UPDATE: MS10-086 - Moderate: Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
http://www.microsoft.com/technet/security/bulletin/MS10-086.mspx
Red Hat Enterprise Linux 6 released
http://www.redhat.com/about/news/prarchive/2010/new-standard.html
http://www.redhat.com/about/news/prarchive/2010/flexibility-and-portability.html
http://www.redhat.com/rhel/server/details/
Sysstat 9.1.6 released (development version)
http://sebastien.godard.pagesperso-orange.fr/
[Informix]: 11.50.XC6へ他の11.50からアップグレード時に、sysmasterデータベースが再作成されないことが原因で、メモリー破壊やエンジンクラッシュが発生する (IFM-10-00C)
http://www-06.ibm.com/jp/domino01/mkt/cnpages1.nsf/page/default-IFM-10-00C
侵入防御ファイアウォール 1.2 Patch 3 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1490
プレス発表
任意のDLL/実行ファイル読み込みに関する脆弱性の注意喚起
http://www.ipa.go.jp/about/press/20101111.html
JVNVU#331391 Apple 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU331391/
JVNDB-2010-001501 MIT Kerberos 5 の GSS-API ライブラリにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001501.html
JVNDB-2009-002319 SSL および TLS プロトコルに脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002319.html
JVNDB-2010-002291 Windows 上で稼働する複数の Mozilla 製品における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002291.html
JVNDB-2010-002290 複数の Mozilla 製品の LookupGetterOrSetter 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002290.html
JVNDB-2010-002289 複数の Mozilla 製品の nsBarProp 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002289.html
JVNDB-2010-002288 複数の Mozilla 製品の text-rendering の機能性におけるスタックペースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002288.html
JVNDB-2010-002287 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002287.html
JVNDB-2010-002286 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002286.html
JVNDB-2010-002285 Linux 上で稼働する複数の Mozilla 製品における application-launch スクリプトに関する権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002285.html
JVNDB-2010-002284 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002284.html
Mac OS X Lets Remote Users Execute Arbitrary Code, Deny Service, and Obtain Information
http://securitytracker.com/alerts/2010/Nov/1024723.html
Apple Mac OS X Prior to 10.6.5 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/44778
Apache mod_proxy_ajp Module Incoming Request Body Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38491
Apache Subrequest Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/38580
Neon 'ne_xml*' expat XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/36080
Neon NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/36079
GNU gzip LZW Compression Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37886
Python 'rgbimg' Module 'rv' Array Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40363
Adobe Flash Player and AIR (CVE-2010-2184) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40796
Adobe Flash Player (CVE-2010-2183) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40793
OpenLDAP 'modrdn' Request Multiple Vulnerabilities
http://www.securityfocus.com/bid/41770
Adobe Flash Player and AIR (CVE-2010-2185) Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40806
FreeType Stack Buffer Overflow and Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/42285
FreeType 'seac' Calls Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/42621
FreeType BDF Font File Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/42624
PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
http://www.securityfocus.com/bid/41991
Python 'rgbimg' RLE Decoder Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40365
FreeType Versions Prior to 2.4.0 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/41663
FreeType Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/34550
Python 'rgbimg' Module ZSIZE Value Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/40361
Libpng 'png_decompress_chunk()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/38478
Adobe Flash Player and AIR (CVE-2010-2182) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40794
Adobe Flash Player and AIR URI Parsing Cross Domain Scripting Vulnerability
http://www.securityfocus.com/bid/40808
Adobe Flash Player (CVE-2010-2181) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40792
Adobe Flash Player and AIR (CVE-2010-2180) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40791
Adobe Flash Player and AIR (CVE-2010-2178) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40790
Adobe Flash Player and AIR (CVE-2010-2177) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40788
Adobe Flash Player and AIR (CVE-2010-2176) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40787
Adobe Flash Player and AIR (CVE-2010-2175) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40785
Adobe Flash Player and AIR (CVE-2010-2215) Unspecified Clickjacking Vulnerability
http://www.securityfocus.com/bid/42361
Adobe Flash Player CVE-2010-3636 Policy File Cross Domain Security Bypass Vulnerability
http://www.securityfocus.com/bid/44691
Adobe Flash Player and AIR (CVE-2010-2216) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42362
Adobe Flash Player CVE-2010-2884 Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/43205
Adobe Flash Player and AIR (CVE-2010-2214) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42358
Adobe Flash Player CVE-2010-3638 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44693
Adobe Flash Player (CVE-2010-2170) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40789
Adobe Flash Player and AIR (CVE-2010-2213) Multiple Unspecified Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/42364
Adobe Flash Player and AIR 'DefineBit' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40784
Adobe Flash Player and AIR (CVE-2010-2189) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40799
Adobe Flash Player and AIR (CVE-2010-2187) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40797
Adobe Flash Player and AIR (CVE-2010-2169) Invalid Pointer Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40807
Adobe Flash Player and AIR (CVE-2010-2166) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40783
Adobe Flash Player (CVE-2010-2167) Multiple Heap Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40802
Adobe Flash Player and AIR (CVE-2010-2188) ActionScript Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40798
Adobe Flash Player (CVE-2010-2186) Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40786
Adobe Flash Player and AIR (CVE-2010-2165) Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40782
PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38708
Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40100
Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
http://www.securityfocus.com/bid/40109
Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40106
libpng Memory Corruption and Memory Leak Vulnerabilities
http://www.securityfocus.com/bid/41174
Adobe Acrobat, Reader, and Flash CVE-2010-3654 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44504
Apple iPhone/iPod touch 'ImageIO' Component Memory Corruption Vulnerability
http://www.securityfocus.com/bid/43076
Adobe Flash Player and AIR (CVE-2010-2173) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40800
Adobe Flash Player and AIR (CVE-2010-2174) Invalid Pointer Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40805
Adobe Flash Player (CVE-2010-2161) Memory Index Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40781
Adobe Flash Player DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/44671
Adobe Flash Player (CVE-2010-2162) Heap Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40801
GNU Gzip Dynamic Huffman Decompression Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37888
Adobe Flash Player CVE-2010-3652 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44687
Adobe Flash Player (CVE-2010-2172) Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40795
Adobe Flash Player and AIR (CVE-2010-2160) AVM Bytecode Verifier Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40779
Adobe Flash Player, Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40586
Adobe Flash Player (CVE-2009-3793) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40809
Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/34383
Adobe Flash Player (CVE-2010-2163) Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/40803
Apple Mac OS X HFS Hard Links Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/39658
Apple iOS and Mac OS X URI Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/41049
Adobe Flash Player and AIR ActionScript AVM1 ActionPush Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42363
Adobe Flash Player SWF Version Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/31537
CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44530
Microsoft Windows Failover Clustering File Permissions Security Bypass Vulnerability
http://www.securityfocus.com/bid/43818
Adobe Flash Player CVE-2010-3648 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44684
Adobe Flash Player CVE-2010-3649 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44685
Adobe Flash Player CVE-2010-3650 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44686
Adobe Flash Player CVE-2010-3647 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44683
Adobe Flash Player CVE-2010-3645 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44681
Adobe Flash Player CVE-2010-3646 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44682
+ Jetty 6.1.26 released
http://svn.codehaus.org/jetty/jetty/branches/jetty-6.1/VERSION.txt
+ FreeBSD-SA-10:09.pseudofs: Spurious mutex unlock
http://security.freebsd.org/advisories/FreeBSD-SA-10:09.pseudofs.asc
+- Linux Kernel Stack Infoleaks Vulnerability
http://www.exploit-db.com/exploits/15481/
[ANNOUNCE] SkyTools 2.1.12
http://pgfoundry.org/frs/shownotes.php?release_id=1731
MySQL Community Server 5.5.7-rc has been released
http://dev.mysql.com/doc/refman/5.5/en/mysql-nutshell.html
Firefox 4.0 Beta 7 released
http://www.mozilla.com/en-US/firefox/all-beta.html
About the security content of Mac OS X v10.6.5 and Security Update 2010-007
http://support.apple.com/kb/HT4435
CESA-2010:0839 (kernel)
http://lwn.net/Alerts/414463/
PSN-2010-11-985: No Scheduled SIRT Security Bulletins for November 2010
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-11-985&viewMode=view
jetty@codehaus 7.2.1.v20101111 released
http://svn.codehaus.org/jetty/jetty/branches/jetty-7/VERSION.txt
MySQL 5.5.7 released
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-7.html
eBlog 1.7 Multiple SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00107.html
[ MDVSA-2010:226 ] dhcp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00106.html
[USN-1015-1] libvpx vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00104.html
Babylon Cross-Application Scripting Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00105.html
ASPR #-2: Remote Binary Planting in Microsoft Word 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00103.html
ASPR #-3: Remote Binary Planting in Microsoft Excel 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00101.html
ASPR #-1: Remote Binary Planting in Microsoft PowerPoint 2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00099.html
[ MDVSA-2010:225-1 ] libmbfl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00100.html
iDefense Security Advisory 11.09.10: Microsoft Word RTF File Parsing Stack Buffer Overflow Vulnerabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00098.html
Kernel 0-day
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00102.html
[ MDVSA-2010:225 ] libmbfl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00096.html
Mandriva : [MDVSA-2010:222] mysql Fix for Multple Vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34218
Mandriva : [MDVSA-2010:225-1] libmbfl
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34222
Fraunhofer SIT : IBM OmniFind - several vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34223
Adobe Flash Player の脆弱性(APSB10-26)について
http://www.ipa.go.jp/security/ciadr/vul/20101105-adobe.html
Officeに複数の脆弱性、最大深刻度は「緊急」
マイクロソフトはパッチを公開、IEのゼロデイ脆弱性には未対応
http://itpro.nikkeibp.co.jp/article/NEWS/20101111/354014/?ST=security
JPCERT/CC WEEKLY REPORT
http://www.jpcert.or.jp/wr/2010/wr104301.html
Java Exploits
http://isc.sans.edu/diary.html?storyid=9916
WeBid Two Vulnerabilities
http://secunia.com/advisories/42171/
AusweisApp Certificate Verification Vulnerability
http://secunia.com/advisories/42163/
Free CD to MP3 Converter Buffer Overflow Vulnerability
http://secunia.com/advisories/42165/
OpenFabrics Enterprise Distribution (OFED) "ofa_kernel" RDS Privilege Escalation
http://secunia.com/advisories/42128/
Red Hat update for kernel
http://secunia.com/advisories/42162/
Skype for iPhone URL Handler Dial Number Weakness
http://secunia.com/advisories/41546/
PHPShop "name_new" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42132/
SilverStripe Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/41717/
Adobe Flash Media Server Multiple Vulnerabilities
http://secunia.com/advisories/42157/
Adobe Flash Media Server Flaws Let Remote Users Deny Service or Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Nov/1024716.html
Skype Application for iPhone "skype://" Automatic Phone Call Vulnerability
http://www.vupen.com/english/advisories/2010/2935
Adobe Flash Media Server Code Execution and Denial of Service
http://www.vupen.com/english/advisories/2010/2934
IBM Omnifind Remote Code Execution and Information Disclosure Issues
http://www.vupen.com/english/advisories/2010/2933
Redhat Security Update Fixes Kernel Multiple Local Vulnerabilities
http://www.vupen.com/english/advisories/2010/2932
Fedora Security Update Fixes Apr-util Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/2931
Turbolinux Security Update Fixes PostgreSQL Privilege Escalation
http://www.vupen.com/english/advisories/2010/2930
Turbolinux Security Update Fixes Webnavi Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/2929
Mandriva Security Update Fixes PHP libmbfl Information Disclosure
http://www.vupen.com/english/advisories/2010/2928
Mandriva Security Update Fixes PHP XML Extention Cross Site Scripting
http://www.vupen.com/english/advisories/2010/2927
Mandriva Security Update Fixes Multiple Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/2926
Free CD to MP3 Converter v3.1 Buffer Overflow Exploit (SEH)
http://www.exploit-db.com/exploits/15483/
Free CD to MP3 Converter 3.1 Buffer Overflow Exploit
http://www.exploit-db.com/exploits/15480/
Qtweb Browser v3.5 Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/15482/
Linux Kernel Stack Infoleaks Vulnerability
http://www.exploit-db.com/exploits/15481/
Adobe Flash Player CVE-2010-3642 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44678
Adobe Flash Player CVE-2010-3643 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44679
Adobe Flash Player CVE-2010-3640 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44675
Adobe Flash Player CVE-2010-3641 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44677
Adobe Flash Player CVE-2010-3639 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/44692
Adobe Flash Player CVE-2010-3644 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44680
FreeType Compact Font Format (CFF) Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/42241
ProFTPD Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/44562
libsmi 'smiGetNode()' Long OID Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44276
Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/44283
Mozilla Firefox 3.5/3.6 Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44425
ISC DHCP Server Relay-Forward Empty Link-Address Field Denial of Service Vulnerability
http://www.securityfocus.com/bid/44615
Microsoft Office RTF File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44652
Linux Kernel Reliable Datagram Sockets (RDS) Protocol Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44219
PHP 'mb_strcut()' Function Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44727
Apache APR-util 'apr_brigade_split_line' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43673
Babylon Translation Interface Cross Domain Script Injection Vulnerability
http://www.securityfocus.com/bid/44770
SilverStripe Unspecified Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/44768
WeBid Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/44765
PHPShop 'name_new' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/44763
0 件のコメント:
コメントを投稿