+ Zimbra Collaboration Suite Open Source Edition 6.0.9, 5.0.25 GA Released
http://files2.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.9.pdf
http://files2.zimbra.com/website/docs/archives/5.0/Zimbra%20OS%20Release%20Notes%205.0.25.pdf
+ 5.0.25 includes a patched version of OpenSSL to address security issue identified in CVE-2010-3864.
http://files2.zimbra.com/website/docs/archives/5.0/Zimbra%20OS%20Release%20Notes%205.0.25.pdf
JVNVU#387412 Apple Safari における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU387412/index.html
JVNVU#300785 PGP Desktop にデータインジェクションの脆弱性
http://jvn.jp/cert/JVNVU300785/index.html
JVNDB-2010-002323 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002323.html
JVNDB-2010-002322 Mac OS X 上で稼働する Adobe Flash Player における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002322.html
JVNDB-2010-002321 Adobe Flash Player の ActiveX コントロールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002321.html
JVNDB-2010-002320 Microsoft Internet Explorer における無効なフラグ参照に起因する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002320.html
JVNDB-2010-002319 Attachmate Reflection for the Web におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002319.html
Exchanging and sharing of assessment results
http://isc.sans.edu/diary.html?storyid=9973
LOCAL: MP3-Nator Buffer Overflow (SEH - DEP BYPASS)
http://www.exploit-db.com/exploits/15569/
LOCAL: DIZzy 1.12 Local Stack Overflow
http://www.exploit-db.com/exploits/15566/
+ UPDATE: MS10-087 - 緊急: Microsoft Office の脆弱性により、リモートでコードが実行される (2423930)
http://www.microsoft.com/japan/technet/security/Bulletin/MS10-087.mspx
- ProFTPD 'mod_sql' Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44933
[ANNOUNCE] PostgreDAC ver.2.6.0 released
http://microolap.com/products/connectivity/postgresdac/download/
[ANNOUNCE] DiffKit 0.8.2 introduces support for PostgreSQL
http://www.diffkit.org/
[ANN] Apache Sling JCR Web Console Plugin version 1.0.0 Released
http://sling.apache.org/site/downloads.cgi
[ANN] Axis2 1.5.3 released
https://issues.apache.org/jira/secure/IssueNavigator.jspa?reset=true&pid=10611&fixfor=12315367
About the security content of Safari 5.0.3 and Safari 4.1.3
http://support.apple.com/kb/HT4455
CESA-2010:0895 (systemtap)
http://lwn.net/Alerts/416153/
High-Tech Bridge SA : SQL injection in IceBB
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34300
High-Tech Bridge SA : SQL injection in CompactCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34301
High-Tech Bridge SA : SQL Injection in CLANSPHERE
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34302
High-Tech Bridge SA : XSS in CLANSPHERE
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34303
High-Tech Bridge SA : Path disclosure in CLANSPHERE
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34304
High-Tech Bridge SA : BBcode XSS in CLANSPHERE
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34305
High-Tech Bridge SA : Path disclosure in IceBB
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34306
High-Tech Bridge SA : Information disclosure in IceBB
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34307
High-Tech Bridge SA : Information disclosure in IceBB
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34308
Ubuntu Security Notice : [USN-1018-1] OpenSSL vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34294
Cisco : Multiple Vulnerabilities in Cisco Unified Videoconferencing Products
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34299
不正アクセスされたサミーネットワークス、19日10時からサービス再開
http://itpro.nikkeibp.co.jp/article/NEWS/20101118/354313/?ST=security
Stopping the ZeroAccess Rootkit
http://isc.sans.edu/diary.html?storyid=9964
Someone is attempting to register your domain in [insert country name here]
http://isc.sans.edu/diary.html?storyid=9967
All of your pages are belonging to us
http://isc.sans.edu/diary.html?storyid=9970
Apple Safari Bugs Let Remote Users Execute Arbitrary Code or Access Information from Other Domains
http://securitytracker.com/alerts/2010/Nov/1024757.html
Ubuntu update for openssl
http://secunia.com/advisories/42241/
TVSLiveControl ActiveX Control "connect()" Buffer Overflow Vulnerability
http://secunia.com/advisories/42311/
Camtron CMNC-200 Multiple Vulnerabilities
http://secunia.com/advisories/42229/
Drupal Relevant Content Module Information Disclosure Security Issue
http://secunia.com/advisories/42228/
Joomla! Maian Media Silver "cat" SQL Injection Vulnerability
http://secunia.com/advisories/42284/
Red Hat update for systemtap
http://secunia.com/advisories/42306/
Red Hat update for systemtap
http://secunia.com/advisories/42263/
SystemTap Denial of Service and Privilege Escalation Vulnerabilities
http://secunia.com/advisories/42256/
Cisco Unified Videoconferencing Products Multiple Vulnerabilities
http://secunia.com/advisories/42248/
WonderCMS "password" Information Disclosure
http://secunia.com/advisories/42286/
Red Hat update for thunderbird
http://secunia.com/advisories/42310/
Vulnerability Note VU#300785: PGP Desktop unsigned data injection vulnerability
http://www.kb.cert.org/vuls/id/300785
Landesk OS command injection
http://securityreason.com/securityalert/7902
Camtron CMNC-200 IP Camera Authentication Bypass
http://securityreason.com/securityalert/7901
Camtron CMNC-200 IP Camera Denial of Service Vulnerability
http://securityreason.com/securityalert/7900
Camtron CMNC-200 IP Camera ActiveX Buffer Overflow Vulnerability
http://securityreason.com/securityalert/7899
Camtron CMNC-200 IP Camera Undocumented Default Accounts
http://securityreason.com/securityalert/7898
Camtron CMNC-200 IP Camera Directory Traversal Vulnerability
http://securityreason.com/securityalert/7897
Cisco Unified Videoconferencing Code Injection and Security Bypass
http://www.vupen.com/english/advisories/2010/3020
SAP NetWeaver Remote Buffer Overflow and Cross Site Scripting Issues
http://www.vupen.com/english/advisories/2010/3019
Redhat Security Update Fixes Thunderbird Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/3018
Redhat Security Update Fixes SystemTap Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/3017
Turbolinux Security Update Fixes CUPS Use-after-free Vulnerability
http://www.vupen.com/english/advisories/2010/3016
Fedora Security Update Fixes PAM Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/3015
Mandriva Security Update Fixes OpenSSL Race Condition Vulnerability
http://www.vupen.com/english/advisories/2010/3014
RETIRED: Apple Safari Prior to 5.0.3 and 4.1.3 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/44938
SystemTap 'modprob' Command Environment Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44914
RETIRED: IBM OmniFind Multiple Vulnerabilities
http://www.securityfocus.com/bid/44740
RETIRED: Cisco Unified Videoconferencing Multiple Vulnerabilities and Weakness
http://www.securityfocus.com/bid/44908
WebKit MIME Type Handling CVE-2010-3116 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44200
WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/43079
WebKit Images Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44206
Webkit SVG Document CVE-2010-1822 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/44647
WebKit CVE-2010-3257 Stale Pointer Denial of Service Vulnerability
http://www.securityfocus.com/bid/44204
WebKit (CVE-2010-1813) HTML Objects Memory Corruption Vulnerability
http://www.securityfocus.com/bid/43078
WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/43081
WebKit for Apple iPhone/iPod touch Form Menus Memory Corruption Vulnerability
http://www.securityfocus.com/bid/43083
Mp3-Nator Remote File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43668
Microsoft Office RTF File Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44652
Camtron CMNC-200 Full HD IP Camera Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/44841
OpenSSL TLS Server Extension Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44884
Trend Micro Internet Security Pro ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/42717
WebKit Colors in SVG Documents Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44971
WebKit SVG Document Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44970
WebKit Geolocation Objects Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44969
WebKit Cascading Style Sheet(CSS) 3D Transforms Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44967
Novell iPrint Client 'ienipp.ocx' ActiveX 'GetDriverSettings()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44966
WebKit Inline Text Boxes Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44965
WebKit Element Scrollbars Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44964
WebKit Cascading Style Sheet Boxes Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44963
WebKit (CVE-2010-3822) CSS Counter Styles Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44962
WebKit (CVE-2010-3821) Cascading Style Sheets (CSS) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44961
WebKit 'Text' Objects Integer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44960
WebKit (CVE-2010-3820) Editable Elements Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44959
WebKit Element Attributes Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44958
WebKit Inline Styling Command Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44957
WebKit WebSockets Integer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44956
WebKit Edit Command Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44955
WebKit HTML 'Link' DNS Pre-Fetching Security Bypass Vulnerability
http://www.securityfocus.com/bid/44954
WebKit 'History' Object Same Origin Validation Bypass Vulnerability
http://www.securityfocus.com/bid/44953
WebKit Insufficient Entropy Random Number Generator Weakness
http://www.securityfocus.com/bid/44952
WebKit String Integer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44950
CompactCMS Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/44949
chCounter 'anzahl' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44934
ProFTPD 'mod_sql' Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44933
Drupal Relevant Content Module Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44932
WebRCSdiff 'viewver.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/44931
AWCM CMS 'username' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/44930
0 件のコメント:
コメントを投稿