? Windows Kernel Buffer Overflow in RtlQueryRegistryValues() Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Nov/1024787.html
http://www.infoteria.com /サイトのシステムメンテナンスのお知らせ
http://asteria.jp/news/20101126-152955.html
InterScan for Microsoft Exchange 10.0 Patch1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1497
Windows 2008、Vista以降のOSでイベントログ監視の除外指定をしても除外されない
http://www.say-tech.co.jp/support/bom-for-windows/windows-2008vistaos/index.shtml
プレス発表
IPAクラウドセキュリティシンポジウム ~クラウドセキュリティ最前線~を開催
http://www.ipa.go.jp/about/press/20101126.html
現存マルウエア6000万種の3割が2010年に発生
http://itpro.nikkeibp.co.jp/article/Research/20101126/354587/?ST=security
日本HPがSSO強化、Google Appsとの認証連携やHadoop利用の認証DB構築が可能に
http://itpro.nikkeibp.co.jp/article/NEWS/20101125/354574/?ST=security
JPCERT/CC WEEKLY REPORT 2010-11-25
http://www.jpcert.or.jp/wr/2010/wr104501.html
JVN#50610528 Sleipnir および Grani における DLL 読み込みに関する脆弱性
http://jvn.jp/jp/JVN50610528/index.html
JVN#36765384 Google Chrome における情報漏えいの脆弱性
http://jvn.jp/jp/JVN36765384/index.html
JVN#46026251 Safari におけるアドレスバー詐称の脆弱性
http://jvn.jp/jp/JVN46026251/index.html
JVNDB-2010-001174 Apache HTTP Server の ap_read_request 関数における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001174.html
JVNDB-2010-001173 Apache HTTP Server の ap_proxy_ajp_request 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001173.html
JVNDB-2010-001457 PHP の xmlrpc 拡張におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001457.html
JVNDB-2010-001813 OpenLDAP の IA5StringNormalize 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001813.html
JVNDB-2010-002416 Apple Mac OS X の CoreText における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002416.html
JVNDB-2010-002415 Apple Mac OS X の CoreGraphics におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002415.html
JVNDB-2010-002414 Apple Mac OS X の CFNetwork におけるユーザを追跡可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002414.html
JVNDB-2010-002413 Apple Mac OS X の Apple Type Services における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002413.html
JVNDB-2010-002412 Apple Mac OS X の Apple Type Services におけるスタックペースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002412.html
JVNDB-2010-000056 Google Chrome における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000056.html
JVNDB-2010-001538 Safari におけるアドレスバー詐称の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001538.html
Linux Kernel Memory Leak in inotify_init() Lets Local Users Deny Service
http://securitytracker.com/alerts/2010/Nov/1024788.html
Windows Kernel Buffer Overflow in RtlQueryRegistryValues() Lets Local Users Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Nov/1024787.html
Xen Backend Driver Thread Leak Lets Local Guest Users Deny Service
http://securitytracker.com/alerts/2010/Nov/1024786.html
Ghostscript TrueType Integer Overflow in Ins_MINDEX() Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Nov/1024785.html
MCG GuestBook Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/42315/
SimpLISTic Mailing List Manager "email" Script Insertion Vulnerability
http://secunia.com/advisories/42285/
Frog CMS "user[email]" Script Insertion Vulnerability
http://secunia.com/advisories/42322/
HP-UX update for CIFS Server
http://secunia.com/advisories/42319/
Fedora update for udunits2
http://secunia.com/advisories/42326/
Fedora update for dracut and udev
http://secunia.com/advisories/42342/
Native Instruments Traktor Pro Buffer Overflow Vulnerability
http://secunia.com/advisories/42328/
xine-lib Uninitialised Pointer Vulnerability
http://secunia.com/advisories/42359/
FoxitJapanよりフリーPDFソフトウェア第2弾!!
高速で多彩な機能を搭載したPDF プリンタ
Foxit PDF Creator をリリース
http://www.foxitsoftware.com/japan/announcement/shownews.php?id=60&filename=20101124182516
Redirection of DNS traffic
http://secunia.com/blog/153
DoS: Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
http://www.exploit-db.com/exploits/15619/
DoS: NCH Officeintercom <= v5.20 Remote Denial of Service Vulnerability
http://www.exploit-db.com/exploits/15613/
+ Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/44301
+ Linux Kernel 'hdsp.c' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45063
+- Linux Kernel 'FBIOGET_VBLANK' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45062
+ Linux Kernel 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45058
+ Linux Kernel 'hmid_ds structure' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45054
- Linux Kernel 'perf_event_mmap()' Local Denial of Service Vulnerability
http://securityreason.com/securityalert/7911
- Linux Kernel TIOCGICOUNT CVE-2010-4077 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45059
テキストログ監視でのワイルドカード指定について
http://www.say-tech.co.jp/support/post-54/index.shtml
チェック・ポイント、iPhoneとiPadから社内へのアクセスを保護する製品を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20101125/354575/?ST=security
Windowsに新たな脆弱性、権限を昇格して乗っ取りが可能
Vistaや7のセキュリティ機能を回避、実証プログラムが既に公開
http://itpro.nikkeibp.co.jp/article/NEWS/20101126/354579/?ST=security
[Suspected Spam]Vulnerabilities in Register Plus for WordPress
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00212.html
NoScript (2.0.5.1 gt. less )- Bypass "Reflective XSS" through Union SQL Poisoning Trick (SQLXSSI)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00211.html
CVE-2010-2408 Persistent Log Out Redirection Vulnerability in Oracle I-Recruitment OA.
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00209.html
TSSA-2010-01 Ghostscript library Ins_MINDEX() integer overflow and heap corruption
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00199.html
[USN-1022-1] APR-util vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00197.html
[USN-1021-1] Apache vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00200.html
[eVuln.com] SQL injections in FreeTicket
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00202.html
XSS vulnerability in Frog CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00207.html
XSS vulnerability in Frog CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00206.html
XSFS (CSRF) in Frog CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00205.html
XSS vulnerability in Wolf CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00204.html
XSS vulnerability in Wolf CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00203.html
XSS vulnerability in Wolf CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00208.html
[security bulletin] HPSBUX02579 SSRT100203 rev.1 - HP-UX Apache Running Tomcat Servlet Engin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00201.html
[ MDVSA-2010:241 ] gnucash
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00198.html
[ MDVSA-2010:240 ] mono
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00196.html
[eVuln.com] email XSS in SimpLISTic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00194.html
[eVuln.com] Multiple XSS in MCG GuestBook
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00193.html
Mozilla Firefox 3.6.12 Denial of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00191.html
The Unbearable Lightness Of Non-Fixing: A Short Study in Security Reactiveness And Proactiveness
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00192.html
Microsoft Visual Studio vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00186.html
ESA-2010-019: RSA, The Security Division of EMC, is reissuing this advisory regarding a pote
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00185.html
ZyXEL P-660R-T1 V2 XSS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00189.html
[eVuln.com] sitename XSS in Hot Links Lite
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00188.html
Juniper VPN client rdesktop clickhack
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00187.html
[SECURITY] [DSA-2125-1] New openssl packages fix buffer overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00190.html
NGS00015 Patch Notification: ImageIO Memory Corruption
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00183.html
[SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00184.html
[eVuln.com] url XSS in Hot Links Lite
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00182.html
[eVuln.com] report.cgi SQL inj in Hot Links SQL (CGI version)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00181.html
H2HC Cancun - Free Entrance!
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00180.html
Free Simple Software SQL Injection Vulnerability (CVE-2010-4298)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00179.html
Apple Safari for Windows (4.0.2-4.0.5, 5.0-5.0.2) Math.random() predictability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00177.html
vBulletin 4.0.8 PL1 - XSS Filter Bypass within Profile Customization
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00178.html
New vulnerabilities in CMS SiteLogic
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00176.html
[ MDVSA-2010:239 ] php
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00165.html
VUPEN Security Research - Apple Safari Selections Handling Use-after-free Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00164.html
VUPEN Security Research - Apple Safari Scrollbar Handling Use-after-free Vulnerability (
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00170.html
[eVuln.com] Cookie Auth Bypass in Hot Links SQL
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00171.html
[HITB-Announce] HITB2011AMS -- Call For Papers now Open
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00162.html
XSS in CompactCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00160.html
XSS in CompactCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00157.html
Multiple vulnerabilities in chCounter <= 3.1.3 http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00161.html
[USN-1018-1] OpenSSL vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00175.html
[eVuln.com] URL and Title XSS in AxsLinks
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00166.html
[ MDVSA-2010:238 ] openssl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00159.html
H2CSO (Hackers to CSO) debate second edition - Free Live Streaming
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00163.html
Cisco Security Response: Multiple Vulnerabilities in Cisco Unified Videoconferencing Products
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00150.html
Cisco Unified Videoconferencing multiple vulnerabilities - CVE-2010-3037 CVE-2010
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00146.html
Vtiger CRM 5.2.0 Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00169.html
AWCM v2.2 Auth Bypass Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00156.html
Secunia's DNS/domain hijacked?
http://isc.sans.edu/diary.html?storyid=9994
OpenTTD Client Disconnection Handling Use-after-free Vulnerability
http://securityreason.com/securityalert/7913
Linux Kernel 'sctp_outq_flush()' Denial of Service Vulnerability
http://securityreason.com/securityalert/7912
Linux Kernel 'perf_event_mmap()' Local Denial of Service Vulnerability
http://securityreason.com/securityalert/7911
WSN Links SQL Injection Vulnerability
http://securityreason.com/securityalert/7910
HP-UX Security Update Fixes Samba Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/3063
Fedora Security Update Fixes Dracut "/dev/systty" Insecure Permissions
http://www.vupen.com/english/advisories/2010/3062
Fedora Security Update Fixes Udunits2 Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3061
Mandriva Security Update Fixes GnuCash Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/3060
Mandriva Security Update Fixes Mono Untrusted Search Path Vulnerability
http://www.vupen.com/english/advisories/2010/3059
NCH Officeintercom <= v5.20 Remote Denial of Service Vulnerability http://www.exploit-db.com/exploits/15613/
Linux Kernel 'ipc/sem.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43809
Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/44301
Linux Kernel FBIOGET_VBLANK 'drivers/video/sis/sis_main.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43810
Oracle E-Business Suite 'OA.jsp' Oracle iRecruitment URL Redirection Vulnerability
http://www.securityfocus.com/bid/43952
YOPS (Your Own Personal [WEB] Server) Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/43156
Ghostscript TrueType Bytecode Interpreter Heap-Based Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42640
Prof-UIS DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/43468
Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/41963
Apache APR-util 'apr_brigade_split_line' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43673
Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40884
Linux Kernel 'hdsp.c' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45063
Linux Kernel 'FBIOGET_VBLANK' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45062
Linux Kernel TIOCGICOUNT CVE-2010-4077 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45059
Linux Kernel 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45058
Register Plus 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45057
SiteEngine 'comments.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/45056
Linux Kernel 'hmid_ds structure' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45054
FreeTicket 'contact.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45053
Frog CMS Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45052
Mono/Moonlight Generic Type Argument Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45051
JE Ajax Event Calendar 'event_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/45050
NCH Software Office Intercom SIP Invite Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45049
Android SD Card Content Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45048
xine-lib 'asfheader.c' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45047
FoxitJapanよりフリーPDFソフトウェア第2弾!!
返信削除高速で多彩な機能を搭載したPDF プリンタ
Foxit PDF Creator をリリース
ケムサーチ