024352.html
Autodesk Design Review Insecure Library Loading Vulnerability
http://secunia.com/advisories/41013/
Mozilla SeaMonkey Insecure Library Loading Vulnerability
http://secunia.com/advisories/41168/
Target CMS Multiple Vulnerabilities
http://secunia.com/advisories/41116/
Webmatic Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/41127/
Auto CMS PHP Code Execution Security Issue
http://secunia.com/advisories/41147/
PKZIP Insecure Library Loading Vulnerability
http://secunia.com/advisories/41103/
Roxio Media Creator Insecure Library Loading Vulnerability
http://secunia.com/advisories/41137/
Cisco Packet Tracer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41125/
IZArc Insecure Library Loading Vulnerability
http://secunia.com/advisories/41131/
Mihalism Multi Host "album_title" PHP Code Injection
http://secunia.com/advisories/41084/
Mihalism Multi Host "return" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41162/
Mozilla Thunderbird Insecure Library Loading Vulnerability
http://secunia.com/advisories/41151/
RealPlayer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41092/
Adobe Device Central Insecure Library Loading Vulnerability
http://secunia.com/advisories/41118/
Microsoft Windows Backup Insecure Library Loading Vulnerability
http://secunia.com/advisories/41122/
HP-UX Software Distributor Privilege Escalation Vulnerability
http://secunia.com/advisories/41163/
SSSD LDAP Unauthenticated Bind Security Bypass Security Issue
http://secunia.com/advisories/41159/
Trend Micro Internet Security Pro 2010 ActiveX Control Vulnerability
http://secunia.com/advisories/41140/
Adobe InDesign Insecure Library Loading Vulnerability
http://secunia.com/advisories/41126/
Cisco Unified Communications Manager Two Denial of Service Vulnerabilities
http://secunia.com/advisories/41100/
Cisco Unified Presence Two Denial of Service Vulnerabilities
http://secunia.com/advisories/41070/
Microsoft Windows Progman Group Converter Insecure Library Loading
http://secunia.com/advisories/41136/
Adobe Illustrator Insecure Library Loading Vulnerability
http://secunia.com/advisories/41134/
Winamp Insecure Library Loading Vulnerability
http://secunia.com/advisories/41093/
NetBSD CODA Filesystem Kernel Memory Information Disclosure Vulnerability
http://secunia.com/advisories/41166/
Microsoft Windows Indeo Filter Insecure Library Loading Vulnerability
http://secunia.com/advisories/41114/
Ubuntu update for tomcat6
http://secunia.com/advisories/41117/
Fedora update for mapserver
http://secunia.com/advisories/41165/
Cacti 0.8.7g XSS
http://securityreason.com/securityalert/7689
Foxit Reader <= 4.0 pdf Jailbreak
http://securityreason.com/securityalert/7688
Cacti Multiple Parameter Cross Site Scripting Vulnerabilities
http://securityreason.com/securityalert/7687
Mozilla Thunderbird File Handling Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2201
Microsoft Windows Progman Group Converter Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2200
RealPlayer File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2199
Adobe Illustrator File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2198
Apple Safari File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2197
Adobe Device Central Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2196
Winamp File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2195
InterVideo WinDVD File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2194
Roxio PhotoSuite File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2193
Microsoft Visio File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2192
BS.Player File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2191
Media Player Classic File Handling Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2190
SnagIt File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2189
Microsoft Office Groove Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2188
Cisco Unified Communications Manager SIP Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2187
Cisco Unified Presence SIP Messages Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2186
Trend Micro Internet Security Pro "UfPBCtrl.dll" Code Execution
http://www.vupen.com/english/advisories/2010/2185
Ubuntu Security Update Fixes Moin Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2184
Ubuntu Security Update Fixes Tomcat Transfer Encoding Vulnerabilities
http://www.vupen.com/english/advisories/2010/2183
Redhat Security Update Fixes ImageMagick Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2182
Redhat Security Update Fixes qspice-client and spice-xpi Vulnerability
http://www.vupen.com/english/advisories/2010/2181
Fedora Security Update Fixes bogofilter Heap Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/2180
Fedora Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2179
KDE Okular PDB Processing Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/2178
Fedora Security Update Fixes MapServer Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2177
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.53
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.21
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.4
BIND 9.7.2rc1 is now available.
https://www.isc.org/software/bind/972rc1
http://ftp.isc.org/isc/bind9/9.7.2rc1/9.7.2rc1
Kernel release: 2.6.35.4
http://www.linux.org/news/2010/08/26/0004.html
Kernel release: 2.6.34.6
http://www.linux.org/news/2010/08/26/0003.html
Kernel release: 2.6.32.21
http://www.linux.org/news/2010/08/26/0002.html
Kernel release: 2.6.27.53
http://www.linux.org/news/2010/08/26/0001.html
プレス発表
ウェブサイト攻撃の検出ツール「iLogScanner」の性能向上版を公開
~ウェブサイト管理者は、ログを分析する習慣を~
http://www.ipa.go.jp/about/press/20100827.html
JVNTA10-238A Microsoft Windows における DLL 読み込みに関する脆弱性
http://jvn.jp/cert/JVNTA10-238A/index.html
DAEMON Tools Insecure Library Loading Vulnerability
http://secunia.com/advisories/41146/
NetBSD Buffer Length Check Error in CODA File System Lets Local Users Read Kernel Memory
http://securitytracker.com/alerts/2010/Aug/1024369.html
Adobe Shockwave Player Memory Corruption Vulnerability
http://securityreason.com/securityalert/7692
Firefox <= 3.6.8 DLL Hijacking Exploit [dwmapi.dll]
http://securityreason.com/securityalert/7691
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)
http://securityreason.com/securityalert/7690
+ RHSA-2010:0657-1: Low: gdm security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0657.html
+ Microsoft Windows Progman Group Converter Insecure Library Loading
http://secunia.com/advisories/41136/
+ Microsoft Windows Indeo Filter Insecure Library Loading Vulnerability
http://secunia.com/advisories/41114/
- Microsoft Windows Backup Insecure Library Loading Vulnerability
http://secunia.com/advisories/41122/
[ANNOUNCE] PostgreSQL PHP Generator 10.8 released
http://www.sqlmaestro.com/products/postgresql/phpgenerator/
RazorSQL 5.2 Database Query Tool Released
http://www.postgresql.org/about/news.1227
CAMシステムソフトウェア利用時にポップアップが表示される現象につきまして
http://www.trendmicro.co.jp/support/news.asp?id=1464
Check Point Software Technologies : [CVE-2010-2881] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33557
Check Point Software Technologies : [CVE-2010-2869] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33558
Check Point Software Technologies : [CVE-2010-2880] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33559
Check Point Software Technologies : [CVE-2010-2868] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33560
Check Point Software Technologies : [CVE-2010-2864] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33561
Check Point Software Technologies : [CVE-2010-2882] Adobe Shockwave Player Memory Corruption Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33563
Dark2S Security Team : Deepin TFTP Server Directory Traversal Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33562
Independent Researcher : GFI WebMonitor Admin UI Remote Script Code Injection
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33556
Secunia : KDE Okular PDB Parsing RLE Decompression Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33564
Ubuntu Security Notice : [USN-976-1] Tomcat DoS, Information Disclosure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33550
Ubuntu Security Notice : [USN-977-1] MoinMoin vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33551
ZDI : ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Vulnera
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33540
Debian : [DSA 2096-1] New zope-ldapuserfolder packages fix authentication bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33552
マカフィー、セキュリティ対策ソフトの新版を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100826/351508/?ST=security
携帯電話やスマートフォンで使える本人認証サービス、VISAが日本向けに導入
http://itpro.nikkeibp.co.jp/article/NEWS/20100826/351459/?ST=security
JVNDB-2010-001882 Wind River Systems VxWorks の認証 API (loginLib) における問題
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001882.html
JVNDB-2010-001881 Wind River Systems VxWorks においてデバッグサービスがデフォルトで有効になっている問題
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001881.html
JVNDB-2010-001880 LFTP の get1 コマンドにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001880.html
JVNDB-2010-001879 JP1/NETM 製品 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001879.html
JVNDB-2010-001878 JP1/Integrated Manager および JP1/Integrated Management 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001878.html
JVNDB-2010-001877 JP1/PAM におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001877.html
JVNDB-2010-001876 JP1/AJS の組み込みDB利用製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001876.html
JVNDB-2010-001875 JP1/ServerConductor/Control Manager におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001875.html
JVNDB-2010-001874 Cosminexus 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001874.html
US-CERT Technical Cyber Security Alert TA10-238A -- Microsoft Windows Insecurely Loa
http://www.derkeiler.com/Mailing-Lists/Cert/2010-08/msg00003.html
BugTracker.net 3.4.3 SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00338.html
ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00336.html
ZDI-10-166: RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00337.html
[HITB-Announce] HITB2010 SIGNINT Sessions
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00333.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00332.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00331.html
File Content Disclosure in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00330.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00329.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00328.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00326.html
XSRF (CSRF) in Webmatic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00327.html
XSS vulnerability in Auto CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00313.html
XSS vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00316.html
XSS vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00325.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00318.html
XSS vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00312.html
XSS vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00324.html
XSS vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00323.html
SQL injection vulnerability in CompuCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00322.html
Local File Inclusion in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00320.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00319.html
SQL injection vulnerability in TCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00317.html
XSS vulnerability in Webmatic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00315.html
XSS vulnerability in Webmatic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00314.html
Apple CoreGraphics (Preview) Memory Corruption Vulnerability - CVE-2010-1801
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00311.html
Details of cisco-sa-20081022-asa security advisory?
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00308.html
Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00307.html
Multiple vulnerabilities in eSitesBuilder
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00321.html
BlastChat Chat Client Component version 3.3 <= Cross Script Scripting (XSS) Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00334.html
Joomla! Component com_bc Cross Script Scripting (XSS) Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00335.html
IBM AIX Buffer Overflow in ftpd Lets Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024368.html
HP Software Distributor Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Aug/1024367.html
OpenOffice.org Impress Buffer Overflows Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024352.html
Autodesk Design Review Insecure Library Loading Vulnerability
http://secunia.com/advisories/41013/
Mozilla SeaMonkey Insecure Library Loading Vulnerability
http://secunia.com/advisories/41168/
Target CMS Multiple Vulnerabilities
http://secunia.com/advisories/41116/
Webmatic Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/41127/
Auto CMS PHP Code Execution Security Issue
http://secunia.com/advisories/41147/
PKZIP Insecure Library Loading Vulnerability
http://secunia.com/advisories/41103/
Roxio Media Creator Insecure Library Loading Vulnerability
http://secunia.com/advisories/41137/
Cisco Packet Tracer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41125/
IZArc Insecure Library Loading Vulnerability
http://secunia.com/advisories/41131/
Mihalism Multi Host "album_title" PHP Code Injection
http://secunia.com/advisories/41084/
Mihalism Multi Host "return" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41162/
Mozilla Thunderbird Insecure Library Loading Vulnerability
http://secunia.com/advisories/41151/
RealPlayer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41092/
Adobe Device Central Insecure Library Loading Vulnerability
http://secunia.com/advisories/41118/
Microsoft Windows Backup Insecure Library Loading Vulnerability
http://secunia.com/advisories/41122/
HP-UX Software Distributor Privilege Escalation Vulnerability
http://secunia.com/advisories/41163/
SSSD LDAP Unauthenticated Bind Security Bypass Security Issue
http://secunia.com/advisories/41159/
Trend Micro Internet Security Pro 2010 ActiveX Control Vulnerability
http://secunia.com/advisories/41140/
Adobe InDesign Insecure Library Loading Vulnerability
http://secunia.com/advisories/41126/
Cisco Unified Communications Manager Two Denial of Service Vulnerabilities
http://secunia.com/advisories/41100/
Cisco Unified Presence Two Denial of Service Vulnerabilities
http://secunia.com/advisories/41070/
Microsoft Windows Progman Group Converter Insecure Library Loading
http://secunia.com/advisories/41136/
Adobe Illustrator Insecure Library Loading Vulnerability
http://secunia.com/advisories/41134/
Winamp Insecure Library Loading Vulnerability
http://secunia.com/advisories/41093/
NetBSD CODA Filesystem Kernel Memory Information Disclosure Vulnerability
http://secunia.com/advisories/41166/
Microsoft Windows Indeo Filter Insecure Library Loading Vulnerability
http://secunia.com/advisories/41114/
Ubuntu update for tomcat6
http://secunia.com/advisories/41117/
Fedora update for mapserver
http://secunia.com/advisories/41165/
Cacti 0.8.7g XSS
http://securityreason.com/securityalert/7689
Foxit Reader <= 4.0 pdf Jailbreak
http://securityreason.com/securityalert/7688
Cacti Multiple Parameter Cross Site Scripting Vulnerabilities
http://securityreason.com/securityalert/7687
Mozilla Thunderbird File Handling Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2201
Microsoft Windows Progman Group Converter Insecure Library Loading
http://www.vupen.com/english/advisories/2010/2200
RealPlayer File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2199
Adobe Illustrator File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2198
Apple Safari File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2197
Adobe Device Central Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2196
Winamp File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2195
InterVideo WinDVD File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2194
Roxio PhotoSuite File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2193
Microsoft Visio File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2192
BS.Player File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2191
Media Player Classic File Handling Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2190
SnagIt File Processing Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2189
Microsoft Office Groove Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2188
Cisco Unified Communications Manager SIP Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2187
Cisco Unified Presence SIP Messages Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2186
Trend Micro Internet Security Pro "UfPBCtrl.dll" Code Execution
http://www.vupen.com/english/advisories/2010/2185
Ubuntu Security Update Fixes Moin Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2184
Ubuntu Security Update Fixes Tomcat Transfer Encoding Vulnerabilities
http://www.vupen.com/english/advisories/2010/2183
Redhat Security Update Fixes ImageMagick Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2182
Redhat Security Update Fixes qspice-client and spice-xpi Vulnerability
http://www.vupen.com/english/advisories/2010/2181
Fedora Security Update Fixes bogofilter Heap Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/2180
Fedora Security Update Fixes kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2179
KDE Okular PDB Processing Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/2178
Fedora Security Update Fixes MapServer Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2177
2010年8月26日木曜日
26日 木曜日、大安
UPDATE: MS10-056 - Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638)
http://www.microsoft.com/technet/security/bulletin/MS10-056.mspx
UPDATE: MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)
http://www.microsoft.com/technet/security/bulletin/MS10-054.mspx
UPDATE: MS10-056 - 緊急: Microsoft Office Word の脆弱性により、リモートでコードが実行される (2269638)
http://www.microsoft.com/japan/technet/security/bulletin/MS10-056.mspx
Trend Micro Control Manager 5.0 用 Patch 5 (Build 1914) 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1460
JVNVU#707943 Windows プログラムの DLL 読み込みに脆弱性
http://jvn.jp/cert/JVNVU707943/index.html
Ubuntu update for python-moin
http://secunia.com/advisories/41102/
PuTTY 0.60 DLL Hijacking Exploit (winmm.dll)
http://www.exploit-db.com/exploits/14796/
wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll)
http://www.exploit-db.com/exploits/14794/
Autodesk AutoCAD 2007 dll Hijacking exploit (color.dll)
http://www.exploit-db.com/exploits/14793/
+ HPSBUX02552 SSRT100062 rev.1 - HP-UX running Software Distributor (sd), Local Privilege Increase, Unauthorized Access
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02285980
+ RHSA-2010:0653-1: Moderate: ImageMagick security update
http://rhn.redhat.com/errata/RHSA-2010-0653.html
http://secunia.com/advisories/41111/
+ Zimbra Collaboration Suite 6.0.8 released
http://www.zimbra.com/downloads/os-downloads.html
http://files2.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.8.pdf
+ Microsoft Windows Address Book Insecure Library Loading Vulnerability
http://secunia.com/advisories/41050/
http://www.vupen.com/english/advisories/2010/2168
+? Microsoft Office PowerPoint Insecure Library Loading Vulnerability
http://secunia.com/advisories/41063/
http://www.vupen.com/english/advisories/2010/2166
http://www.exploit-db.com/exploits/14782/
- Microsoft Office Groove Insecure Library Loading Vulnerability
http://secunia.com/advisories/41104/
- RHSA-2010:0652-1: Moderate: ImageMagick security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0652.html
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20100825-cucm.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of Multiple DoS Vulnerabilities in Cisco Unified Communications Products
http://www.cisco.com/warp/public/707/cisco-amb-20100825-cucm-cup.shtml
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20100825-cup.shtml
ウイルスバスター チャットサポート メンテナンスのお知らせ(2010年8月26日)
http://www.trendmicro.co.jp/support/news.asp?id=1462
Hewlett-Packard : HP MagCloud iPad App, Remote Unauthorized Access to Data
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33533
Hewlett-Packard : HP StorageWorks Storage Mirroring, Local Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33534
Mandriva : [MDVSA-2010:160] cacti command excution and XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33529
シマンテック、セキュリティ対策ソフトの新版を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100826/351451/?ST=security
FFR、組み込み製品向けセキュリティ検査ツール「FFR Raven」を発売
http://itpro.nikkeibp.co.jp/article/NEWS/20100825/351439/?ST=security
JVNDB-2010-001873 FreeType のデモプログラムにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001873.html
JVNDB-2010-001872 FreeType の Mac_Read_POST_Resource 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001872.html
JVNDB-2010-001871 FreeType の gray_render_span 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001871.html
JVNDB-2010-001870 FreeType の Mac_Read_POST_Resource 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001870.html
JVNDB-2010-001869 FreeType の psh_glyph_find_strong_points 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001869.html
JVNDB-2010-001868 FreeType の ftmulti.c におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001868.html
JVNDB-2010-001867 Apache Tomcat のサンプル用 calendar アプリケーションにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001867.html
JVNDB-2008-002433 Apache HTTP Server の mod_proxy における重要なレスポンスを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002433.html
Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00293.html
Adobe On Location CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00287.html
Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00303.html
Adobe Illustrator CS4 DLL Hijacking Exploit (aires.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00297.html
ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00284.html
[USN-977-1] MoinMoin vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00286.html
[USN-976-1] Tomcat vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00291.html
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00283.html
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00298.html
Deepin TFTP Server Directory Traversal Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00299.html
Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00296.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2880
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00294.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2881
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00288.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2864
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00290.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2869
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00292.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2882
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00295.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2868
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00289.html
Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00282.html
GFI WebMonitor Admin UI Remote Script Code Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00280.html
[Positive Technologies Research] Open Source WebEngine and Web Crawler v.0.2 is out!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00304.html
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll) http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00276.html
DLL hijacking on Linux
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00275.html
iDefense Security Advisory 08.24.10: Adobe Shockwave Player Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00274.html
Nagios XI users.php SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00273.html
ZDI-10-164: Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Exec
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00272.html
ZDI-10-163: Adobe Shockwave Director tSAC Chunk Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00271.html
ZDI-10-162: Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00270.html
ZDI-10-161: Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00269.html
ZDI-10-160: Adobe Shockwave Player Director File FFFFFF45 Record Processing Remote Code Exec
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00268.html
TPTI-10-15: Adobe Shockwave Director mmap Trusted Chunk Size Remote Code Execution Vulnerabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00267.html
TPTI-10-14: Adobe Shockwave Director rcsL Chunk Pointer Offset Remote Code Execution Vulnera
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00264.html
TPTI-10-13: Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00266.html
TPTI-10-12: Adobe Shockwave TextXtra Allocator Integer Overflow Remote Code Execution Vulner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00265.html
TPTI-10-11: Adobe Shockwave tSAC Chunk Pointer Offset Memory Corruption Remote Code Executio
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00261.html
TPTI-10-10: Adobe Shockwave tSAC Chunk Invalid Seek Memory Corruption Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00262.html
TPTI-10-09: Adobe Shockwave CSWV Chunk Memory Corruption Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00263.html
Firefox <= 3.6.8 DLL Hijacking Exploit [dwmapi.dll] http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00285.html
[SECURITY] [DSA 2096-1] New zope-ldapuserfolder packages fix authentication bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00259.html
[ MDVSA-2010:161 ] vte
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00260.html
Camtasia Studio Insecure Library Loading Vulnerability
http://secunia.com/advisories/41119/
010 Editor Insecure Library Loading Vulnerability
http://secunia.com/advisories/41094/
Snagit Insecure Library Loading Vulnerability
http://secunia.com/advisories/41124/
Microsoft Office Groove Insecure Library Loading Vulnerability
http://secunia.com/advisories/41104/
Red Hat update for ImageMagick
http://secunia.com/advisories/41111/
Windows Live Mail Insecure Library Loading Vulnerability
http://secunia.com/advisories/41098/
avast! Antivirus Insecure Library Loading Vulnerability
http://secunia.com/advisories/41109/
Red Hat update for qspice-client and spice-xpi
http://secunia.com/advisories/41120/
VLC Media Player Insecure Library Loading Vulnerability
http://secunia.com/advisories/41107/
KDE Okular PDB Parsing RLE Decompression Buffer Overflow
http://secunia.com/advisories/40952/
TeamViewer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41112/
Adobe Dreamweaver Insecure Library Loading Vulnerability
http://secunia.com/advisories/41110/
GFI Web Monitor Script Insertion Vulnerability
http://secunia.com/advisories/41101/
ClanSphere "index.php" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41089/
SEIL Routers IPv6 Unicast RPF Spoofing Vulnerability
http://secunia.com/advisories/41088/
Debian update for zope-ldapuserfolder
http://secunia.com/advisories/41054/
Mapbender Multiple Vulnerabilities
http://secunia.com/advisories/41053/
phpBugTracker SQL Injection and Arbitrary File Upload Vulnerabilities
http://secunia.com/advisories/40928/
Wing FTP Server HTTP Denial of Service Vulnerability
http://secunia.com/advisories/41040/
Opera Insecure Library Loading Vulnerability
http://secunia.com/advisories/41083/
Adobe Shockwave Player Multiple Vulnerabilities
http://secunia.com/advisories/41065/
Mozilla Firefox Insecure Library Loading Vulnerability
http://secunia.com/advisories/41095/
Microsoft Windows Address Book Insecure Library Loading Vulnerability
http://secunia.com/advisories/41050/
Wireshark Insecure Library Loading Vulnerability
http://secunia.com/advisories/41064/
Microsoft Office PowerPoint Insecure Library Loading Vulnerability
http://secunia.com/advisories/41063/
Adobe Photoshop Insecure Library Loading Vulnerability
http://secunia.com/advisories/41060/
uTorrent Insecure Library Loading Vulnerability
http://secunia.com/advisories/41051/
Squid Long DNS Replies Denial of Service Vulnerability
http://secunia.com/advisories/41090/
Fedora update for zabbix
http://secunia.com/advisories/41099/
Trend Micro Internet Security Pro Memory Access Error in 'UfPBCtrl.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024364.html
Cisco Unified Communications Manager SIP Processing Flaws Let Remote Users Interrupt Voice Services
http://securitytracker.com/alerts/2010/Aug/1024363.html
Cisco Unified Presence SIP Processing Flaws Let Remote Users Disrupt Presence Service
http://securitytracker.com/alerts/2010/Aug/1024362.html
Directory Traversal in SoftX FTP Client
http://securityreason.com/securityalert/7686
Vulnerability Note VU#707943: Microsoft Windows based applications may insecurely load dynamic libraries
http://www.kb.cert.org/vuls/id/707943
Adobe Shockwave Player Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2176
Avast! Antivirus File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2175
TeamViewer File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2174
Microsoft Windows Live Mail Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2173
VLC Media Player File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2172
Adobe Dreamweaver File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2171
Adobe Photoshop File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2170
Mozilla Firefox File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2169
Microsoft Windows Address Book Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2168
Opera Browser File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2167
Microsoft Office PowerPoint Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2166
Wireshark File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2165
uTorrent File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2164
Squid DNS Replies Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2163
Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/2162
Cisco WebEx Player ARF File Handling Heap Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2161
MySQL Security Update Fixes Multiple Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2160
Debian Security Update Fixes Zope-ldapuserfolder Vulnerability
http://www.vupen.com/english/advisories/2010/2159
Fedora Security Update Fixes Zabbix Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2158
Deepin TFTP Server Directory Traversal Vulnerability Software Version : v1.25
http://www.exploit-db.com/exploits/14779/
Demon tool lite DLL Hijacking Exploit (mfc80loc.dll)
http://www.exploit-db.com/exploits/14791
Google Earth v5.1.3535.3218 (quserex.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14790
Nullsoft Winamp 5.581 (wnaspi32.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14789
Media Player Classic 6.4.9.1 (iacenc.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14788
Corel PHOTO-PAINT X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14787
CorelDRAW X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14786
Adobe ExtendedScript Toolkit CS5 v3.5.0.52 (dwmapi.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14785
Adobe Extension Manager CS5 v5.0.298 (dwmapi.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14784
Mozilla Thunderbird DLL Hijacking Exploit ( dwmapi.dll )
http://www.exploit-db.com/exploits/14783
Microsoft Office PowerPoint 2007 DLL Hijacking Exploit (rpawinet.dll)
http://www.exploit-db.com/exploits/14782
Roxio MyDVD 9 DLL Hijacking Exploit (HomeUtils9.dll)
http://www.exploit-db.com/exploits/14781
Windows Internet Communication Settings DLL Hijacking Exploit (schannel.dll)
http://www.exploit-db.com/exploits/14780
Microsoft Windows Contacts DLL Hijacking Exploit (wab32res.dll)
http://www.exploit-db.com/exploits/14778
Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14775
Cisco Packet Tracer 5.2 DLL Hijacking Exploit (wintab32.dll)
http://www.exploit-db.com/exploits/14774
Nvidia Driver DLL Hijacking Exploit (nview.dll)
http://www.exploit-db.com/exploits/14769
Adobe Illustrator CS4 DLL Hijacking Exploit (aires.dll)
http://www.exploit-db.com/exploits/14773
Adobe On Location CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14772
Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14771
Windows Program Group DLL Hijacking Exploit (imm.dll)
http://www.exploit-db.com/exploits/14770
Roxio Creator DE DLL Hijacking Exploit (HomeUtils9.dll)
http://www.exploit-db.com/exploits/14768
Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)
http://www.exploit-db.com/exploits/14766
Mediaplayer Classic 1.3.2189.0 DLL Hijacking Exploit (iacenc.dll)
http://www.exploit-db.com/exploits/14765
TechSmith Snagit 10 (Build 788) DLL Hijacking Exploit (dwmapi.dll)
http://www.exploit-db.com/exploits/14764
Bloodshed Dev-C++ Binary Hijacking Exploit (make.exe, mingw32-make.exe)
http://www.exploit-db.com/exploits/14763
Ettercap NG-0.7.3 DLL Hijacking Exploit (wpcap.dll)
http://www.exploit-db.com/exploits/14762
Microsoft Group Convertor DLL Hijacking Exploit (imm.dll)
http://www.exploit-db.com/exploits/14758
Safari v5.0.1 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14756
Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)
http://www.exploit-db.com/exploits/14755
Microsoft Internet Connection Signup Wizard DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14754
InterVideo WinDVD 5 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14753
Roxio Photosuite 9 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14752
Microsoft Vista BitLocker Drive Encryption API Hijacking Exploit
http://www.exploit-db.com/exploits/14751
VLC Media Player DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14750
Acunetix Web Vulnerability Scanner DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14749
uTorrent DLL Hijacking Vulnerabilities
http://www.exploit-db.com/exploits/14748
TeamMate Audit Management Software Suite DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14747
Microsoft Office Groove 2007 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14746
Microsoft Address Book 6.00.2900.5512 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14745
Microsoft Visio 2003 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14744
avast! <= 5.0.594 license files DLL Hijacking Exploit (mfc90loc.dll)
http://www.exploit-db.com/exploits/14743
Adobe Photoshop CS2 DLL Hijacking Exploit (Wintab32.dll)
http://www.exploit-db.com/exploits/14741
Adobe Dreamweaver CS5 <= 11.0 build 4909 DLL Hijacking Exploit (mfc90loc.dll) http://www.exploit-db.com/exploits/14740
BS.Player <= 2.56 build 1043 DLL Hijacking Exploit (mfc71loc.dll)
http://www.exploit-db.com/exploits/14739
Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14735
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)
http://www.exploit-db.com/exploits/14734
Microsoft Windows 7 wab.exe DLL Hijacking Exploit (wab32res.dll)
http://www.exploit-db.com/exploits/14733
Flash Movie Player v1.5 File Magic Denial of Service Vulnerability
http://www.exploit-db.com/exploits/14767/
Adobe Acrobat Reader All Version Memory Corruption
http://www.exploit-db.com/exploits/14761/
http://www.microsoft.com/technet/security/bulletin/MS10-056.mspx
UPDATE: MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)
http://www.microsoft.com/technet/security/bulletin/MS10-054.mspx
UPDATE: MS10-056 - 緊急: Microsoft Office Word の脆弱性により、リモートでコードが実行される (2269638)
http://www.microsoft.com/japan/technet/security/bulletin/MS10-056.mspx
Trend Micro Control Manager 5.0 用 Patch 5 (Build 1914) 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1460
JVNVU#707943 Windows プログラムの DLL 読み込みに脆弱性
http://jvn.jp/cert/JVNVU707943/index.html
Ubuntu update for python-moin
http://secunia.com/advisories/41102/
PuTTY 0.60 DLL Hijacking Exploit (winmm.dll)
http://www.exploit-db.com/exploits/14796/
wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll)
http://www.exploit-db.com/exploits/14794/
Autodesk AutoCAD 2007 dll Hijacking exploit (color.dll)
http://www.exploit-db.com/exploits/14793/
+ HPSBUX02552 SSRT100062 rev.1 - HP-UX running Software Distributor (sd), Local Privilege Increase, Unauthorized Access
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02285980
+ RHSA-2010:0653-1: Moderate: ImageMagick security update
http://rhn.redhat.com/errata/RHSA-2010-0653.html
http://secunia.com/advisories/41111/
+ Zimbra Collaboration Suite 6.0.8 released
http://www.zimbra.com/downloads/os-downloads.html
http://files2.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.8.pdf
+ Microsoft Windows Address Book Insecure Library Loading Vulnerability
http://secunia.com/advisories/41050/
http://www.vupen.com/english/advisories/2010/2168
+? Microsoft Office PowerPoint Insecure Library Loading Vulnerability
http://secunia.com/advisories/41063/
http://www.vupen.com/english/advisories/2010/2166
http://www.exploit-db.com/exploits/14782/
- Microsoft Office Groove Insecure Library Loading Vulnerability
http://secunia.com/advisories/41104/
- RHSA-2010:0652-1: Moderate: ImageMagick security and bug fix update
http://rhn.redhat.com/errata/RHSA-2010-0652.html
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20100825-cucm.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of Multiple DoS Vulnerabilities in Cisco Unified Communications Products
http://www.cisco.com/warp/public/707/cisco-amb-20100825-cucm-cup.shtml
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20100825-cup.shtml
ウイルスバスター チャットサポート メンテナンスのお知らせ(2010年8月26日)
http://www.trendmicro.co.jp/support/news.asp?id=1462
Hewlett-Packard : HP MagCloud iPad App, Remote Unauthorized Access to Data
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33533
Hewlett-Packard : HP StorageWorks Storage Mirroring, Local Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33534
Mandriva : [MDVSA-2010:160] cacti command excution and XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33529
シマンテック、セキュリティ対策ソフトの新版を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20100826/351451/?ST=security
FFR、組み込み製品向けセキュリティ検査ツール「FFR Raven」を発売
http://itpro.nikkeibp.co.jp/article/NEWS/20100825/351439/?ST=security
JVNDB-2010-001873 FreeType のデモプログラムにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001873.html
JVNDB-2010-001872 FreeType の Mac_Read_POST_Resource 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001872.html
JVNDB-2010-001871 FreeType の gray_render_span 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001871.html
JVNDB-2010-001870 FreeType の Mac_Read_POST_Resource 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001870.html
JVNDB-2010-001869 FreeType の psh_glyph_find_strong_points 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001869.html
JVNDB-2010-001868 FreeType の ftmulti.c におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001868.html
JVNDB-2010-001867 Apache Tomcat のサンプル用 calendar アプリケーションにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001867.html
JVNDB-2008-002433 Apache HTTP Server の mod_proxy における重要なレスポンスを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002433.html
Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00293.html
Adobe On Location CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00287.html
Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00303.html
Adobe Illustrator CS4 DLL Hijacking Exploit (aires.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00297.html
ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00284.html
[USN-977-1] MoinMoin vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00286.html
[USN-976-1] Tomcat vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00291.html
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00283.html
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00298.html
Deepin TFTP Server Directory Traversal Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00299.html
Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00296.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2880
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00294.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2881
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00288.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2864
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00290.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2869
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00292.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2882
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00295.html
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2868
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00289.html
Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00282.html
GFI WebMonitor Admin UI Remote Script Code Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00280.html
[Positive Technologies Research] Open Source WebEngine and Web Crawler v.0.2 is out!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00304.html
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll) http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00276.html
DLL hijacking on Linux
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00275.html
iDefense Security Advisory 08.24.10: Adobe Shockwave Player Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00274.html
Nagios XI users.php SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00273.html
ZDI-10-164: Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Exec
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00272.html
ZDI-10-163: Adobe Shockwave Director tSAC Chunk Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00271.html
ZDI-10-162: Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00270.html
ZDI-10-161: Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00269.html
ZDI-10-160: Adobe Shockwave Player Director File FFFFFF45 Record Processing Remote Code Exec
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00268.html
TPTI-10-15: Adobe Shockwave Director mmap Trusted Chunk Size Remote Code Execution Vulnerabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00267.html
TPTI-10-14: Adobe Shockwave Director rcsL Chunk Pointer Offset Remote Code Execution Vulnera
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00264.html
TPTI-10-13: Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00266.html
TPTI-10-12: Adobe Shockwave TextXtra Allocator Integer Overflow Remote Code Execution Vulner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00265.html
TPTI-10-11: Adobe Shockwave tSAC Chunk Pointer Offset Memory Corruption Remote Code Executio
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00261.html
TPTI-10-10: Adobe Shockwave tSAC Chunk Invalid Seek Memory Corruption Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00262.html
TPTI-10-09: Adobe Shockwave CSWV Chunk Memory Corruption Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00263.html
Firefox <= 3.6.8 DLL Hijacking Exploit [dwmapi.dll] http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00285.html
[SECURITY] [DSA 2096-1] New zope-ldapuserfolder packages fix authentication bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00259.html
[ MDVSA-2010:161 ] vte
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00260.html
Camtasia Studio Insecure Library Loading Vulnerability
http://secunia.com/advisories/41119/
010 Editor Insecure Library Loading Vulnerability
http://secunia.com/advisories/41094/
Snagit Insecure Library Loading Vulnerability
http://secunia.com/advisories/41124/
Microsoft Office Groove Insecure Library Loading Vulnerability
http://secunia.com/advisories/41104/
Red Hat update for ImageMagick
http://secunia.com/advisories/41111/
Windows Live Mail Insecure Library Loading Vulnerability
http://secunia.com/advisories/41098/
avast! Antivirus Insecure Library Loading Vulnerability
http://secunia.com/advisories/41109/
Red Hat update for qspice-client and spice-xpi
http://secunia.com/advisories/41120/
VLC Media Player Insecure Library Loading Vulnerability
http://secunia.com/advisories/41107/
KDE Okular PDB Parsing RLE Decompression Buffer Overflow
http://secunia.com/advisories/40952/
TeamViewer Insecure Library Loading Vulnerability
http://secunia.com/advisories/41112/
Adobe Dreamweaver Insecure Library Loading Vulnerability
http://secunia.com/advisories/41110/
GFI Web Monitor Script Insertion Vulnerability
http://secunia.com/advisories/41101/
ClanSphere "index.php" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41089/
SEIL Routers IPv6 Unicast RPF Spoofing Vulnerability
http://secunia.com/advisories/41088/
Debian update for zope-ldapuserfolder
http://secunia.com/advisories/41054/
Mapbender Multiple Vulnerabilities
http://secunia.com/advisories/41053/
phpBugTracker SQL Injection and Arbitrary File Upload Vulnerabilities
http://secunia.com/advisories/40928/
Wing FTP Server HTTP Denial of Service Vulnerability
http://secunia.com/advisories/41040/
Opera Insecure Library Loading Vulnerability
http://secunia.com/advisories/41083/
Adobe Shockwave Player Multiple Vulnerabilities
http://secunia.com/advisories/41065/
Mozilla Firefox Insecure Library Loading Vulnerability
http://secunia.com/advisories/41095/
Microsoft Windows Address Book Insecure Library Loading Vulnerability
http://secunia.com/advisories/41050/
Wireshark Insecure Library Loading Vulnerability
http://secunia.com/advisories/41064/
Microsoft Office PowerPoint Insecure Library Loading Vulnerability
http://secunia.com/advisories/41063/
Adobe Photoshop Insecure Library Loading Vulnerability
http://secunia.com/advisories/41060/
uTorrent Insecure Library Loading Vulnerability
http://secunia.com/advisories/41051/
Squid Long DNS Replies Denial of Service Vulnerability
http://secunia.com/advisories/41090/
Fedora update for zabbix
http://secunia.com/advisories/41099/
Trend Micro Internet Security Pro Memory Access Error in 'UfPBCtrl.dll' ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024364.html
Cisco Unified Communications Manager SIP Processing Flaws Let Remote Users Interrupt Voice Services
http://securitytracker.com/alerts/2010/Aug/1024363.html
Cisco Unified Presence SIP Processing Flaws Let Remote Users Disrupt Presence Service
http://securitytracker.com/alerts/2010/Aug/1024362.html
Directory Traversal in SoftX FTP Client
http://securityreason.com/securityalert/7686
Vulnerability Note VU#707943: Microsoft Windows based applications may insecurely load dynamic libraries
http://www.kb.cert.org/vuls/id/707943
Adobe Shockwave Player Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2176
Avast! Antivirus File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2175
TeamViewer File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2174
Microsoft Windows Live Mail Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2173
VLC Media Player File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2172
Adobe Dreamweaver File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2171
Adobe Photoshop File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2170
Mozilla Firefox File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2169
Microsoft Windows Address Book Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2168
Opera Browser File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2167
Microsoft Office PowerPoint Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2166
Wireshark File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2165
uTorrent File Opening Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2164
Squid DNS Replies Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2163
Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/2162
Cisco WebEx Player ARF File Handling Heap Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2161
MySQL Security Update Fixes Multiple Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2160
Debian Security Update Fixes Zope-ldapuserfolder Vulnerability
http://www.vupen.com/english/advisories/2010/2159
Fedora Security Update Fixes Zabbix Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2158
Deepin TFTP Server Directory Traversal Vulnerability Software Version : v1.25
http://www.exploit-db.com/exploits/14779/
Demon tool lite DLL Hijacking Exploit (mfc80loc.dll)
http://www.exploit-db.com/exploits/14791
Google Earth v5.1.3535.3218 (quserex.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14790
Nullsoft Winamp 5.581 (wnaspi32.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14789
Media Player Classic 6.4.9.1 (iacenc.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14788
Corel PHOTO-PAINT X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14787
CorelDRAW X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14786
Adobe ExtendedScript Toolkit CS5 v3.5.0.52 (dwmapi.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14785
Adobe Extension Manager CS5 v5.0.298 (dwmapi.dll) DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14784
Mozilla Thunderbird DLL Hijacking Exploit ( dwmapi.dll )
http://www.exploit-db.com/exploits/14783
Microsoft Office PowerPoint 2007 DLL Hijacking Exploit (rpawinet.dll)
http://www.exploit-db.com/exploits/14782
Roxio MyDVD 9 DLL Hijacking Exploit (HomeUtils9.dll)
http://www.exploit-db.com/exploits/14781
Windows Internet Communication Settings DLL Hijacking Exploit (schannel.dll)
http://www.exploit-db.com/exploits/14780
Microsoft Windows Contacts DLL Hijacking Exploit (wab32res.dll)
http://www.exploit-db.com/exploits/14778
Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14775
Cisco Packet Tracer 5.2 DLL Hijacking Exploit (wintab32.dll)
http://www.exploit-db.com/exploits/14774
Nvidia Driver DLL Hijacking Exploit (nview.dll)
http://www.exploit-db.com/exploits/14769
Adobe Illustrator CS4 DLL Hijacking Exploit (aires.dll)
http://www.exploit-db.com/exploits/14773
Adobe On Location CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14772
Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14771
Windows Program Group DLL Hijacking Exploit (imm.dll)
http://www.exploit-db.com/exploits/14770
Roxio Creator DE DLL Hijacking Exploit (HomeUtils9.dll)
http://www.exploit-db.com/exploits/14768
Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll)
http://www.exploit-db.com/exploits/14766
Mediaplayer Classic 1.3.2189.0 DLL Hijacking Exploit (iacenc.dll)
http://www.exploit-db.com/exploits/14765
TechSmith Snagit 10 (Build 788) DLL Hijacking Exploit (dwmapi.dll)
http://www.exploit-db.com/exploits/14764
Bloodshed Dev-C++ Binary Hijacking Exploit (make.exe, mingw32-make.exe)
http://www.exploit-db.com/exploits/14763
Ettercap NG-0.7.3 DLL Hijacking Exploit (wpcap.dll)
http://www.exploit-db.com/exploits/14762
Microsoft Group Convertor DLL Hijacking Exploit (imm.dll)
http://www.exploit-db.com/exploits/14758
Safari v5.0.1 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14756
Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)
http://www.exploit-db.com/exploits/14755
Microsoft Internet Connection Signup Wizard DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14754
InterVideo WinDVD 5 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14753
Roxio Photosuite 9 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14752
Microsoft Vista BitLocker Drive Encryption API Hijacking Exploit
http://www.exploit-db.com/exploits/14751
VLC Media Player DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14750
Acunetix Web Vulnerability Scanner DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14749
uTorrent DLL Hijacking Vulnerabilities
http://www.exploit-db.com/exploits/14748
TeamMate Audit Management Software Suite DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14747
Microsoft Office Groove 2007 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14746
Microsoft Address Book 6.00.2900.5512 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14745
Microsoft Visio 2003 DLL Hijacking Exploit
http://www.exploit-db.com/exploits/14744
avast! <= 5.0.594 license files DLL Hijacking Exploit (mfc90loc.dll)
http://www.exploit-db.com/exploits/14743
Adobe Photoshop CS2 DLL Hijacking Exploit (Wintab32.dll)
http://www.exploit-db.com/exploits/14741
Adobe Dreamweaver CS5 <= 11.0 build 4909 DLL Hijacking Exploit (mfc90loc.dll) http://www.exploit-db.com/exploits/14740
BS.Player <= 2.56 build 1043 DLL Hijacking Exploit (mfc71loc.dll)
http://www.exploit-db.com/exploits/14739
Adobe Dreamweaver CS4 DLL Hijacking Exploit (ibfs32.dll)
http://www.exploit-db.com/exploits/14735
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll)
http://www.exploit-db.com/exploits/14734
Microsoft Windows 7 wab.exe DLL Hijacking Exploit (wab32res.dll)
http://www.exploit-db.com/exploits/14733
Flash Movie Player v1.5 File Magic Denial of Service Vulnerability
http://www.exploit-db.com/exploits/14767/
Adobe Acrobat Reader All Version Memory Corruption
http://www.exploit-db.com/exploits/14761/
登録:
投稿 (Atom)