MySQL Workbench 5.2.27 GA Available
http://wb.mysql.com/?p=406
UPDATE: マイクロソフト セキュリティ アドバイザリ (2269637): 安全でないライブラリのロードにより、リモートでコードが実行される
http://www.microsoft.com/japan/technet/security/advisory/2269637.mspx
Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/2269637.mspx
JPCERT/CC WEEKLY REPORT 2010-09-01
http://www.jpcert.or.jp/wr/2010/wr103301.html
JVNTA10-238A: Microsoft Windows における DLL 読み込みに関する脆弱性
http://jvn.jp/cert/JVNTA10-238A/index.html
情報セキュリティ白書2010
~広まる脅威・多様化する攻撃、求められる新たな情報セキュリティ対策~
http://www.ipa.go.jp/security/publications/hakusyo/2010/hakusho2010.html
BugTracker.net 3.4.3 SQL Injection
http://securityreason.com/securityalert/7717
Adobe Shockwave Player Memory Corruption Vulnerability 2
http://securityreason.com/securityalert/7716
Adobe Shockwave Player Memory Corruption Vulnerability
http://securityreason.com/securityalert/7715
Fedora update for socat
http://secunia.com/advisories/41256/
Debian udate for wireshark
http://secunia.com/advisories/41133/
Adobe Premiere Pro Insecure Library Loading Vulnerability
http://secunia.com/advisories/41133/
Ubuntu update for bogofilter
http://secunia.com/advisories/41183/
+ HS10-025: JP1/NETM/Remote Control Agentにおける認証バイパスの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-025/index.html
+ Microsoft Internet Explorer SSL Certificate IP Address Wildcard Vulnerability
http://www.vupen.com/english/advisories/2010/2240
-- Linux Kernel Wireless Extensions Memory Leak Vulnerability
http://secunia.com/advisories/41245/
[ANNOUNCEMENT] Apache HTTP Server 2.3.8-alpha Released
http://httpd.apache.org/download.cgi
[ANNOUNCE] PostgreSQL 9.0 Release Candidate 1
http://developer.postgresql.org/pgdocs/postgres/release-9-0.html
http://www.postgresql.org/about/news.1230
[ANNOUNCEMENT] HttpComponents HttpCore 4.1-beta2 Released
http://www.apache.org/dist/httpcomponents/httpcore/RELEASE_NOTES.txt
[ANNOUNCE] Apache OpenJPA 2.0.1 released
http://openjpa.apache.org/
phpMyAdmin 3.3.7-rc1 and 2.11.11-rc1 released
http://sourceforge.net/news/?group_id=23067&id=291193
ウイルスバスター2011 クラウド 公開とサポート開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1463
UPDATE: Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/2269637.mspx
Hewlett-Packard : HP System Management Homepage Running PHP - Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33593
Debian : DSA 2099-1 - New OpenOffice.org packages fix arbitrary code execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33587
Debian : DSA 2100-1 - New openssl packages fix double free
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33588
Hewlett-Packard : HP-UX - Local Privilege Increase, Unauthorized Access
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33592
Independent Researcher : Safari for windows Invalid SGV text style Webkit.dll DoS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33595
Mandriva : MDVSA-2010:163 - phpmyadmin - Multiple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33589
Mandriva : MDVSA-2010:164 - phpmyadmin - XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33590
Mandriva : MDVSA-2010:165 - libHX - Heap Based Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33591
Rapid 7 : FCKEditor.NET File Upload Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33596
不審者を画像や音声で自動判定、セコムが国内初のサービス
http://itpro.nikkeibp.co.jp/article/NEWS/20100831/351628/?ST=security
ApPHP Calendar XSS - CSRF
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00372.html
KeePass version 2.12 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll) http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00373.html
ZDI-10-168: Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00371.html
[ MDVSA-2010:166 ] libgdiplus
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00370.html
Tortoise SVN DLL Hijacking Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00369.html
[security bulletin] HPSBMA02571 SSRT100034 rev.1 - HP Insight Diagnostics Online Edition, Remote
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00368.html
[USN-981-1] libwww-perl vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00366.html
[USN-980-1] bogofilter vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00364.html
[security bulletin] HPSBMA01212 SSRT5998 rev.4 - HP System Management Homepage Running PHP, Remo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00365.html
django in combination with mod wsgi on apache on default debian and ubuntu installations does not pl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00365.html
[security bulletin] HPSBUX02552 SSRT100062 rev.1 - HP-UX running Software Distributor (sd),
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-08/msg00363.html
JVNDB-2010-001909 Microsoft Windows Microsoft XML Core Services における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001909.html
JVNDB-2010-001908 Microsoft XML Core Services における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001908.html
JVNDB-2010-001907 Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001907.html
JVNDB-2010-001906 Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001906.html
JVNDB-2010-001905 Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001905.html
JVNDB-2010-001904 Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001904.html
JVNDB-2010-001903 Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001903.html
JVNDB-2010-001902 Microsoft Windows の MPEG Layer-3 Audio Codec for Microsoft DirectShow におけるバッファオーバーフロー脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001902.html
JVNDB-2010-001901 Microsoft Internet Explorer における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001901.html
JVNDB-2010-001900 Adobe ColdFusion の administrator コンソールにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001900.html
JVNDB-2010-001899 Adobe Flash Media Server におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001899.html
JVNDB-2010-001898 Adobe Flash Media Server におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001898.html
JVNDB-2010-001897 Adobe Flash Media Server におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001897.html
JVNDB-2010-001896 Adobe Flash Media Server における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001896.html
JVNDB-2010-001895 Oracle Siebel Option Pack for IE の ActiveX コントロールのメモリ初期化処理に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001895.html
JVNDB-2010-001894 Adobe Reader および Acrobat の CoolType.dll における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001894.html
Interesting PHP injection
http://isc.sans.edu/diary.html?storyid=9478
SiSoftware Sandra Insecure Library Loading Vulnerability
http://secunia.com/advisories/41178/
UltraISO Insecure Library Loading Vulnerability
http://secunia.com/advisories/41227/
QtWeb Browser Insecure Library Loading Vulnerability
http://secunia.com/advisories/41201/
Hitachi Storage Command Suite Denial of Service Vulnerability
http://secunia.com/advisories/41182/
Hitachi JP1 Products Denial of Service Vulnerability
http://secunia.com/advisories/41247/
Linux Kernel Wireless Extensions Memory Leak Vulnerability
http://secunia.com/advisories/41245/
Hitachi JP1/Integrated Management Denial of Service Vulnerability
http://secunia.com/advisories/41248/
Hitachi JP1/Performance Management Denial of Service Vulnerability
http://secunia.com/advisories/41249/
Hitachi JP1/Automatic Job Management System Denial of Service Vulnerability
http://secunia.com/advisories/41250/
Hitachi Cosminexus Products Denial of Service Vulnerability
http://secunia.com/advisories/41252/
Hitachi JP1/ServerConductor/Control Manager Denial of Service Vulnerability
http://secunia.com/advisories/41251/
Hitachi JP1/Desktop Navigation Denial of Service Vulnerability
http://secunia.com/advisories/41246/
Sophos Free Encryption Insecure Library Loading Vulnerability
http://secunia.com/advisories/41209/
IsoBuster Insecure Library Loading Vulnerability
http://secunia.com/advisories/41243/
Joomla! JE FAQ Pro Component "catid" SQL Injection Vulnerability
http://secunia.com/advisories/41078/
phpMyAdmin Backtrace Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41206/
Moo Products Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41179/
Mozilla Firefox NSS Certificate IP Address Wildcard Matching Vulnerability
http://secunia.com/advisories/41244/
Novell NetWare OpenSSH Buffer Overflow Vulnerability
http://secunia.com/advisories/41180/
Network Security Services Certificate IP Address Wildcard Matching Vulnerability
http://secunia.com/advisories/41237/
Apple QuickTime QTPlugin.ocx Input Validation Vulnerability
http://secunia.com/advisories/41213/
Virtual DJ Insecure Library Loading Vulnerability
http://secunia.com/advisories/41115/
WinImage Insecure Library Loading Vulnerability
http://secunia.com/advisories/41225/
Joomla! PicSell Component "dflink" File Disclosure Vulnerability
http://secunia.com/advisories/41187/
KDE Okular PDB Parsing RLE Decompression Buffer Overflow
http://securityreason.com/securityalert/7714
RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities
http://securityreason.com/securityalert/7713
RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability
http://securityreason.com/securityalert/7712
Adobe Shockwave Player Memory Corruption Vulnerability
http://securityreason.com/securityalert/7711
Adobe Shockwave TextXtra Allocator Integer Overflow Remote Code Execution Vulnerability
http://securityreason.com/securityalert/7710
nginx v0.6.38 Heap Corruption
http://securityreason.com/securityalert/7709
Adobe Shockwave 11.20005.7.609 tSAC Chunk Invalid Seek
http://securityreason.com/securityalert/7708
Adobe Shockwave 11.20005.7.609 CSWV Chunk Memory Corruption
http://securityreason.com/securityalert/7707
HP Insight Diagnostics Online Edition Input Validation Hole Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Aug/1024379.html
Novell NetWare SFTP/SCP Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024378.html
Apple QuickTime Flaw in QTPlugin.ocx ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Aug/1024376.html
Hitachi JP1/ServerConductor/Control Manager Denial of Service
http://www.vupen.com/english/advisories/2010/2248
Hitachi Cosminexus Products Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2247
Camino Browser Security Update Fixes Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2246
HP Insight Diagnostics Online Edition Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2245
Novell NetWare SFTP / SCP Path Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2244
Wireshark Security Update Fixes Insecure Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2243
phpMyAdmin Debugging Messages Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2242
Apple QuickTime "QTPlugin.ocx" Trusted Parameter Value Vulnerability
http://www.vupen.com/english/advisories/2010/2241
Microsoft Internet Explorer SSL Certificate IP Address Wildcard Vulnerability
http://www.vupen.com/english/advisories/2010/2240
Google Chrome SSL Certificate IP Address Wildcard Vulnerability
http://www.vupen.com/english/advisories/2010/2239
Mozilla Firefox SSL Certificate IP Address Wildcard Vulnerability
http://www.vupen.com/english/advisories/2010/2238
Qt QSslSocket SSL Certificate IP Address Wildcard Vulnerability
http://www.vupen.com/english/advisories/2010/2237
Redhat Security Update Fixes Kernel Privilege Escalation and DoS
http://www.vupen.com/english/advisories/2010/2236
Redhat Security Update Fixes httpd Information Disclosure and DoS
http://www.vupen.com/english/advisories/2010/2235
Fedora Security Update Fixes php-pear-CAS Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2234
Fedora Security Update Fixes bogofilter Heap Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/2233
Mandriva Security Update Fixes libHX Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2232
Mandriva Security Update Fixes phpMyAdmin Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2231
Ubuntu Security Update Fixes okular kdegraphics Memory Corruption
http://www.vupen.com/english/advisories/2010/2230
Debian Security Update Fixes OpenSSL Use-after-free Vulnerability
http://www.vupen.com/english/advisories/2010/2229
Debian Security Update Fixes OpenOffice.org Two Vulnerabilities
http://www.vupen.com/english/advisories/2010/2228
0 件のコメント:
コメントを投稿