ウイルスバスター 月額版 サーバメンテナンスのお知らせ(2010年11月1日)
http://www.trendmicro.co.jp/support/news.asp?id=1484
プレス発表
「Sleipnir」および「Grani」におけるセキュリティ上の弱点(脆弱性)の注意喚起
http://www.ipa.go.jp/about/press/20101022.html
JVNVU#707943 Windows プログラムの DLL 読み込みに脆弱性
http://jvn.jp/cert/JVNVU707943/index.html
JVN#07497935 複数の Yokka 提供製品における実行ファイル読み込みに関する脆弱性
http://jvn.jp/jp/JVN07497935/index.html
JVN#89272705 Sleipnir および Grani における実行ファイル読み込みに関する脆弱性
http://jvn.jp/jp/JVN89272705/index.html
JVN#50610528 Sleipnir および Grani における DLL 読み込みに関する脆弱性
http://jvn.jp/jp/JVN50610528/index.html
JVNDB-2009-002263 Xpdf および Poppler の ImageStream::ImageStream 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002263.html
JVNDB-2010-002169 複数の Microsoft 製品の toStaticHTML 関数 および SafeHTML 関数におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002169.html
JVNDB-2010-002168 Microsoft Internet Explorer の toStaticHTML 関数におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002168.html
JVNDB-2010-002167 Windows 上で稼働する Microsoft Internet Explorer における重要なフォーム情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002167.html
JVNDB-2010-000049 複数の Yokka 提供製品における実行ファイル読み込みに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000049.html
JVNDB-2010-000048 Sleipnir および Grani における実行ファイル読み込みに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000048.html
JVNDB-2010-000047 Sleipnir および Grani における DLL 読み込みに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000047.html
NetBSD netsmb Filesystem Buffer Limit Error Lets Local Users Consume Excessive Memory
http://securitytracker.com/alerts/2010/Oct/1024628.html
Apple FaceTime for Mac Lets Local Users Modify iTunes/MobileMe Passwords
http://securitytracker.com/alerts/2010/Oct/1024626.html
libvirt Multiple Local Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/41981
+ Dovecot 2.0.6 released
http://www.dovecot.org/list/dovecot-news/2010-October/000179.html
+ MySQL 5.1.52 released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html
+- Xpdf 3.02pl5 was released
http://www.foolabs.com/xpdf/README
http://www.foolabs.com/xpdf/CHANGES
APSA10-04: Security Advisory for Adobe Shockwave Player
http://www.adobe.com/support/security/advisories/apsa10-04.html
CESA-2010:0787 (glibc)
http://lwn.net/Alerts/411095/
CESA-2010:0780 (thunderbird)
http://lwn.net/Alerts/411090/
CESA-2010:0782 (firefox)
http://lwn.net/Alerts/411092/
CESA-2010:0785 (quagga)
http://lwn.net/Alerts/411094/
HPSBMA02593 SSRT100237 rev.1 - HP Virtual Connect Enterprise Manager (VCEM) for Windows, Remote Arbitrary File Download
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02550412
サイベースが、データウェアハウスを低価格で始められる「Sybase IQ SBEキャンペーン」を実施
http://www.sybase.jp/detail?id=1085384
サイベースが、データウェアハウス用DBの最新版「Sybase IQ 15.2」を発表
http://www.sybase.jp/detail?id=1085383
Mandriva : [MDVSA-2010:208] pidgin Denial-of-Service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33989
Apple : APPLE-SA-2010-10-20-1 Java for Mac OS X 10.6 Update 3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33995
Apple : [APPLE-SA-2010-10-20-2] Java for Mac OS X 10.5 Update 8
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33996
Core Security Technologies : [CORE-2010-0819] LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34000
Mandriva : [MDVSA-2010:207] glibc
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33990
Red Hat : [RHSA-2010:0787-01] Important: glibc security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33997
Red Hat : [RHSA-2010:0785-01] Moderate: quagga security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33998
Red Hat : [RHSA-2010:0786-01] Critical: java-1.4.2-ibm security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33999
RedHat : [RHSA-2010:0786-01] java-1.4.2-ibm security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33994
Ubuntu Security Notice : [USN-998-1] Thunderbird vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33991
Ubuntu Security Notice : [USN-997-1] Firefox and Xulrunner vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33992
Ubuntu Security Notice : [USN-1007-1] NSS Certificate Authority vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33993
[SecurityArchitect-009]: Microsoft Windows Mobile Double Free Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00178.html
[ MDVSA-2010:208 ] pidgin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00179.html
Micro CMS Persistent XSS Vulnerability.
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00183.html
Pecio CMS XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00185.html
Wiccle Web Builder CMS and iWiccle CMS Community Builder Multiple XSS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00176.html
SEC Consult SA-20101021-0 :: Multiple critical vulnerabilities in Sawmill log analysis softw
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00186.html
[security bulletin] HPSBMA02596 SSRT100271 rev.1 - HP AssetCenter and HP AssetManager for AIX, H
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00189.html
[security bulletin] HPSBMA02592 SSRT100300 rev.1 - HP Systems Insight Manager (SIM) for HP-U
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00175.html
[security bulletin] HPSBMA02591 SSRT100299 rev.1 - HP Systems Insight Manager (SIM) for HP-U
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00187.html
Java Multiple Issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00188.html
[ MDVSA-2010:207 ] glibc
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00181.html
[USN-998-1] Thunderbird vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00180.html
[USN-997-1] Firefox and Xulrunner vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00177.html
[USN-1007-1] NSS vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00174.html
「組込みシステムに情報セキュリティを」セミナー開催のお知らせ
~情報セキュリティ面でも安全な製品開発に向けて~
http://www.ipa.go.jp/security/vuln/seminar/lab_semi_embsys_2010_2nd.html
「ブラウザーの警告画面に見せかける」――悪質サイトの新手口
パッチに見せかけて「偽ソフト」を配布、エフセキュアが報告
http://itpro.nikkeibp.co.jp/article/NEWS/20101022/353307/?ST=security
RHSA-2010:0788-1: Moderate: pidgin security update
http://rhn.redhat.com/errata/RHSA-2010-0788.html
NetBSD Denial of Service and Privilege Escalation Vulnerabilities
http://secunia.com/advisories/41892/
RealPage Module Upload ActiveX Control Multiple Vulnerabilities
http://secunia.com/advisories/41392/
Ruby on Rails Nested Attribute Handling Vulnerability
http://secunia.com/advisories/41930/
Fedora update for java-1.6.0-openjdk
http://secunia.com/advisories/41925/
TeraPad Insecure Library Loading Vulnerability
http://secunia.com/advisories/41928/
libsmi "smiGetNode()" Buffer Overflow Vulnerability
http://secunia.com/advisories/41841/
Apsaly Insecure Executable Loading Vulnerability
http://secunia.com/advisories/41927/
Mono ASP.NET Cryptographic Padding Oracle Information Disclosure
http://secunia.com/advisories/41919/
libguestfs Qemu Disk Format Specifier Weakness
http://secunia.com/advisories/41797/
Drupal Ubuntu Drupal Theme - Brown Information Disclosure Vulnerability
http://secunia.com/advisories/41916/
Pidgin Multiple NULL Pointer Dereference Weaknesses
http://secunia.com/advisories/41893/
Red Hat update for quagga
http://secunia.com/advisories/41904/
Ubuntu update for thunderbird
http://secunia.com/advisories/41721/
Red Hat update for glibc
http://secunia.com/advisories/41895/
Ubuntu update for firefox and xulrunner
http://secunia.com/advisories/41759/
Red Hat update for java-1.4.2-ibm
http://secunia.com/advisories/41898/
Apple Mac OS X update for Java
http://secunia.com/advisories/41905/
Ubuntu update for nss
http://secunia.com/advisories/41839/
Fedora update for tuxguitar
http://secunia.com/advisories/41924/
Ruby on Rails Nested Attributes Processing Error Lets Remote Users Modify Arbitrary Records
http://securitytracker.com/alerts/2010/Oct/1024624.html
Pidgin purple_base64_decode() Validation Flaw Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Oct/1024623.html
HP System Insight Manager Flaws Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Conduct Cross-Site Scripting and Cross-Site Request Forgery Attacks
http://securitytracker.com/alerts/2010/Oct/1024622.html
GNU C Library $ORIGIN Expansion in Setuid Programs May Let Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Oct/1024619.html
Adobe Shockwave Player rcsL Chunk Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/2752
Mono ASP.NET Implementation Padding Oracle Information Disclosure
http://www.vupen.com/english/advisories/2010/2751
Linux Kernel RDS Protocol "rds_page_copy_user()" Privilege Escalation
http://www.vupen.com/english/advisories/2010/2750
Apache httpd Security Update Fixes Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2749
Apple Mac OS X Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2748
TIBCO ActiveMatrix Products JMX Connections Remote Code Execution
http://www.vupen.com/english/advisories/2010/2747
Redhat Security Update Fixes Glibc ORIGIN Expansion Vulnerability
http://www.vupen.com/english/advisories/2010/2746
Redhat Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2745
Redhat Security Update Fixes Quagga Buffer Overflow and DoS Issues
http://www.vupen.com/english/advisories/2010/2744
Fedora Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2743
Fedora Security Update Fixes TuxGuitar Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2742
Ubuntu Security Update Fixes Thunderbird Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2741
Ubuntu Security Update Fixes Firefox and Xulrunner Vulnerabilities
http://www.vupen.com/english/advisories/2010/2740
Ubuntu Security Update Fixes NSS Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/2739
Mandriva Security Update Fixes Glibc ORIGIN Expansion Vulnerability
http://www.vupen.com/english/advisories/2010/2738
Sawmill Enterprise : v8.1.7.3 Multiple Vulnerabilities
http://www.exploit-db.com/exploits/15298/
Adobe Shockwave player rcsL chunk memory corruption 0day
http://www.exploit-db.com/exploits/15296/
Altova DatabaseSpy 2011 Project File Handling Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/15301/
Windows Mobile 6.1 and 6.5 Double Free Denial of Service
http://www.exploit-db.com/exploits/15297/
FreeType Compact Font Format (CFF) Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/42241
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
Adobe Shockwave Player rcsL Chunk EAX Register Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44291
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Libpurple MSN Protocol Custom Emoticons Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40138
Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/44283
Sun Java Runtime Environment Unpack200 JAR Unpacking Utility Integer Overflow Vulnerability
http://www.securityfocus.com/bid/35944
libguestfs Disk Format Specifier Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44166
Oracle Java SE and Java for Business CVE-2010-3573 Same Origin Bypass Vulnerability
http://www.securityfocus.com/bid/44028
Oracle Java SE and Java for Business CVE-2010-3553 Remote Swing Vulnerability
http://www.securityfocus.com/bid/44035
Oracle Java SE and Java for Business CVE-2010-3541 Remote Networking Vulnerability
http://www.securityfocus.com/bid/44032
Oracle Java SE and Java for Business CVE-2010-3549 HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/44027
Oracle Java SE and Java for Business 'defaultReadObject' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44016
Oracle Java SE and Java for Business CVE-2010-3548 Remote JNDI Vulnerability
http://www.securityfocus.com/bid/44017
Oracle Java SE and Java for Business CVE-2010-3557 Remote Swing Vulnerability
http://www.securityfocus.com/bid/44014
Oracle Java SE and Java for Business CVE-2010-3574 Remote Networking Vulnerability
http://www.securityfocus.com/bid/44011
Oracle Java SE and Java for Business CVE-2010-3561 Remote CORBA Vulnerability
http://www.securityfocus.com/bid/44013
Oracle Java SE and Java for Business CVE-2010-3554 Remote CORBA Vulnerability
http://www.securityfocus.com/bid/43994
Oracle Java SE and Java for Business CVE-2010-3551 Remote Networking Vulnerability
http://www.securityfocus.com/bid/44009
Oracle Java SE and Java for Business CVE-2010-3568 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/44012
Oracle Java SE and Java for Business CVE-2010-3562 Remote 2D Vulnerability
http://www.securityfocus.com/bid/43979
Oracle Java SE and Java for Business CVE-2010-3565 JPEGImageWriter.writeImage Vulnerability
http://www.securityfocus.com/bid/43985
Oracle Java SE and Java for Business CVE-2010-3567 Remote 2D Vulnerability
http://www.securityfocus.com/bid/43992
Oracle Communications Messaging Server CVE-2010-3564 Webmail Remote Vulnerability
http://www.securityfocus.com/bid/43963
GNU glibc Dynamic Linker '$ORIGIN' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44154
TuxGuitar 'LD_LIBRARY_PATH' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44197
Fat Player '.wav' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42068
pecio cms 'target' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/44304
Micro CMS 'name' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/44300
Multiple Wiccle CMS Applications Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/44295
NetBSD Larn 'Games' Group Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44293
Sawmill Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/44292
NetBSD 'SMBIOC_OPENSESSION' IOCTL Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/44288
Microsoft Windows Mobile Overly Long vCard Name Field Denial of Service Vulnerability
http://www.securityfocus.com/bid/44287
TeraPad 'atoklib.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/44286
Mono ASP.NET Implementation Padding Oracle Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44285
Apsaly Executable Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/44284
0 件のコメント:
コメントを投稿