コンピュータウイルス・不正アクセスの届出状況[9月分および第3四半期]について
http://www.ipa.go.jp/security/txt/2010/10outline.html
JVN#69191943 AD-EDIT2 におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN69191943/
JVNDB-2010-000036 AD-EDIT2 におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000036.html
Cyber Security Awareness Month - Day 5 - Sites you should stay away from
http://isc.sans.edu/diary.html?storyid=9673
Online Voting
http://isc.sans.edu/diary.html?storyid=9670
MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Oct/1024508.html
MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
http://securitytracker.com/alerts/2010/Oct/1024507.html
Linux Kernel sctp_auth_asoc_get_hmac() Memory Corruption Error Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Oct/1024505.html
activeCollab Project Permissions Security Bypass
http://secunia.com/advisories/41562/
Debian update for apr-util
http://secunia.com/advisories/40905/
Cisco ASA 5500 Series Adaptive Security Appliances Multiple Vulnerabilities
http://www.securiteam.com/securitynews/6U02V1500M.html
Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability
http://www.securiteam.com/windowsntfocus/6V02W1500G.html
Cisco WebEx Player ARF String Parsing Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/6W02X1500Y.html
IBM Lotus Notes Autonomy KeyView Word Parsing Code Execution Vulnerability
http://www.securiteam.com/securitynews/6J0301500Y.html
Apple Webkit Button First-Letter Style Rendering Code Execution Vulnerability
http://www.securiteam.com/securitynews/6J0301500Y.html
Redhat Security Update Fixes Multiple FreeType Vulnerabilities
http://www.vupen.com/english/advisories/2010/2567
Mandriva Security Update Fixes Dovecot Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2010/2566
Mandriva Security Update Fixes libESMTP Certificate Spoofing Issues
http://www.vupen.com/english/advisories/2010/2565
Debian Security Update Fixes Apr-util Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2564
Debian Security Update Fixes FreeType Buffer Oerflow Vulnerability
http://www.vupen.com/english/advisories/2010/2563
+ HPSBTU02496 SSRT090245 rev.1 - HP Tru64 UNIX Running NTP, Denial of Service (DoS)
http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01961950
+ Courier-IMAP 4.8.1 released
http://www.courier-mta.org/download.php#imap
+ RHSA-2010:0736-1: Important: freetype security update
http://rhn.redhat.com/errata/RHSA-2010-0736.html
+ RHSA-2010:0737-1: Important: freetype security update
http://rhn.redhat.com/errata/RHSA-2010-0737.html
+ MySQL Multiple Vulnerabilities
http://secunia.com/advisories/41716/
+- Apache mod_reqtimeout Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2557
+ Linux Kernel SCTP HMAC Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/43701
- FreeBSD 'pseudofs' NULL Pointer Dereference Local Privilege Escalation Vulnerability
http://www.exploit-db.com/exploits/15206/
- Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/43690
Apache Portable Runtime Utility 1.3.10 is released
http://apr.apache.org/download.cgi
Courier 0.65.1 released
http://www.courier-mta.org/download.php
SqWebMail 5.4.2 released
http://www.courier-mta.org/download.php
maildrop 2.5.1 released
http://www.courier-mta.org/download.php
Mandriva : [MDVSA-2010:193] qt-creator
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33805
Mandriva : [MDVSA-2010:194] git stack-based buffer overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33806
Mandriva : [MDVA-2010:204] gnupg2
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33809
Mandriva : [MDVSA-2010:192] apr-util denial of service
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33804
Mandriva : [MDVA-2010:202] mdkonline
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33807
Mandriva : [MDVA-2010:203] freeradius
http://www.criticalwatch.com/support/security-advisories.aspx?AID=33808
クリアスウィフトがWeb/メール経由の情報漏えい防止製品新版、検索や画像への対応強化
http://itpro.nikkeibp.co.jp/article/NEWS/20101004/352586/?ST=security
JVNDB-2010-002087 iPhone および iPod touch 上で稼動する Apple iOS の ImageIO におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002087.html
JVNDB-2010-002086 iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002086.html
JVNDB-2010-002085 iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002085.html
JVNDB-2010-002084 iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002084.html
JVNDB-2010-002083 iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002083.html
JVNDB-2010-002082 iPhone および iPod touch 上で稼動する Apple iOS の ImageIO における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002082.html
JVNDB-2010-002081 iPhone および iPod touch 上で稼動する Apple iOS の FaceTime における通話をリダイレクトされる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002081.html
JVNDB-2010-002080 iPhone および iPod touch 上で稼動する Apple iOS の Accessibility コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002080.html
JVNDB-2010-002079 iPhone および iPod touch 上で稼動する Apple iOS の WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002079.html
NetWin Surgemail XSS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00005.html
[ MDVSA-2010:194 ] git
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00004.html
[ MDVSA-2010:193 ] qt-creator
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00009.html
[STANKOINFORMZASCHITA-10-02] ITS SCADA Authorization bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00012.html
[ MDVSA-2010:192 ] apr-util
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00011.html
Another new technique to bypass SEHOP. ( no xor pop pop ret )
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00010.html
ZDI-10-190: Novell iManager getMultiPartParameters Arbitrary File Upload Remote Code Executi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00007.html
ZDI-10-189: Novell eDirectory Server Malformed Index Denial of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00008.html
[ MDVSA-2010:191 ] mailman
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00006.html
Multiple vulnerabilities in WordPress 2 and 3
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-10/msg00003.html
Vulnerability Note VU#236703: ActiveCollab permissions failure
http://www.kb.cert.org/vuls/id/236703
BlackBerry Device Software Browser Cross-Origin Security Bypass
http://secunia.com/advisories/41536/
Mercurial Common Name Verification Security Issue
http://secunia.com/advisories/41674/
PhpMyShopping Multiple Vulnerabilities
http://secunia.com/advisories/41703/
Apache APR-util Multiple Denial of Service Vulnerabilities
http://secunia.com/advisories/41701/
Evaria ECMS "config" File Disclosure Vulnerability
http://secunia.com/advisories/41699/
jCart Multiple Vulnerabilities
http://secunia.com/advisories/41704/
Hastymail2 Background Attributes Script Insertion Vulnerability
http://secunia.com/advisories/41711/
Subversion "mod_dav_svn" Security Bypass
http://secunia.com/advisories/41652/
MySQL Multiple Vulnerabilities
http://secunia.com/advisories/41716/
Blue Coat ProxySG Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41695/
SurgeMail SurgeWeb "username_ex" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/41685/
Subversion mod_dav_svn Bug Lets Remote Users Bypass Certain Access Controls
http://securitytracker.com/alerts/2010/Oct/1024504.html
Blue Coat ProxySG Input Validation Hole Permits Cross-Site Scripting Attacks
http://securitytracker.com/alerts/2010/Oct/1024503.html
FreeType Heap Overflow in Processing CFF Font Files Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Oct/1024500.html
Novell eDirectory Index Error in NCP Service Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Oct/1024499.html
Blue Coat ProxySG Data Processing Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/2562
Mandriva Security Update Fixes Git Local Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/2561
Mandriva Security Update Fixes Qt Creator Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2560
Qt Creator Environment Variable Local Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/2559
Mandriva Security Update Fixes Apr-util Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2558
Apache mod_reqtimeout Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2557
Apache Apr-util "apr_brigade_split_line()" Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2556
Mandriva Security Update Fixes Mailman Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/2555
Turbolinux Security Update Fixes phpMyAdmin Cross Site Scripting
http://www.vupen.com/english/advisories/2010/2554
Turbolinux Security Update Fixes Multiple PHP Vulnerabilities
http://www.vupen.com/english/advisories/2010/2553
Turbolinux Security Update Fixes FreeType Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/2552
SnackAmp 3.1.3B Malicious SMP Buffer Overflow Vulnerability (SEH - DEP BYPASS)
http://www.exploit-db.com/exploits/15201/
FreeBSD 'pseudofs' NULL Pointer Dereference Local Privilege Escalation Vulnerability
http://www.exploit-db.com/exploits/15206/
Hanso Player Version 1.3.0 (.m3u) Denial of Service Vulnerability
http://www.exploit-db.com/exploits/15193/
WebAsyst Shop-Script 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/40349
Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36377
RETIRED: WebAsyst 'blog_id' parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/40362
libESMTP X.509 Certificate 'match_component()' Domain Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/38538
libESMTP NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/38528
FreeBSD 'pseudofs' NULL Pointer Dereference Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/43060
SnackAmp '.smp' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42822
Sijio SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/41430
Tuniac '.m3u' File Version 100723 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/42569
Python SSL Module SSL Certificate Common Name Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/43584
Microsoft .NET Framework ASP.NET Padding Oracle Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43316
Git 'gitdir' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41891
Audiotran '.pls' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40478
Linux Kernel SCTP HMAC Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/43701
FreeType Rendering Engine Position Value Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43700
activeCollab Security Bypass Vulnerability
http://www.securityfocus.com/bid/43694
Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/43690
Research In Motion BlackBerry Device Software Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43685
Hastymail2 'htmLawed.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/43681
SurgeMail SurgeWeb Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/43679
Subversion Server 'SVNPathAuthz' Restriction Security Bypass Vulnerability
http://www.securityfocus.com/bid/43678
Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43683
Aprox CMS SQL Injection Vulnerability
http://www.securityfocus.com/bid/43674
Qt Creator Insecure Library Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/43672
SmarterMail Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/43698
DigiDNA FileApp FTP Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/43682
TradeMC E-Ticaret Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/43670
0 件のコメント:
コメントを投稿