Postfix 2.8 Snapshot 20101204
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.8-20101204.HISTORY
ウイルス対策製品検出用検索エンジン 3.4.1017 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1501
ウイルス検索エンジン VSAPI 9.205 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1500
コンピュータウイルス・不正アクセスの届出状況[11月分]について
http://www.ipa.go.jp/security/txt/2010/12outline.html
IBM、Webアプリ向けセキュリティソフトの最新版「Rational AppScan 8」をリリース
http://itpro.nikkeibp.co.jp/article/NEWS/20101206/354878/?ST=security
JVNDB-2010-002449 複数の Microsoft 製品における整数アンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002449.html
JVNDB-2010-002448 Microsoft PowerPoint におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002448.html
JVNDB-2010-002447 Microsoft Office における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002447.html
JVNDB-2010-002446 複数の Microsoft 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002446.html
JVNDB-2010-002445 複数の Microsoft 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002445.html
JVNDB-2010-002444 複数の Microsoft 製品におけるスタックペースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002444.html
JVNDB-2010-002443 Zope Object Database の ZEO/StorageServer.py におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002443.html
LOCAL: Viscom VideoEdit Gold ActiveX 8.0 Remote Code Execution Exploit
http://www.exploit-db.com/exploits/15693/
LOCAL: Video Charge Studio less= 2.9.5.643 (.vsc) Buffer Overflow (SEH)
http://www.exploit-db.com/exploits/15692/
+ Dovecot 2.0.8 released
http://www.dovecot.org/list/dovecot-news/2010-December/000182.html
+- Linux Kernel Ptrace (CVE-2010-3301) Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/43355
++ CGI.pm "header()" HTTP Header Injection Vulnerability
http://secunia.com/advisories/42461/
[ANNOUNCE] Release of Lucene Java versions 3.0.3 and 2.9.4
http://lucene.apache.org/java/3_0_3/changes/Changes.html
http://lucene.apache.org/java/2_9_4/changes/Changes.html
APSB10-29: Security update available for Adobe Illustrator CS5
http://www.adobe.com/support/security/bulletins/apsb10-29.html
jetty@codehaus 7.2.2.v20101203
http://svn.codehaus.org/jetty/jetty/branches/jetty-7/VERSION.txt
CVE-2010-3864 OpenSSL Race Condition vulnerability
http://blogs.sun.com/security/entry/cve_2010_3864_race_condition
VMSA-2010-0018: VMware hosted products and ESX patches resolve multiple security issues
http://www.vmware.com/security/advisories/VMSA-2010-0018.html
Webブラウザー「Chrome」の新版公開、PDF閲覧機能を搭載
開発版で見つかった800以上のバグを修正、13の脆弱性も解消
http://itpro.nikkeibp.co.jp/article/NEWS/20101206/354868/?ST=security
[ MDVSA-2010:247 ] kernel
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00021.html
Vulnerabilities in Register Plus Redux for WordPress
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00020.html
[security bulletin] HPSBUX02609 SSRT100147 rev.1 - CIFS Server (Samba), Remote Execution of Arbi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00019.html
[security bulletin] HPSBUX02610 SSRT100341 rev.1 - HP-UX Running OpenSSL, Remote Execution o
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00014.html
[eVuln.com] PHP Code Execution in Alguest
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00015.html
[eVuln.com] Cookie authentication bypass in Alguest
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00017.html
VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00016.html
Updates to a couple of Sysinternals tools
http://isc.sans.edu/diary.html?storyid=10036
CGI.pm "header()" HTTP Header Injection Vulnerability
http://secunia.com/advisories/42461/
CGI::Simple "multipart_init()" HTTP Header Injection Vulnerability
http://secunia.com/advisories/42460/
CGI.pm "multipart_init()" HTTP Header Injection Vulnerability
http://secunia.com/advisories/42443/
Etomite Multiple Vulnerabilities
http://secunia.com/advisories/42448/
OpenSSL "NETSCAPE_REUSE_CIPHER_CHANGE_BUG" Ciphersuite Downgrade Vulnerability
http://secunia.com/advisories/42473/
VMware Products VMnc Codec Frame Decompression Vulnerability
http://secunia.com/advisories/42481/
VMware Products VMware Tools Command Injection Vulnerability
http://secunia.com/advisories/42480/
VMware Server Multiple Vulnerabilities
http://secunia.com/advisories/42482/
VMware Products "vmware-mount" Privilege Escalation Security Issues
http://secunia.com/advisories/42453/
VMware Server VI Web Access Directory Traversal Security Issue
http://secunia.com/advisories/42479/
Kindle for PC Insecure Library Loading Vulnerability
http://secunia.com/advisories/42476/
Palm Pre WebOS Contacts Application Vulnerability
http://secunia.com/advisories/42419/
Fedora update for udev
http://secunia.com/advisories/42451/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/42472/
OpenSSL J-PAKE Validation Error Lets Remote Users Validate Without Shared Secret Key
http://securitytracker.com/alerts/2010/Dec/1024823.html
OpenSSL Stored Session Cache Modification Bug May Let Remote Users Downgrade the Ciphersuite
http://securitytracker.com/alerts/2010/Dec/1024822.html
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service
http://securitytracker.com/alerts/2010/Dec/1024821.html
VMware Race Conditions and Input Validation Flaw Let Local Users on the Host Operating System Gain Elevated Privileges
http://securitytracker.com/alerts/2010/Dec/1024820.html
VMware Movie Decoder Heap Overflow in Decompression Routine Lets Remote Users Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Dec/1024819.html
Clam AntiVirus Bugs Let Remote Users Deny Service and Execute Arbitrary Code
http://securitytracker.com/alerts/2010/Dec/1024818.html
Symantec IM Manager SQL Injection Vulnerability
http://www.securiteam.com/windowsntfocus/6M02V1F0KI.html
Adobe Shockwave Player Lnam Chunk String Processing Code Execution Vulnerability
http://www.securiteam.com/securitynews/6A02V0U0KE.html
HP Version Control Repository Manager (VCRM) Cross Site Scripting Vulnerability
http://www.securiteam.com/windowsntfocus/6C02X0U0KQ.html
Symantec IM Manager rdServer.dll sGetDefinition SQL Injection Vulnerability
http://www.securiteam.com/windowsntfocus/6N02W1F0KE.html
HP LoadRunner Web Tours 9.10 Denial of Service Vulnerability
http://www.securiteam.com/securitynews/6B0301F0KA.html
Palm webOS Camera Application Unauthorized Write Access Vulnerability
http://www.securiteam.com/securitynews/6O02X1F0KG.html
HP Storage Essentials Using LDAP Unauthenticated Access Vulnerability
http://www.securiteam.com/securitynews/6P02Y1F0KG.html
Palm webOS service API Code execution vulnerability
http://www.securiteam.com/windowsntfocus/6P0300U0KW.html
Palm webOS Doc Viewer Execution of Arbitrary Code Vulnerability
http://www.securiteam.com/securitynews/6D02Y0U0KW.html
Adobe Shockwave Player Director File SetVertexArray Code Execution Vulnerability
http://www.securiteam.com/securitynews/6B02W0U0KG.html
Freefloat FTP Server Buffer Overflow Vulnerability 0day
http://www.exploit-db.com/exploits/15689/
Image Viewer CP Gold 6 ActiveX TifMergeMultiFiles() Buffer Overflow
http://www.exploit-db.com/exploits/15668/
Wireshark LDSS Dissector Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/15676/
TFTPUtil GUI 1.4.5 DoS (Meta)
http://www.exploit-db.com/exploits/15674/
WaveMax Sound Editor 4.5.1 Denial of Service PoC
http://www.exploit-db.com/exploits/15671/
Free Audio Converter 7.1.5 Denial of Service Vulnerability PoC
http://www.exploit-db.com/exploits/15670/
Mediamonkey 3.2.4.1304 (mp3) Buffer Overflow Vulnerability PoC
http://www.exploit-db.com/exploits/15669/
VMware Products Code Execution and Privilege Escalation Vulnerabilities
http://www.vupen.com/english/advisories/2010/3116
Google Chrome Use-after-free and Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/3115
Redhat JBoss Enterprise Application Platform Multiple Vulnerabilities
http://www.vupen.com/english/advisories/2010/3114
Redhat Security Update Fixes Kernel Privilege Escalation and DoS Issues
http://www.vupen.com/english/advisories/2010/3113
Redhat Security Update Fixes Java Security Bypass and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2010/3112
Redhat Security Update Fixes Acroread Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2010/3111
Fedora Security Update Fixes udev dracut "/dev/systty" Insecure Permissions
http://www.vupen.com/english/advisories/2010/3110
Fedora Security Update Fixes Multiple Local Kernel Vulnerabilities
http://www.vupen.com/english/advisories/2010/3109
Fedora Security Update Fixes OpenJDK Information Disclosure Issue
http://www.vupen.com/english/advisories/2010/3108
Pandora FMS less= 3.1 Blind SQL Injection
http://securityreason.com/securityalert/7941
Pandora FMS less= 3.1 OS Command Injection
http://securityreason.com/securityalert/7940
Pandora FMS less= 3.1 SQL Injection
http://securityreason.com/securityalert/7939
Pandora FMS less= 3.1 Authentication Bypass
http://securityreason.com/securityalert/7938
AWStats 6.95 and Older Remote Command Execution When Installed on Windows Apache Tomcat
http://securityreason.com/securityalert/7937
Multiple vulnerabilities in BugTracker.Net
http://securityreason.com/securityalert/7936
Winamp NSV Table of Contents Parsing Integer Overflow
http://securityreason.com/securityalert/7935
BugTracker.Net 3.4.4 Multiple Vulnerabilities
http://securityreason.com/securityalert/7934
MIT krb5 Security Advisory - Multiple checksum handling vulnerabilities
http://securityreason.com/securityalert/7933
Jurpopage SQL Injection Vulnerability
http://securityreason.com/securityalert/7932
SQL injections in FreeTicket
http://securityreason.com/securityalert/7931
Joomla JE Ajax Event Calendar SQL Injection
http://securityreason.com/securityalert/7930
Site2Nite Big Truck Broker "txtSiteId" SQL Injection Vulnerability
http://securityreason.com/securityalert/7929
Multiple XSS in MCG GuestBook
http://securityreason.com/securityalert/7928
Web Wiz NewsPad Remote Database Disclosure Vulnerability
http://securityreason.com/securityalert/7927
Adobe Illustrator 'aires.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42715
OpenSSL TLS Server Extension Parsing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44884
Linux Kernel 'video4linux' IOCTL and IP Multicast 'getsockopt' Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/43239
Linux Kernel EXT4 Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/42477
Linux Kernel Ptrace (CVE-2010-3301) Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/43355
VMware Movie Decoder VMnc Codec (CVE-2010-4294) Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45169
D-Link DIR-300 WiFi Key Security Bypass Vulnerability
http://www.securityfocus.com/bid/45038
SAP AG SAPgui KWEdit ActiveX Control Insecure Method Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/34524
D-Link DIR-300 Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/44743
ProFTPD Backdoor Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/45150
DotNetNuke 'InstallWizard.aspx' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45180
Register Plus Redux 'wp-login.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45179
iFTPStorage FTP Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/45178
Xfig '.fig' File Color Definition Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45177
Alguest Multiple Cookie Authentication Bypass Vulnerabilities
http://www.securityfocus.com/bid/45175
Easy Travel Portal 'travelbycountry.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/45173
Palm WebOS Contacts Application HTML Injection Vulnerability
http://www.securityfocus.com/bid/45172
Multiple VMware products 'vmware-mount' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45168
Multiple VMware products 'vmware-mount' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45167
PHP-Nuke Search Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/45165
0 件のコメント:
コメントを投稿