設定一括配布ツールで、2台目以降のサーバへの配布に失敗する
http://www.say-tech.co.jp/support/bom-for-windows/post-56/index.shtml
VMSA-2010-0020: VMware ESXi 4.1 Update Installer SFCB Authentication Flaw
http://www.vmware.com/security/advisories/VMSA-2010-0020.html
年末年始における注意喚起
http://www.ipa.go.jp/security/topics/alert221222.html
JVNVU#545319 Apple Time Capsule および AirPort Base Station (802.11n) における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU545319/index.html
JVNDB-2010-002459 ProFTPD の pr_netio_telnet_get 関数におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002459.html
JVNDB-2010-002458 ProFTPD の mod_site_misc モジュールにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002458.html
JVNDB-2010-001229 OpenSSL における複数の関数に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001229.html
JVNDB-2010-002284 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002284.html
JVNDB-2010-002072 複数の Mozilla 製品の SafeJSObjectWrapper 実装における同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002072.html
JVNDB-2010-002542 MIT Kerberos 5 における AD-SIGNEDPATH または AD-KDC-ISSUED 署名を偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002542.html
JVNDB-2010-002541 MIT Kerberos 5 における GSS トークンを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002541.html
JVNDB-2010-002540 MIT Kerberos 5 における KRB-SAFE メッセージを偽造される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002540.html
JVNDB-2010-002539 ISC DHCP サーバにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002539.html
JVNDB-2010-002538 Wireshark の ZigBee ZCL 解析部の epan/dissectors/packet-zbee-zcl.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002538.html
JVNDB-2010-002537 Wireshark の LDSS 解析部の dissect_ldss_transfer 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002537.html
JVNDB-2010-002536 Wireshark の BER 解析部の dissect_ber_unknown 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002536.html
JVNDB-2009-002619 PHP の utf8_decode 関数におけるクロスサイトスクリプティングおよび SQL インジェクションに対する保護メカニズムを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002619.html
JVNDB-2010-002535 PHP の xml_utf8_decode 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002535.html
REMOTE: Citrix Access Gateway Command Injection Vulnerability
http://www.exploit-db.com/exploits/15806/
DoS: Apple iPhone Safari (JS .) Remote Crash
http://www.exploit-db.com/exploits/15805/
Linux Kernel 'do_io_submit()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/43353
Linux Kernel 'net/sched/act_police.c' File Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42529
Linux Kernel 'XFS_IOC_FSGETXATTR' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43022
Linux Kernel Futex Macros Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/44754
+ Microsoft Internet Explorer CSS Parsing Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45246
RHSA-2010:1002-1: Moderate: mod_auth_mysql security update
http://rhn.redhat.com/errata/RHSA-2010-1002.html
RHSA-2010:1003-1: Moderate: git security update
http://rhn.redhat.com/errata/RHSA-2010-1003.html
Struts 2.2.1.1 General Availability Release
http://struts.apache.org/2.2.1.1/index.html
Apache httpd 2.3.10-alpha Released
http://www.apache.org/dist/httpd/Announcement2.3.txt
http://www.apache.org/dist/httpd/CHANGES_2.3
NTP 4.2.7p100 Development released
http://archive.ntp.org/ntp4/ChangeLog-dev
Linux Kernel release: 2.6.37-rc7
http://www.linux.org/news/2010/12/21/0001.html
Trend Micro Threat Discovery Appliance / Trend Micro Threat Mitigator のサポート終了日程更新のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1505
eVuln : [EV0166] "postid" SQL Injection in Social Share
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34544
Mandriva : [MDVSA-2010:258] mozilla-thunderbird
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34532
MyBB Development Team : MyBB 1.6 <= Cross Site Scripting (XSS) Vulnerability http://www.criticalwatch.com/support/security-advisories.aspx?AID=34553
Red Hat : [RHSA-2010:0998-01] Low: kvm security and bug fix update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34528
Red Hat : [RHSA-2010:0999-01] Moderate: libvpx security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34529
Red Hat : [RHSA-2010:1000-01] Important: bind security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34530
Secunia : SAP Crystal Reports Print ActiveX Control Buffer Overflow
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34547
Secunia : RealPlayer AAC Spectral Data Parsing Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34548
Secunia : RealPlayer "cook" Uninitialised Memory Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34549
Secunia : RealPlayer "cook" Arbitrary Free Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34550
Sense of Security : [SOS-10-004] Elcom CommunityManager.NET Auth Bypass Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34555
Debian : [DSA 2134-1] Upcoming changes in advisory format
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34537
eVuln : [EV0164] Non-persistent XSS in Social Share
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34543
eVuln : [EV0165] "link" and "linkdescription" XSS in Social Share
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34545
Independent Researcher : Alt-N WebAdmin Source Code Disclosure
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34558
Mandriva : [MDVSA-2010:257] kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34531
OpenBSD : OpenBSD CARP Hash Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34552
Check Point Software Technologies : Embedded Video WordPress Plugin Cross Site Vulnerability (XSS)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34554
Check Point Software Technologies : Apple Quicktime Memory Corruption - CVE-2010-3801
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34557
Check Point Software Technologies : Radius Manager Multiple Cross Site Scripting (XSS) Vulnerabilities - CVE-2010-4275
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34562
Gentoo Linux : [GLSA 201012-01] Chromium: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34559
Hewlett-Packard : Your HP-UX UNIX Security Bulletin Notification
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34534
Hewlett-Packard : Your HP Storage SW Security Bulletin Notification
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34535
Hewlett-Packard : Your HP Management Agents Security Bulletin Notification
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34536
High-Tech Bridge SA : [HTB22724] XSS vulnerability in BLOG:CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34538
High-Tech Bridge SA : XSS vulnerability in BLOG:CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34539
High-Tech Bridge SA : [HTB22723] XSS vulnerability in BEdita
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34540
High-Tech Bridge SA : [HTB22727] XSRF (CSRF) in BLOG:CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34541
High-Tech Bridge SA : [HTB22729] XSRF (CSRF) in BEdita
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34542
High-Tech Bridge SA : [HTB22728] Stored Cross Site Scripting vulnerability in BEdita
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34546
High-Tech Bridge SA : [HTB22726] cross site scripting vulnerability in BLOG:CMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34556
SuSE : [SUSE-SA:2010:061] IBM Java 1.4.2
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34526
Apple : [APPLE-SA-2010-12-16-1] Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34533
プレス発表
「安全なウェブサイトの作り方」のダウンロード件数が250万件を突破
~安全なウェブサイト実現に向けたIPAの取組み~
http://www.ipa.go.jp/about/press/20101221.html
2010年は「ガンブラー」が猛威、「有名サイトでウイルス感染」の時代に
トレンドマイクロが感染報告数を集計、「わな」ウイルスが上位に
http://itpro.nikkeibp.co.jp/article/NEWS/20101222/355540/?ST=security
4割以上は「Adobe Reader」を更新していない――危険な実態が明らかに
IPAのセキュリティ意識調査、「4人に1人はセキュリティ対策ソフトなし」
http://itpro.nikkeibp.co.jp/article/NEWS/20101222/355539/?ST=security
高騰する「サイバー攻撃ツール」、犯罪者集団が7000万ドルを荒稼ぎ
2010年のセキュリティ動向をラックが解説、「1万ドル以上のツールも」
http://itpro.nikkeibp.co.jp/article/NEWS/20101221/355453/?ST=security
JVNVU#159528 ISC DHCP にサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU159528/index.html
JVNVU#568372 NTP におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU568372/index.html
JVNDB-2010-001824 複数の Mozilla 製品におけるクロスサイトスクリプティングを誘導される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001824.html
JVNDB-2010-001299 複数の Mozilla 製品の XMLDocument::load 関数におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001299.html
JVNDB-2010-001297 Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001297.html
JVNDB-2010-001296 Mozilla Firefox/SeaMonkey における任意の JavaScript を実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001296.html
JVNDB-2010-001294 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001294.html
JVNDB-2010-001293 複数の Mozilla 製品 の nsTreeSelection の実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001293.html
JVNDB-2010-001292 複数の Mozilla 製品 のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001292.html
JVNDB-2010-001291 複数の Mozilla 製品 のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001291.html
JVNDB-2010-001206 Mozilla Thunderbird/SeaMonkey における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001206.html
JVNDB-2010-002089 Adobe Flash に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002089.html
JVNDB-2010-002534 CVS の rcs.c 内にある apply_rcs_change 関数における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002534.html
JVNDB-2010-002533 Microsoft Windows の RtlQueryRegistryValues() 関数におけるレジストリデータ検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002533.html
JVNDB-2010-002532 RealFlex RealWin HMI サービスにバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002532.html
JVNDB-2010-002531 Apache Tomcat の Manager アプリケーションにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002531.html
JVNDB-2010-002530 Webmin および Usermin におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002530.html
JVNDB-2010-002529 Interstage Application Server における許可されていない IP アドレスからのリクエストのアクセスを許可する脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002529.html
JVNDB-2010-002528 日立の Groupmax 関連製品におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002528.html
PR10-14 Unauthenticated command execution within Mitels AWC (Mitel Audio and Web Conferencing)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00221.html
[security bulletin] HPSBST02619 SSRT100281 rev.1 - HP StorageWorks Storage Mirroring, Remote Exe
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00218.html
http://www.evuln.com/ : Authentication Bypass by SQL Injection in Social Share
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00217.html
XSS vulnerability in ImpressCMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00216.html
Path disclosure in HTML-EDIT CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00231.html
XSS in HTML-EDIT CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00213.html
XSS vulnerability in Habari
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00211.html
Path disclosure in Habari
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00210.html
SQL Injection in HTML-EDIT CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00207.html
XSS vulnerability in Habari
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00206.html
Path disclosure in GetSimple CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00203.html
SQL injection in Hycus CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00204.html
SQL injection in Hycus CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00227.html
SQL injection in Hycus CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00222.html
XSS vulnerability in Injader CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00226.html
SQL injection in Injader CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00205.html
SQL injection in Injader CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00224.html
XSS vulnerability in Injader CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00214.html
SQL injection in Hycus CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00223.html
LFI in Hycus CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00220.html
nSense-2010-005: Winamp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00209.html
nSense-2010-004: Sybase Afaria
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00215.html
[waraxe-2010-SA#077] - Multiple Vulnerabilities in Calibre 0.7.34
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00219.html
[ MDVSA-2010:258 ] mozilla-thunderbird
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00228.html
Secunia Research: Microsoft Office FlashPix Tile Data Two Buffer Overflows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00208.html
Secunia Research: Microsoft Office FlashPix Property Set Parsing Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00201.html
Secunia Research: Microsoft Office TIFF Image Converter Two Buffer Overflows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00229.html
Secunia Research: Microsoft Office Document Imaging Endian Conversion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00202.html
Secunia Research: Microsoft Office TIFF Image Converter Endian Conversion Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00212.html
Secunia Research: Microsoft Office PICT Filter Integer Truncation Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00230.html
Network Reliability, Part 2 - HSRP Attacks and Defenses
http://isc.sans.edu/diary.html?storyid=10120
Oracle Multiple Products HTTP Request Buffer Overflow Vulnerability
http://www.securiteam.com/securitynews/6U03I0A0KM.html
Microsoft Office Excel Ghost Record Type Parsing Vulnerability
http://www.securiteam.com/windowsntfocus/6T03H0A0KQ.html
SAP Crystal Reports JobServer GIOP Request Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/6V03J0A0KI.html
Microsoft Internet Explorer EOT File hdmx Parsing Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/6X03L0A0KA.html
Microsoft Windows OpenType CFF Parsing Vulnerability
http://www.securiteam.com/windowsntfocus/6S03G0A0KW.html
Microsoft Internet Explorer Stylesheet PrivateFind Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/6W03K0A0KC.html
HP StorageWorks Storage Mirroring Unspecified Flaw Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Dec/1024916.html
ManageEngine OpManager "viewCount" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42719/
Vacation Rental Script File Upload Vulnerability
http://secunia.com/advisories/42636/
Calibre Cross-Site Scripting and File Disclosure Vulnerabilities
http://secunia.com/advisories/42689/
ImpressCMS "quicksearch_ContentContent" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42695/
PrestaShop Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42503/
Openfiler "device" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42507/
Hycus CMS Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/42567/
FreeNAS "lang" File Inclusion Vulnerability
http://secunia.com/advisories/42635/
Habari "additem_form" and "status_data[]" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/42688/
Html-edit CMS Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/42664/
Sybase Afaria Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/42686/
MHonArc HTML Mail Conversion Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42694/
HP StorageWorks Storage Mirroring Software Unspecified Code Execution Vulnerability
http://secunia.com/advisories/42696/
AhnLab V3 Internet Security "AhnRec2k.sys" Privilege Escalation Vulnerability
http://secunia.com/advisories/42685/
Red Hat update for libvpx
http://secunia.com/advisories/42690/
Red Hat update for bind
http://secunia.com/advisories/42707/
MyBB "url" and "posthash" Parameters Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/3294
MP3 CD Converter Playlist Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3293
Word Splash Pro Word List Handling Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3292
HP StorageWorks Storage Mirroring Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2010/3291
Tor Unspecified Data Processing Remote Heap Overflow Vulnerability
http://www.vupen.com/english/advisories/2010/3290
Redhat Security Update Fixes BIND Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3289
Redhat Security Update Fixes libvpx Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2010/3288
Redhat Security Update Fixes KVM Memory Disclosure Vulnerability
http://www.vupen.com/english/advisories/2010/3287
Mandriva Security Update Fixes Thunderbird Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/3286
REMOTE: Ecava IntegraXor 3.6.4000.0 Directory Traversal
http://www.exploit-db.com/exploits/15802/
DoS: Windows 7 IIS7.5 FTPSVC UNAUTH'D Remote DoS PoC
http://www.exploit-db.com/exploits/15803/
DoS: Apple iPhone Safari (decodeURIComponent) Remote Crash
http://www.exploit-db.com/exploits/15796/
Linux Kernel 'io_submit_one()' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/44755
Xen 'arch/ia64/xen/faults.c' Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40776
Linux Kernel CIFS 'CIFSSMBWrite()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/42242
Linux Kernel XSF 'SWAPEXT' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40920
Linux Kernel CVE-2010-2066 Donor File Security Bypass Vulnerability
http://www.securityfocus.com/bid/41466
Linux Kernel CIFS DNS Lookup Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/41904
Linux Kernel Bluetooth Sysfs File Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/38898
Microsoft Internet Explorer CSS Parsing Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45246
Git gitweb 'index.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45439
'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
http://www.securityfocus.com/bid/33392
Xpdf 'FoFiType1::parse()' Array Indexing Error Vulnerability
http://www.securityfocus.com/bid/43841
Xpdf 'Gfx::getPos()' (CVE-2010-3702) Unitialized Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/43845
Citrix Access Gateway User Credentials Command Injection Vulnerability
http://www.securityfocus.com/bid/45402
Microsoft Office PICT Image Converter (CVE-2010-3946) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/45273
Microsoft Internet Explorer Select HTML Element Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45260
Microsoft Internet Explorer Uninitialized Object CVE-2010-3343 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45259
Microsoft Internet Explorer Uninitialized Object CVE-2010-3340 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45255
Winamp 'in_midi' Component MIDI Timestamp Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45221
Microsoft Office FlashPix Image Converter (CVE-2010-3952) Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/45283
Microsoft Office FlashPix Image Converter (CVE-2010-3951) Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45278
VMware ESXi Update Installer Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/45543
Microsoft IIS FTPSVC Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45542
ImpressCMS 'quicksearch_ContentContent' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/45541
Mediatricks Viva Thumbs Plugin for WordPress Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/45539
Injader Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/45538
Mitel Audio and Web Conferencing (AWC) Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/45537
Social Share 'username' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/45536
Ecava IntegraXor 'file_name' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/45535
XGallery Component for Joomla! 'file' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/45534
Calibre Cross Site Scripting and Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/45532
PrestaShop 1.3.3 Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45531
Habari Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45530
Sybase Afaria Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/45529
MHonArc HTML Mail Conversion Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45528
Hycus CMS Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/45527
HP StorageWorks Storage Mirroring (CVE-2010-4116) Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/45526
S9Y Serendipity 'manager.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/45525
Apple Mobile Safari 'decodeURIComponent' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45524
Openfiler 'device' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45523
FreeNAS 'index.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45522
0 件のコメント:
コメントを投稿