http://itpro.nikkeibp.co.jp/article/NEWS/20101129/354622/?ST=security
JVNVU#529673 Microsoft Windows の RtlQueryRegistryValues() 関数におけるレジストリデータ検証不備の脆弱性
http://jvn.jp/cert/JVNVU529673/index.html
JVNDB-2010-002421 Apple Mac OS X の Networking におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002421.html
JVNDB-2010-002420 Apple Mac OS X の AppKit におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002420.html
JVNDB-2010-002419 Apple Mac OS X の Disk Image における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002419.html
JVNDB-2010-002418 Apple Mac OS X の password-validation 機能におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002418.html
JVNDB-2010-002417 Apple Mac OS X の Directory Services における認証を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002417.html
JVNDB-2010-001629 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001629.html
JVNDB-2010-001628 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001628.html
JVNDB-2010-001627 Adobe Flash Player におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001627.html
JVNDB-2010-001626 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001626.html
JVNDB-2010-001625 Adobe Flash Player および Adobe AIR における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001625.html
JVNDB-2010-001624 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001624.html
JVNDB-2010-001623 Adobe Flash Player および Adobe AIR におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001623.html
JVNDB-2010-001622 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001622.html
JVNDB-2010-001621 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001621.html
JVNDB-2010-001620 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001620.html
JVNDB-2010-001619 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001619.html
JVNDB-2010-001618 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001618.html
JVNDB-2010-001617 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001617.html
JVNDB-2010-001616 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001616.html
JVNDB-2010-001514 MySQL におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001514.html
Sun Solaris Security Update Fixes Safe Perl Module Code Execution
http://www.vupen.com/english/advisories/2010/3075
Sun Solaris Security Update Fixes Apr-util Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3074
Sun Solaris Security Update Fixes Bzip2 Integer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3073
MemHT Portal "User-Agent" Header Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/3072
Jurpopage "category" Parameter Remote SQL Injection Vulnerability
http://www.vupen.com/english/advisories/2010/3071
CA Internet Security Suite Plus "KmxSbx.sys" Pool Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/3070
IBM WebSphere MQ Internet pass-thru TLS/SSL Renegotiation Vulnerability
http://www.vupen.com/english/advisories/2010/3069
Mandriva Security Update Fixes Wireshark Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3068
Debian Security Update Fixes Wireshark Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3067
Debian Security Update Fixes Multiple Local Kernel Vulnerabilities
http://www.vupen.com/english/advisories/2010/3066
+ Microsoft Windows win32k.sys Driver "GreEnableEUDC()" Vulnerability
http://secunia.com/advisories/42356/
http://securitytracker.com/alerts/2010/Nov/1024787.html
http://www.kb.cert.org/vuls/id/529673
+ CVE-2010-1168 Vulnerability in Safe Perl Module (Safe.pm) for Perl 5.8
http://blogs.sun.com/security/entry/cve_2010_1168_vulnerability_in
+ CVE-2010-1623 Memory Leak in the Apache Portable Runtime Utility Library (APR-util)
http://blogs.sun.com/security/entry/cve_2010_1623_memory_leak
+ CVE-2010-0405 Integer Overflow in bzip2 in Versions Prior to 1.0.6
http://blogs.sun.com/security/entry/cve_2010_0405_integer_overflow
+ Linux Kernel Unix Sockets Local Denial of Service
http://www.securityfocus.com/bid/45037
http://www.exploit-db.com/exploits/15622/
- Microsoft Outlook File Attachment Denial Of Service Vulnerability
http://www.securityfocus.com/bid/45065
http://securitytracker.com/alerts/2010/Nov/1024790.html
[ANN] Apache Maven 3.0.1 Released
http://cwiki.apache.org/MAVEN/maven-3x-compatibility-notes.html
[ANNOUNCE] Release of Apache MyFaces Extensions Validator 1.1.4, 1.2.4 and 2.0.4
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310821&styleName=Html&version=12314836
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310821&styleName=Html&version=12314835
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310821&styleName=Html&version=12314834
Postfix 2.8 Snapshot 20101126
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20101126.HISTORY
UPDATE: Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Vulnerability in CiscoWorks Common Services
http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080b51502.html
「SNSでのウイルス感染の危険度はメールより10倍も高い」ウイルス専門家が最新動向を報告
http://itpro.nikkeibp.co.jp/article/NEWS/20101126/354594/?ST=security
[eVuln.com] URL XSS in Easy Banner Free
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00217.html
[eVuln.com] SQL injection Auth Bypass in Easy Banner Free
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00216.html
JVNDB-2010-001513 MySQL の my_net_skip_rest 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001513.html
JVNDB-2010-002082 iPhone および iPod touch 上で稼動する Apple iOS の ImageIO における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002082.html
JVNDB-2010-001675 Apple iOS の CFNetwork におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001675.html
JVNDB-2010-001730 libpng に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001730.html
JVNDB-2010-001537 Adobe Flash ActionScript AVM2 newfunction 命令に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001537.html
Using password cracking as metric/indicator for the organisation's security posture
http://isc.sans.edu/diary.html?storyid=9997
Microsoft Outlook Attachment Processing Flaw Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Nov/1024790.html
IBM WebSphere MQ Internet pass-thru Protocol Flaw in SSL Renegotiation Lets Remote Users Conduct Man-in-the-Middle Attacks
http://securitytracker.com/alerts/2010/Nov/1024789.html
HP Insight Control Performance Management Arbitrary File Download Vulnerability
http://www.securiteam.com/windowsntfocus/6Y03G1P0AE.html
Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability
http://www.securiteam.com/securitynews/6A03I1P0AI.html
HP Insight Control Performance Management Multiple Vulnerabilities
http://www.securiteam.com/windowsntfocus/6Z03H1P0AS.html
Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities
http://www.securiteam.com/securitynews/6B03J1P0AM.html
Cisco IOS SSL VPN Denial of Service Vulnerability
http://www.securiteam.com/securitynews/6C03K1P0AK.html
Office Intercom SIP INVITE "Content-Length" Denial of Service
http://secunia.com/advisories/42335/
MRCGIGUY FreeTicket Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/42313/
WordPress Register Plus Plugin Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/42360/
Moonlight Generic Constraints Bypass Vulnerability
http://secunia.com/advisories/42373/
Microsoft Windows win32k.sys Driver "GreEnableEUDC()" Vulnerability
http://secunia.com/advisories/42356/
Ubuntu update for apr-util
http://secunia.com/advisories/42361/
Ubuntu update for apache2
http://secunia.com/advisories/42367/
IBM WebSphere MQ Internet Pass-Thru TLS Renegotiation Vulnerability
http://secunia.com/advisories/42379/
Vulnerability Note VU#529673: Microsoft Windows RtlQueryRegistryValues() does not adequately validate registry data
http://www.kb.cert.org/vuls/id/529673
LOCAL: OTSTurntables 1.00.048 (m3u/ofl) Local BOF Exploit (SEH)
http://www.exploit-db.com/exploits/15626/
LOCAL: CA Internet Security Suite 2010 KmxSbx.sys Kernel Pool Overflow 0 day Exploit
http://www.exploit-db.com/exploits/15624/
DoS: Hanso Player Version 1.4.0 (.m3u) Denial of Service Vulnerability
http://www.exploit-db.com/exploits/15628/
DoS: Linux Kernel Unix Sockets Local Denial of Service
http://www.exploit-db.com/exploits/15622/
Ubuntu Security Update Fixes Apr-util Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3065
Ubuntu Security Update Fixes Apache2 Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/3064
Linux Kernel Unix Sockets Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/45037
SystemTap 'modprob' Command Environment Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44914
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
WordPress Register Plus 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45069
MRCGIGUY FreeTicket 'contact.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45067
PHP Web Scripts Easy Banner Free Multiple SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/45066
Microsoft Outlook File Attachment Denial Of Service Vulnerability
http://www.securityfocus.com/bid/45065
0 件のコメント:
コメントを投稿