+ Velocity Engine 1.7 released
http://velocity.apache.org/
+ glibc 2.11.3 released
http://ftp.gnu.org/gnu/glibc/?C=M;O=D
プレス発表
SIPの脆弱性に関する検証ツールの機能を強化
~SIP実装製品開発者向けに検証項目拡充版を無償貸出~
http://www.ipa.go.jp/about/press/20101130.html
JVNDB-2010-002426 FreeType における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002426.html
JVNDB-2010-002425 Apple Mac OS X のカーネルにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002425.html
JVNDB-2010-002424 Apple Mac OS X の Image RAW におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002424.html
JVNDB-2010-002423 Apple Mac OS X の ImageIO におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002423.html
JVNDB-2010-002422 Apple Mac OS X の Image Capture におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002422.html
JVNDB-2010-001643 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001643.html
JVNDB-2010-001940 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001940.html
JVNDB-2010-001642 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001642.html
JVNDB-2010-001641 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001641.html
JVNDB-2010-001640 Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001640.html
JVNDB-2010-001639 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001639.html
JVNDB-2010-001638 Adobe Flash Player および Adobe AIR における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001638.html
JVNDB-2010-001637 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001637.html
JVNDB-2010-001636 Adobe Flash Player および Adobe AIR における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001636.html
JVNDB-2010-001635 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001635.html
JVNDB-2010-001634 Adobe Flash Player および Adobe AIR におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001634.html
JVNDB-2010-001633 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001633.html
JVNDB-2010-001632 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001632.html
JVNDB-2010-001631 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001631.html
JVNDB-2010-001630 Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001630.html
VMware 2 Web Server Directory Traversal
http://www.exploit-db.com/exploits/15617/
+ FreeBSD-SA-10:10.openssl: OpenSSL multiple vulnerabilities
http://security.freebsd.org/advisories/FreeBSD-SA-10:10.openssl.asc
+ RHSA-2010:0919-1: Moderate: php security update
http://rhn.redhat.com/errata/RHSA-2010-0919.html
+ Linux Kernel CVE-2010-4073 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45073
++ Cisco Security Response: Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability
http://www.cisco.com/en/US/products/products_security_response09186a0080b5992c.html
- Microsoft Windows User Access Control (UAC) Bypass Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45045
[ANNOUNCE] phpPgAdmin 5.0 Released
http://phppgadmin.sourceforge.net/?page=download
phpMyAdmin 2.11.11.1 and 3.3.8.1 are released
http://sourceforge.net/news/?group_id=23067&id=294542
PMASA-2010-8: XSS attack in database search.
http://www.phpmyadmin.net/home_page/security/PMASA-2010-8.php
phpPgAdmin 5.0 Released
http://www.postgresql.org/about/news.1260
RHSA-2010:0918-1: Moderate: cvs security update
http://rhn.redhat.com/errata/RHSA-2010-0918.html
「復元したければ120ドル」、ファイルを暗号化する“脅迫ウイルス”
Adobe Readerなどの脆弱性を悪用、Webアクセスで感染の恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20101130/354672/?ST=security
[ MDVSA-2010:243 ] libxml2
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00227.html
n.runs-SA-2010.003 - Hewlett Packard LaserJet MFP devices - Directory Traversal in P
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00226.html
Vulnerabilities in Joomla
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00225.html
[ MDVSA-2010:242 ] wireshark
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00224.html
[SECURITY] [DSA-2127-1] New wireshark packages fix denial of service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00223.html
SQL injection and Path Disclosure Auth Bypass in 4images 1.7.X
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00222.html
Google Desktop Insecure Library Loading Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00220.html
AOL Instant Messenger Insecure Library Loading Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00221.html
jQuery Lightweight Rich Text Editor (lwrte) Plugin uploader.php Arbitrary File Upload
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-11/msg00219.html
iPhone phishing - What you see, isn't what you get
http://isc.sans.edu/diary.html?storyid=10000
Sun security updates
http://isc.sans.edu/diary.html?storyid=10003
Microsoft Office Word BKF Objects Array Indexing Vulnerability
http://www.securiteam.com/windowsntfocus/6V03H2K0AC.html
Microsoft Office Word Document Heap Overflow Vulnerability
http://www.securiteam.com/windowsntfocus/6U03G2K0AM.html
HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows Arbitrary File Download Vulnerability
http://www.securiteam.com/securitynews/6Y03K2K0AC.html
HP-UX Running BIND DNS Cache Poisoning Vulnerability
http://www.securiteam.com/securitynews/6W03I2K0AS.html
HP LaserJet Printers, Color LaserJet Printers, and Digital Senders Unauthorized Access to Files Vulnerability
http://www.securiteam.com/securitynews/6X03J2K0AI.html
MemHT Portal "User-Agent" HTTP Header Script Insertion Vulnerability
http://secunia.com/advisories/42386/
Easy Banner Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/42316/
McAfee VirusScan Enterprise Insecure Library Loading Vulnerability
http://secunia.com/advisories/41482/
Jurpopage Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/42387/
SiteEngine "module" SQL Injection Vulnerability
http://secunia.com/advisories/42353/
Oracle Solaris bzip2 "BZ_decompress" Integer Overflow Vulnerability
http://secunia.com/advisories/42405/
Oracle Solaris bzip2 "BZ_decompress" Integer Overflow Vulnerability
http://secunia.com/advisories/42404/
Oracle Solaris APR-util "apr_brigade_split_line()" Denial of Service Vulnerability
http://secunia.com/advisories/42403/
Oracle Solaris Perl Safe Module Security Bypass
http://secunia.com/advisories/42402/
Site2Nite Big Truck Broker "txtSiteId" SQL Injection Vulnerability
http://secunia.com/advisories/42383/
collectd "cu_rrd_create_file()" Denial of Service Vulnerability
http://secunia.com/advisories/42393/
Debian update for wireshark
http://secunia.com/advisories/42392/
RSAR Adaptive Authentication (On Premise) versions 2.x and 5.7.x. Cross-site Scripting Vulnerability
http://securityreason.com/securityalert/7917
Apache Tomcat Manager application XSS vulnerability
http://securityreason.com/securityalert/7916
Vtiger CRM 5.2.0 Multiple Vulnerabilities
http://securityreason.com/securityalert/7915
Free Simple Software SQL Injection Vulnerability
http://securityreason.com/securityalert/7914
REMOTE: HP LaserJet Directory Traversal in PJL Interface
http://www.exploit-db.com/exploits/15631/
LOCAL: Mediacoder 0.7.5.4792 Buffer Overflow Exploit (SEH)
http://www.exploit-db.com/exploits/15630/
DoS: FoxPlayer v2.4.0 Denial of Service
http://www.exploit-db.com/exploits/15632/
CVS CVE-2010-3846 RCS File Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44528
PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38708
PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
http://www.securityfocus.com/bid/41991
PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability
http://www.securityfocus.com/bid/44605
OpenSSL 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42306
PHP LCG Entropy Security Vulnerability
http://www.securityfocus.com/bid/38430
PHP 'php/ext/xml/xml.c' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/44889
OpenSSL TLS Server Extension Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44884
WebM libvpx Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44771
OpenConnect 'webvpn' Cookie Debugging Output Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44111
FoxMediaTools FoxPlayer '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38127
RETIRED: WordPress Register Plus 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45069
Cisco VPN Concentrator Groupname Enumeration Weakness
http://www.securityfocus.com/bid/13992
libxml2 'XPATH' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44779
MediaCoder Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38405
Wireshark Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/43197
Microsoft Windows User Access Control (UAC) Bypass Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45045
Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
http://www.securityfocus.com/bid/40302
HP Multiple LaserJet Printers PJL Directory Traversal Vulnerability
http://www.securityfocus.com/bid/44882
Apache APR-util 'apr_brigade_split_line' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43673
bzip2 'BZ2_decompress' Function Integer Overflow Vulnerability
http://www.securityfocus.com/bid/43331
Linux Kernel 'hdsp.c' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45063
Linux Kernel 'hmid_ds structure' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45054
Linux Kernel 'inet_diag.c' Netlink Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/44665
Linux Kernel 'x25_parse_facilities()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/44642
Linux Kernel 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45058
Linux Kernel 'x25_parse_facilities()' CVE-2010-4164 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45055
Linux Kernel 'FBIOGET_VBLANK' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45062
Linux Kernel CAN Protocol Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44661
Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/44301
CVS CVE-2010-3846 RCS File Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44528
PHP xmlrpc Extension Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/38708
PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
http://www.securityfocus.com/bid/41991
PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability
http://www.securityfocus.com/bid/44605
OpenSSL 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/42306
PHP LCG Entropy Security Vulnerability
http://www.securityfocus.com/bid/38430
PHP 'php/ext/xml/xml.c' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/44889
OpenSSL TLS Server Extension Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44884
WebM libvpx Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44771
OpenConnect 'webvpn' Cookie Debugging Output Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44111
FoxMediaTools FoxPlayer '.m3u' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38127
RETIRED: WordPress Register Plus 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45069
Cisco VPN Concentrator Groupname Enumeration Weakness
http://www.securityfocus.com/bid/13992
libxml2 'XPATH' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44779
MediaCoder Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38405
Wireshark Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/43197
Microsoft Windows User Access Control (UAC) Bypass Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45045
Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
http://www.securityfocus.com/bid/40302
HP Multiple LaserJet Printers PJL Directory Traversal Vulnerability
http://www.securityfocus.com/bid/44882
Apache APR-util 'apr_brigade_split_line' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43673
bzip2 'BZ2_decompress' Function Integer Overflow Vulnerability
http://www.securityfocus.com/bid/43331
Linux Kernel 'hdsp.c' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45063
Linux Kernel 'hmid_ds structure' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45054
Linux Kernel 'inet_diag.c' Netlink Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/44665
Linux Kernel 'x25_parse_facilities()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/44642
Linux Kernel 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45058
Linux Kernel 'x25_parse_facilities()' CVE-2010-4164 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45055
Linux Kernel 'FBIOGET_VBLANK' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45062
Linux Kernel CAN Protocol Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44661
Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/44301
Google Desktop 'schannel.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/45082
MemHT Portal "User-Agent" HTTP Header HTML Injection Vulnerability
http://www.securityfocus.com/bid/45078
Linux Kernel TIOCGICOUNT CVE-2010-4074 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45074
Linux Kernel CVE-2010-4073 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45073
0 件のコメント:
コメントを投稿