- Microsoft Windows Kernel Task Scheduler Service Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44357
Kernel release: 2.6.37-rc3
http://www.linux.org/news/2010/11/21/0001.html
InterScan for Domino 3.1 Linux版 (英語版) サポートサービス開始のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1493
JVNVU#222657 RealFlex RealWin HMI サービスにバッファオーバーフローの脆弱性
http://jvn.jp/cert/JVNVU222657/index.html
JVNVU#479051 OSIsoft PI Server の認証処理に脆弱性
http://jvn.jp/cert/JVNVU479051/index.html
JVNDB-2010-002331 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002331.html
JVNDB-2010-002330 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002330.html
JVNDB-2010-002329 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002329.html
JVNDB-2010-002328 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002328.html
JVNDB-2010-002327 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002327.html
JVNDB-2010-002326 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002326.html
JVNDB-2010-002325 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002325.html
JVNDB-2010-002324 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002324.html
JVNDB-2010-002009 IBM AIX の ftpd におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002009.html
+ MySQL 5.1.53 released
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-53.html
+ Zimbra Collaboration Suite Open Source Edition 6.0.9, 5.0.25 GA Released
http://files2.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.9.pdf
http://files2.zimbra.com/website/docs/archives/5.0/Zimbra%20OS%20Release%20Notes%205.0.25.pdf
+ 5.0.25 includes a patched version of OpenSSL to address security issue identified in CVE-2010-3864.
http://files2.zimbra.com/website/docs/archives/5.0/Zimbra%20OS%20Release%20Notes%205.0.25.pdf
+ PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability
http://www.securityfocus.com/bid/44980
[ANNOUNCEMENT] HttpComponents HttpCore 4.1 (GA) Released
http://www.apache.org/dist/httpcomponents/httpcore/RELEASE_NOTES.txt
MySQL Workbench 5.2.30 GA Available
http://dev.mysql.com/doc/workbench/en/index.html
[ANNOUNCEMENT] HttpComponents HttpClient 4.1-beta1 Released
http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES.txt
Wireshark 1.4.2 released
http://www.wireshark.org/docs/relnotes/wireshark-1.4.2.html
Kernel release: 2.6.36.1-rc1
http://www.linux.org/news/2010/11/19/0004.html
Kernel release: 2.6.35.9-rc1
http://www.linux.org/news/2010/11/19/0003.html
Kernel release: 2.6.32.26-rc1
http://www.linux.org/news/2010/11/19/0002.html
Kernel release: 2.6.27.56-rc1
http://www.linux.org/news/2010/11/19/0001.html
MySQL 5.1.54 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-54.html
Measuring Operational Resilience Using the CERT Resilience Management Model
http://www.cert.org/archive/pdf/10tn030.pdf
High-Tech Bridge SA : XSS in CompactCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34311
Mandriva : [MDVSA-2010:239] php - GC Corruption Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34309
Apple : [APPLE-SA-2010-11-18-1] Safari 5.0.3 and Safari 4.1.3
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34310
A Day In The Life Of A DShield Sensor
http://isc.sans.edu/diary.html?storyid=9979
Adobe Reader X - Sandbox
http://isc.sans.edu/diary.html?storyid=9976
PGP Desktop Data Insertion Bug Lets Remote Users Bypass Message Verification
http://securitytracker.com/alerts/2010/Nov/1024760.html
Novell iPrint Client 'server-address' Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Nov/1024759.html
HP Insight Control Virtual Machine Management for Windows, Multiple Vulnerabilities
http://www.securiteam.com/windowsntfocus/6E0372K0AY.html
Cisco Wireless LAN Controller Multiple Vulnerabilities
http://www.securiteam.com/securitynews/6G0392K0AW.html
HP Virtual Server Environment for Windows Arbitrary File Download Vulnerability
http://www.securiteam.com/windowsntfocus/6F0382K0AO.html
HP System Management Homepage (SMH) Disclosure of Sensitive Information Vulnerability
http://www.securiteam.com/unixfocus/6P03B2K0AM.html
HP ProLiant G6 Lights-Out 100 Denial of Service (DoS) Vulnerability
http://www.securiteam.com/unixfocus/6O03A2K0AY.html
Wireshark Two Vulnerabilities
http://secunia.com/advisories/42290/
Novell iPrint Client nipplib.dll "IppGetDriverSettings2()" Buffer Overflow
http://secunia.com/advisories/42298/
Joomla! Mosets Tree Component Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/42292/
PGP Desktop Message Verification Vulnerability
http://secunia.com/advisories/42307/
PGP Desktop Message Verification Vulnerability
http://secunia.com/advisories/42293/
Apple Safari Multiple Vulnerabilities
http://secunia.com/advisories/42264/
Fujitsu Interstage Products IP Address Restriction Bypass Security Issue
http://secunia.com/advisories/42266/
Fedora update for systemtap
http://secunia.com/advisories/42318/
Mono 'loader.c' Library Loading Local Privilege Escalation Vulnerability
http://securityreason.com/securityalert/7908
Spree e-commerce JSON Hijacking Vulnerabilities
http://securityreason.com/securityalert/7907
iMoveis SQL Injection Vulnerability
http://securityreason.com/securityalert/7906
Joomla Component flipwall SQL Injection Vulnerability
http://securityreason.com/securityalert/7905
Collabtive 0.65 SQL Injection Vulnerability
http://securityreason.com/securityalert/7904
Joomla Component sponsorwall SQL Injection Vulnerability
http://securityreason.com/securityalert/7903
LOCAL: Windows Task Scheduler Privilege Escalation 0day
http://www.exploit-db.com/exploits/15589/
LOCAL: Minishare 1.5.5 BoF Vulnerability (users.txt) - EggHunter -
http://www.exploit-db.com/exploits/15575/
LOCAL: Free CD to MP3 Converter 3.1 Buffer Overflow Exploit (Bypass DEP + SEH)
http://www.exploit-db.com/exploits/15586/
LOCAL: Native Instruments Service Center 2.2.5 Local Privilege Escalation Vulnerability
http://www.exploit-db.com/exploits/15584/
DoS: Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability
http://www.exploit-db.com/exploits/15583/
DoS: Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/15580/
DoS: Native Instruments Reaktor 5 Player v5.5.1 Heap Memory Corruption Vulnerability
http://www.exploit-db.com/exploits/15581
DoS: Native Instruments Kontakt 4 Player NKI File Syntactic Analysis Buffer Overflow PoC
http://www.exploit-db.com/exploits/15582
Symantec PGP Desktop Unsigned Data Insertion Vulnerability
http://www.vupen.com/english/advisories/2010/3026
Apple Safari Code Execution and Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2010/3025
Fujitsu Interstage Products Access Restriction Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/3024
Novell iPrint Client "GetDriverSettings()" Remote Stack Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3023
Fedora Security Update Fixes SystemTap Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/3022
Ubuntu Security Update Fixes OpenSSL Race Condition Vulnerability
http://www.vupen.com/english/advisories/2010/3021
OpenSSL TLS Server Extension Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44884
Google SketchUp 3DS File Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/37708
Apple Mac OS X ATSServer CFF 'CharStrings' Index Sign Mismatch Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44729
FreeType Compact Font Format (CFF) Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/42241
RETIRED: Apple Mac OS X Apple Type Services 'CFF' Font Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44984
DATAC RealWin HMI Service Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/44150
WebKit Element Scrollbars Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44964
WebKit for Apple iPhone/iPod touch Prior to iOS 4.1 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/43079
CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44530
CUPS 'cupsFileOpen' function Symlink Attack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/41131
X.Org X Server RENDER Extension 'mod()' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/39758
Symantec PGP Desktop OpenPGP Message Data Insertion Vulnerability
http://www.securityfocus.com/bid/44920
Native Instruments Guitar Rig 4 Player DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/44989
CommodityRentals DVD Rental Software 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/44988
PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability
http://www.securityfocus.com/bid/44980
AXSLinks 'addlink.php' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/44979
Fujitsu Interstage Multiple Products IP Evasion Security Bypass Vulnerability
http://www.securityfocus.com/bid/44976
Arabian Youtube Script 'v' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/44975
FreeNAS Remote Shell Command Execution Vulnerability
http://www.securityfocus.com/bid/44974
ViArt SHOP Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/44973
0 件のコメント:
コメントを投稿