+ RHSA-2010:1000-1: Important: bind security update
http://rhn.redhat.com/errata/RHSA-2010-1000.html
+ Apache Insecure mod_rewrite PCRE Resource Exhaustion
http://securityreason.com/securityalert/7966
+ ProFTPD 'mod_sql' Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44933
http://www.vupen.com/english/advisories/2010/3277
+ Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/42649/
- Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/42649/
[ANN] Apache Archiva 1.3.3 released
http://archiva.apache.org/download.html
[ANNOUNCE] Psycopg 2.3.2 released
http://initd.org/psycopg/articles/2010/12/20/psycopg-232-released/
[ANNOUNCE] Apache PDFBox 1.4.0 released
http://pdfbox.apache.org/download.html
RHSA-2010:0999-1: Moderate: libvpx security update
http://rhn.redhat.com/errata/RHSA-2010-0999.html
HPSBST02619 SSRT100281 rev.1 - HP StorageWorks Storage Mirroring, Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02660122&admit=109447627+1292894549584+28353475
MySQL 5.5.9 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-9.html
Secunia Research: RealPlayer "cook" Arbitrary Free Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00195.html
Secunia Research: RealPlayer AAC Spectral Data Parsing Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00196.html
Secunia Research: RealPlayer "cook" Uninitialised Memory Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00193.html
Secunia Research: SAP Crystal Reports Print ActiveX Control Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00200.html
www.eVuln.com : "postid" SQL Injection in Social Share
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00198.html
MyBB 1.6 <= Cross Site Scripting (XSS) Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00194.html
Elcom CommunityManager.NET Auth Bypass Vulnerability - Security Advisory - SOS-10-00
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00197.html
Default SSL Keys in Multiple Routers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00191.html
[SECURITY] [DSA 2134-1] Upcoming changes in advisory format
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00192.html
OpenBSD CARP Hash Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00199.html
ラック上海など4社が中国情報セキュリティ連絡会を設立
http://itpro.nikkeibp.co.jp/article/NEWS/20101220/355441/?ST=security
JVNDB-2010-001947 PHP の var_export 関数における、重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001947.html
Patch Issues with Outlook 2007
http://isc.sans.edu/diary.html?storyid=10117
Apache Insecure mod_rewrite PCRE Resource Exhaustion
http://securityreason.com/securityalert/7966
Gitweb less=1.7.3.3 Cross Site Scripting
http://securityreason.com/securityalert/7965
Wonderware InBatch <= 9.0sp1 Buffer Overflow Vulnerability
http://securityreason.com/securityalert/7964
Linux Kernel <= 2.6.37 Local Privilege Escalation
http://securityreason.com/securityalert/7963
Clear iSpot/Clearspot CSRF Vulnerabilities
http://securityreason.com/securityalert/7962
SAP Crystal Reports Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Dec/1024915.html
Kerio WinRoute Firewall HTTP Cache Can Be Poisoned By Remote Users
http://securitytracker.com/alerts/2010/Dec/1024913.html
KVM Structure Initialization Error Lets Local Users Obtain Portions of Kernel Memory
http://securitytracker.com/alerts/2010/Dec/1024912.html
Tor Heap Overflow May Let Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Dec/1024910.html
Mafya Oyun Scrpti "id" SQL Injection Vulnerability
http://secunia.com/advisories/42710/
Tor Unspecified Buffer Overflow Vulnerability
http://secunia.com/advisories/42536/
AjaXplorer Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/42683/
Word Splash Pro Word List Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/42704/
MH Products Download Center "Name" SQL Injection Vulnerability
http://secunia.com/advisories/42714/
MP3 CD Converter Playlist Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/42669/
MH Products Projekt Shop "ts" SQL Injection Vulnerability
http://secunia.com/advisories/42711/
CubeCart FCKeditor Arbitrary File Upload Vulnerability
http://secunia.com/advisories/42655/
Kerio Control / Kerio WinRoute Firewall HTTP Cache Poisoning Vulnerability
http://secunia.com/advisories/42670/
MyBB Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/42698/
MH Products Pay Pal Shop Digital "ItemID" SQL Injection Vulnerability
http://secunia.com/advisories/42712/
Gentoo update for chromium
http://secunia.com/advisories/42648/
Radius Manager New User Group Script Insertion Vulnerabilities
http://secunia.com/advisories/42364/
Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/42649/
Joomla! Admin Tools Component Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/42718/
RTShop "id" SQL Injection Vulnerability
http://secunia.com/advisories/42692/
Joomla! aiContactSafe Component Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42723/
IntegraXor Project ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/42650/
Oto Galeri Sistemi Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/42706/
ftpcopy "ftpls" HTML Directory Listing Script Insertion Vulnerability
http://secunia.com/advisories/42708/
Fedora update for clamav
http://secunia.com/advisories/42720/
Texas Rankem SQL Injection Vulnerabilities
http://secunia.com/advisories/42722/
LOCAL: MP3 CD Converter Professional BoF (SEH)
http://www.exploit-db.com/exploits/15785/
DoS: Apple iPhone Safari (decodeURI) Remote Crash
http://www.exploit-db.com/exploits/15794/
DoS: Apple iPhone Safari (body alink) Remote Crash
http://www.exploit-db.com/exploits/15792/
DoS: Accmeware MP3 Speed 5.0.9 DoS PoC
http://www.exploit-db.com/exploits/15787/
DoS: Accmeware MP3 Cut 5.0.9 DoS PoC
http://www.exploit-db.com/exploits/15788/
DoS: Accmeware MP3 Joiner Pro 5.0.9 DoS PoC
http://www.exploit-db.com/exploits/15786/
ESTsoft ALYac "AYDrvNT.sys" Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2010/3285
ViRobot Desktop and Server "VRsecos.sys" Local Privilege Escalation
http://www.vupen.com/english/advisories/2010/3284
nProtect Anti-Virus/Spyware 2007 "TKRgAc2k.sys" Privilege Escalation
http://www.vupen.com/english/advisories/2010/3283
AhnLab V3 Internet Security "AhnRec2k.sys" Local Privilege Escalation
http://www.vupen.com/english/advisories/2010/3282
Altarsoft Audio Converter File Processing Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3281
Aesop GIF Creator Project File Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3280
SAP Afaria Data Processing Cross Site Scripting Vulnerability
http://www.vupen.com/english/advisories/2010/3279
SAP RFC SDK Memory Corruption and Format String Vulnerabilities
http://www.vupen.com/english/advisories/2010/3278
ProFTPD mod_sql "sql_prepare_where()" Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3277
Kerio Control and WinRoute Firewall HTTP Cache Poisoning Vulnerability
http://www.vupen.com/english/advisories/2010/3276
Ecava IntegraXor HMI ActiveX "save()" Method Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3275
Fedora Security Update Fixes ClamAV Memory Corruption Vulnerabilities
http://www.vupen.com/english/advisories/2010/3274
Fedora Security Update Fixes DHCP Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3273
Fedora Security Update Fixes OpenSSL Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/3272
Fedora Security Update Fixes Mailman Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/3271
SuSE Security Update Fixes Java Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/3270
Gentoo Security Update Fixes Chromium Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/3269
ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45133
Linux Kernel Multiple 'kvm/x86.c' Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/44666
WebM libvpx Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44771
Mozilla Firefox/Thunderbird/SeaMonkey OS Font Code Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/45352
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2010-3776 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45347
Mozilla Firefox CVE-2010-3778 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45344
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2010-3777 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45348
Mozilla Firefox/Thunderbird/SeaMonkey 'document.write()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45345
Apple Safari WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/33080
ProFTPD 'mod_sql' Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44933
Microsoft Office TIFF Image Converter (CVE-2010-3947) Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45274
Microsoft Office TIFF Image Converter (CVE-2010-3950) Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45285
Microsoft Office TIFF Image Converter (CVE-2010-3949) Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45275
Microsoft Office PICT Image Converter (CVE-2010-3946) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/45273
Real Networks Cook Codec Memory Access Vulnerability
http://www.securityfocus.com/bid/45463
Real Networks RealPlayer AAC Spectral Data Parsing Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45455
Real Networks RealPlayer Cook Codec Initialization Function Memory Corruption Vulnrability
http://www.securityfocus.com/bid/45422
SAP Crystal Reports Print ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45387
Ecava IntegraXor Remote Stack-based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45487
Linux Kernel 'drivers/acpi/debugfs.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45408
ClamAV Prior to 0.96.5 Multiple Vulnerabilities
http://www.securityfocus.com/bid/45152
plx Ad Trader Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45521
MP3 CD Converter Professional '.mp3' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45520
PHP Web Scripts Ad Manager Pro 'pageId' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/45519
MaticMarket 'modulename' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/45518
Word Splash Pro '.wsl' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45517
Apple Mobile Safari 'decodeURI()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45516
Inout Webmail 'emailfilter' Value HTML Injection Vulnerability
http://www.securityfocus.com/bid/45515
Oto Galery Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45513
Multiple Accmeware Products '.mp3' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45511
Admin Tools Component for Joomla! Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/45510
AjaXplorer Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45509
ftpcopy 'ftpls' HTML Listing Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45508
Algis Info aiContactSafe Component for Joomla! Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/45507
MH Projekt Shop 'details.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/45506
ClickTech Texas Rank'em 'rankem.asp' SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45504
Ero Auktion 'item.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/45503
RTShop 'productDetail.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/45502
Mafya Oyun Scrpti 'profil.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/45501
Tor Unspecified Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45500
Elcom CommunityManager.NET Session Cookie Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/45499
Kerio Control and WinRoute Firewall Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/45498
Social Share 'postid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/45497
MyBB 'member.php' and 'newreply.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45496
MH Products PayPal Shop Digital 'ItemID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/45495
MH Download Center Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45494
Joomla! JE Auto Component 'view' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/45493
Adobe Photoshop DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/45492
Shopping VirtuaStore 'produtos.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/45514
Schuldner Beratung 'login.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45512
0 件のコメント:
コメントを投稿