mozilla-central closed for Firefox 4 Beta 7, Fennec Beta 2
https://developer.mozilla.org/devnews/index.php/2010/10/26/mozilla-central-closed-for-firefox-4-beta-7-fennec-beta-2/
FreeBSD Quarterly Status Report
http://www.freebsd.org/news/status/report-2010-07-2010-09.html
SYM10-010: Symantec IM Manager Multiple SQL Injection Issues
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101027_01
JVNDB-2010-002198 Microsoft Excel における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002198.html
JVNDB-2010-002197 Microsoft Excel における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002197.html
JVNDB-2010-002196 複数の Microsoft 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002196.html
JVNDB-2010-002195 Microsoft Excel における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002195.html
JVNDB-2010-002194 複数の Microsoft 製品におけるスタックペースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002194.html
JVNDB-2010-002193 複数の Microsoft 製品におけるスタックペースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002193.html
JVNDB-2010-002192 Microsoft Word および Microsoft Office における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002192.html
JVNDB-2010-002191 Microsoft Word における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002191.html
JVNDB-2010-002190 Microsoft Word におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002190.html
JVNDB-2010-002189 Microsoft Word における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002198.html
JVNDB-2010-001142 Pidgin および Adium の MSN プロトコルプラグインにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001142.html
Mozilla Firefox Unspecified Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Oct/1024645.html
Oracle Siebel eBusiness Application Multiple Cross Site Scripting Vulnerabilities
http://securityreason.com/securityalert/7850
HP Systems Insight Manager (SIM) CSRF, XSS and Privilege Escalation
http://securityreason.com/securityalert/7849
IBM solidDB <= 6.5.0.3 Denial of Service Vulnerability
http://securityreason.com/securityalert/7849
Oracle JRE - java.net.URLConnection class Same-of-Origin (SOP) Policy Bypass
http://securityreason.com/securityalert/7847
+? Apache 2.2 (Windows) Local Denial of Service
http://www.exploit-db.com/exploits/15319/
[ANNOUNCE] Apache PDFBox 1.3.1 released
http://pdfbox.apache.org/
http://www.apache.org/dist/pdfbox/1.3.1/RELEASE-NOTES.txt
CESA-2010:0792 (kernel)
http://lwn.net/Alerts/411868/
CESA-2010:0793 (glibc)
http://lwn.net/Alerts/411869/
UPDATE: MS10-077 - Critical: Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
http://www.microsoft.com/technet/security/bulletin/MS10-077.mspx
HPSBGN02333 SSRT080031 rev.2 - HP Software Update HPeDiag Running on Windows, Remote Disclosure of Information and Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01439758
HPSBMA02533 SSRT080049 rev.1 - HP LoadRunner Web Tours 9.10 Remote Denial of Service
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02165172
HPSBMA02603 SSRT100319 rev.1 - HP Insight Control Power Management for Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02564294
HPSBMA02601 SSRT100316 rev.1 - HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Unauthorized Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02563279
HPSBMA02597 SSRT100198 rev.1 - HP Version Control Repository Manager (VCRM) for Windows, Remote Cross Site Scripting (XSS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02560536
HPSBMA02599 SSRT100235 rev.1 - HP Virtual Server Environment for Windows, Remote Arbitrary File Download
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02563225
HPSBMA02598 SSRT100314 rev.1 - HP Insight Control Virtual Machine Management for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Cross Site Request Forgery (CSRF).
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02560655
HPSBMI02573 SSRT100227 rev.1 - Palm webOS, webOS Doc Viewer, Execution of Arbitrary Code
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02498311
HPSBMI02582 SSRT100269 rev.1 - Palm webOS Camera Application, Unauthorized Write Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02518539
HPSBMI02580 SSRT100254 rev.1 - Palm webOS, Code execution vulnerability in Palm webOS service API
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02516786
HPSBST02595 SSRT1000303 rev.1 - HP Storage Essentials Using LDAP, Remote Unauthenticated Access
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02552030
Cache-Memcached-libmemcached-0.02011 released
http://search.cpan.org/~timb/Cache-Memcached-libmemcached-0.02011/
http://cpansearch.perl.org/src/TIMB/Cache-Memcached-libmemcached-0.02011/Changes
Red Hat : [RHSA-2010:0792-01] Important: kernel security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34027
Red Hat : [RHSA-2010:0793-01] Important: glibc security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34028
Ubuntu Security Notice : [USN-959-2] PAM - Privilage escalation vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34025
Ubuntu Security Notice : [USN-959-2] PAM vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34029
Independent Researcher : Aardvark Topsite XSS vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34030
「遠隔地から設定変更を可能に」――フィルタリングソフトの新版
デジタルアーツが発表、「データベースやユーザー情報をクラウドに」
http://itpro.nikkeibp.co.jp/article/NEWS/20101027/353481/?ST=security
マカフィーが仮想環境専用ウイルス対策ソフト、スキャンの負荷を低減する機能を搭載
http://itpro.nikkeibp.co.jp/article/NEWS/20101026/353447/?ST=security
[security bulletin] HPSBMA02597 SSRT100198 rev.1 - HP Version Control Repository Manager (VCRM)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00212.html
[security bulletin] HPSBMA02603 SSRT100319 rev.1 - HP Insight Control Power Management for Windo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00218.html
[security bulletin] HPSBMA02601 SSRT100316 rev.1 - HP Insight Control Server Migration for Windo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00216.html
[security bulletin] HPSBMA02599 SSRT100235 rev.1 - HP Virtual Server Environment for Windows, Re
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00215.html
[security bulletin] HPSBMA02598 SSRT100314 rev.1 - HP Insight Control Virtual Machine Management
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00209.html
[security bulletin] HPSBGN02333 SSRT080031 rev.2 - HP Software Update HPeDiag Running on Windows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00208.html
Firefox news
http://isc.sans.edu/diary.html?storyid=9817
Cyber Security Awareness Month - Day 26 - Sharing Office Files
http://isc.sans.edu/diary.html?storyid=9820
VIPS LD_LIBRARY_PATH Security Issue
http://secunia.com/advisories/41997/
Bristol LD_LIBRARY_PATH Security Issue
http://secunia.com/advisories/41994/
Apache MyFaces Cryptographic Padding Oracle Information Disclosure
http://secunia.com/advisories/41995/
TYPO3 powermail Extension Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41962/
IBM Rational Quality Manager Tomcat Multiple Vulnerabilities
http://secunia.com/advisories/41935/
SUSE update for Multiple Packages
http://secunia.com/advisories/41958/
YUI Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/41955/
Red Hat update for glibc
http://secunia.com/advisories/41950/
Red Hat update for kernel
http://secunia.com/advisories/41951/
HP Version Control Repository Manager Hole Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Oct/1024644.html
HP Insight Control Server Migration Bugs Let Local Users Gain Elevated Privileges and Remote Users Conduct Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Oct/1024643.html
HP Insight Control Power Management Bugs Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks
http://securitytracker.com/alerts/2010/Oct/1024642.html
HP Insight Control Virtual Machine Management Lets Local Users Gain Elevated Privileges and Permits Remote Cross-Site Scripting and Cross-Site Request Forgery Attacks
http://securitytracker.com/alerts/2010/Oct/1024641.html
HP Virtual Server Environment Lets Remote Users Download Arbitrary Files
http://securitytracker.com/alerts/2010/Oct/1024640.html
NitroView ESM Input Validation Flaw in 'ess.pm' Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Oct/1024639.html
Synology Disk Station Web commands injection through FTP Login
http://www.securiteam.com/securitynews/6H03G1P00U.html
HP ProCurve 2626 and 2650 Switches Unauthorized Access Vulnerability
http://www.securiteam.com/securitynews/6I03H1P00O.html
HP StorageWorks Storage Mirroring Local Unauthorized Access Vulnerability
http://www.securiteam.com/securitynews/6J03I1P00I.html
Blue Coat ProxyAV Management Console Cross Site Request Forgery
http://www.vupen.com/english/advisories/2010/2781
Redhat Security Update Fixes Glibc Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2780
Redhat Security Update Fixes Kernel Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2779
Ubuntu Security Update Fixes PAM Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/2778
Ubuntu Security Update Fixes Glibc Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/2777
SuSE Security Update Fixes Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2776
NitroSecurity ESM v8.4.0a Remote Code Execution
http://www.exploit-db.com/exploits/15318/
Apache 2.2 (Windows) Local Denial of Service
http://www.exploit-db.com/exploits/15319/
PeaZip '.Zip' Remote Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/39906
VICIDIAL Call Center Suite 'admin.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/35056
RETIRED: Real Networks RealPlayer SP and RealPlayer Enterprise Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/44144
Sitecore CMS 'default.aspx' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/44405
Mozilla Firefox SeaMonkey and Thunderbird 'document.write' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44247
Free Download Manager Remote Control Server Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33554
HP Insight Control Virtual Machine Management Unspecified Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44429
Apple iPhone Lock Screen Security Bypass Vulnerability
http://www.securityfocus.com/bid/44419
HP HPeDiag ActiveX Control Multiple Information Disclosure and Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/28929
EgyPlus 7ml Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/44411
Ghostscript 'gs_type2_interpret()' Function NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/43932
Microsoft Internet Explorer Uninitialized Memory CVE-2010-3328 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/43705
Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196
Apache Tomcat XML Parser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35416
Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193
Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/35263
HP Insight Control Server Migration For Windows Data Access Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44437
HP Insight Control Virtual Machine Management Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/44435
HP Insight Control Server Migration Unspecified Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/44434
HP Insight Control Server Migration for Windows Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/44433
HP Insight Control Virtual Machine Management Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/44432
HP Virtual Server Environment Arbitrary File Download Vulnerability
http://www.securityfocus.com/bid/44428
Mozilla Firefox 3.5/3.6 Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44425
TYPO3 powermail Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/44422
NitroView ESM 'ess.pm' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/44421
YUI Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/44420
0 件のコメント:
コメントを投稿