MasterCardサイトにDoS攻撃、WikiLeaks支持グループの報復か
http://itpro.nikkeibp.co.jp/article/NEWS/20101209/355040/?ST=security
JVNVU#387412 Apple Quicktime における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU387412/index.html
JVNVU#309873 Apple Quicktime の JPEG2000 の処理にバッファオーバフローの脆弱性
http://jvn.jp/cert/JVNVU309873/index.html
JVNDB-2010-002470 Adobe Reader および Acrobat の EScript.api プラグインにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002470.html
JVNDB-2010-002469 Apple Mac OS X の Dovecot における電子メールを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002469.html
JVNDB-2010-002468 EUR Form Client における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002468.html
JVNDB-2010-002467 Interstage Application Server における情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002467.html
JVNDB-2010-002466 Apple Mac OS X の Apple Type Services における整数符号エラーの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002466.html
JVNDB-2010-002465 IBM WebSphere Application Server の Web Services Security コンポーネントにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002465.html
JVNDB-2010-002464 IBM WebSphere Application Server の Integrated Solution コンソールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002464.html
Ubuntu Security Update Fixes OpenSSL Security Bypass Vulnerabilities
http://www.vupen.com/english/advisories/2010/3152
Ubuntu Security Update Fixes Quagga Buffer Overflow and DoS Issues
http://www.vupen.com/english/advisories/2010/3151
Ubuntu Security Update Fixes ImageMagick Untrusted Search Path
http://www.vupen.com/english/advisories/2010/3150
Ubuntu Security Update Fixes Python Paste Cross Site Scripting
http://www.vupen.com/english/advisories/2010/3149
+ RHSA-2010:0950-1: Moderate: apr-util security update
http://rhn.redhat.com/errata/RHSA-2010-0950.html
+ CVE-2010-2528 CVE-2010-1624 Denial of Service Vulnerabilities in Pidgin
http://blogs.sun.com/security/entry/cve_2010_2528_cve_2010
? Microsoft Internet Explorer CSS Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45246
- Internet Explorer 8 CSS Parser Denial of Service
http://www.exploit-db.com/exploits/15708/
- Linux Kernel ETHTOOL_GRXCLSRLALL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44427
- PHP 'php_filter_validate_email()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/43926
MySQL Connector/J 5.1.14 Has Been Released!
http://dev.mysql.com/doc/refman/5.1/en/cj-news.html
MySQL Workbench 5.2.31 GA available
http://dev.mysql.com/downloads/workbench/
[security bulletin] HPSBUX02611 SSRT090201 rev.1 - HP-UX Running Threaded Processes, Remote
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00050.html
[security bulletin] HPSBMI02614 SSRT100344 rev.1 - HP webOS Contacts Application, Remote Executi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00040.html
Secunia Research: QuickTime Track Dimensions Buffer Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00041.html
http://www.evuln.com/ : HTTP Response Splitting in WWWThreads (php version)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00039.html
[USN-1029-1] OpenSSL vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00051.html
iDefense Security Advisory 12.07.10: Apple QuickTime PICT Memory Corruption Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00049.html
Linux kernel exploit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00045.html
[USN-1028-1] ImageMagick vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00044.html
[USN-1027-1] Quagga vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00043.html
[USN-1026-1] Python Paste vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00042.html
[ MDVSA-2010:249 ] clamav
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00038.html
Multiple XSS in Solarwinds Orion NPM 10.1
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00037.html
Kryptos Logic Advisory: Winamp 5.6 Arbitrary Code Execution in MIDI Parser
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00036.html
[ MDVSA-2010:248 ] openssl
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00035.html
XSS vulnerability in Zimplit CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00032.html
XSS vulnerability in Zimplit CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00030.html
LFI in Exponent CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00034.html
LFI in Exponent CMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-12/msg00033.html
「ウィキリークス」をかたる悪質メール出現、目的はウイルス感染
リンクをクリックすると偽サイトへ、パソコンを乗っ取られる恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20101209/355034/?ST=security
JVN#78536512 Movable Type における SQL インジェクションの脆弱性
http://jvn.jp/jp/JVN78536512/index.html
JVNVU#387412 Apple Quicktime における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU387412/index.html
eVuln : [EV0155] XSS vulnerability in WWWThreads (php version)
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34422
Red Hat : [RHSA-2010:0950-01] Moderate: apr-util security update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34418
Slackware Linux : [SSA:2010-340-01] openssl: Security Update
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34417
Ubuntu Security Notice : [USN-1029-1] OpenSSL vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34416
Apple : [APPLE-SA-2010-12-07-1] QuickTime 7.6.9
http://www.criticalwatch.com/support/security-advisories.aspx?AID=34421
Interesting DDOS activity around Wikileaks
http://isc.sans.edu/diary.html?storyid=10045
Vulnerability Note VU#309873: Apple QuickTime JPEG2000 heap buffer overflow
http://www.kb.cert.org/vuls/id/309873
Pulse CMS Basic Local File Inclusion Vulnerability
http://securityreason.com/securityalert/7952
bsd_perimeter pfsense 2 xss issues
http://securityreason.com/securityalert/7951
systemtap 1.3 Local Root Privilege Escalation Vulnerability
http://securityreason.com/securityalert/7950
OpenSSL J-PAKE Validation Error Lets Remote Users Validate Without Shared Secret Key
http://securityreason.com/securityalert/7949
Movable Type Input Validation Flaws Permit Cross-Site Scripting Attacks and Lets Remote Users Inject SQL Commands
http://securitytracker.com/alerts/2010/Dec/1024833.html
GNU Glibc Stack Exhaustion Flaw in regcomp() Lets Remote Users Deny Service
http://securitytracker.com/alerts/2010/Dec/1024832.html
REMOTE: Freefloat FTP Server Buffer Overflow Exploit (Meta)
http://www.exploit-db.com/exploits/15709/
LOCAL: Internet Explorer 8 CSS Parser Denial of Service
http://www.exploit-db.com/exploits/15708/
Sun Solaris Security Update Fixes Pidgin Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2010/3148
WordPress Remote Publishing Interface Posts Manipulation Vulnerability
http://www.vupen.com/english/advisories/2010/3147
Epson Printers Driver Installer Access Permissions Manipulation
http://www.vupen.com/english/advisories/2010/3146
Movable Type SQL Injection and Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2010/3145
GNU C Library "regcomp()" Stack Exhaustion Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3144
Apple QuickTime Code Execution and Information Disclosure
http://www.vupen.com/english/advisories/2010/3143
Redhat Security Update Fixes Apr-util Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2010/3142
Fedora Security Update Fixes Bareftp Library Loading Vulnerability
http://www.vupen.com/english/advisories/2010/3141
Fedora Security Update Fixes Dnsperf Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2010/3140
Fedora Security Update Fixes Bind-dyndb-ldap Security Bypass and DoS
http://www.vupen.com/english/advisories/2010/3139
Fedora Security Update Fixes BIND Security Bypass and DoS Issues
http://www.vupen.com/english/advisories/2010/3138
Fedora Security Update Fixes ClamAV Memory Corruption Vulnerabilities
http://www.vupen.com/english/advisories/2010/3137
Fedora Security Update Fixes Multiple Local Kernel Vulnerabilities
http://www.vupen.com/english/advisories/2010/3136
Mandriva Security Update Fixes ClamAV Memory Corruption Vulnerabilities
http://www.vupen.com/english/advisories/2010/3135
Mandriva Security Update Fixes OpenSSL Security Bypass Vulnerability
http://www.vupen.com/english/advisories/2010/3134
GNU C Library "regcomp()" Stack Overflow Denial of Service
http://secunia.com/advisories/42547/
Exponent CMS "module" Local File Inclusion Vulnerabilities
http://secunia.com/advisories/42552/
WordPress Safe Search Plugin "v1" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42544/
WordPress Processing Embed Plugin "pluginurl" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42545/
Altova Multiple Products Insecure Library Loading Vulnerability
http://secunia.com/advisories/42548/
Injader Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/42541/
Movable Type Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/42539/
Epson LP-S7100 / LP-S9000 Drivers Insecure Default Permissions
http://secunia.com/advisories/42540/
WWWThreads "act" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/42520/
Avaya CMS Solaris Network File System "nfs_portmon" Tunable Vulnerability
http://secunia.com/advisories/42550/
Ubuntu update for openssl
http://secunia.com/advisories/42493/
Babylon Insecure Library Loading Vulnerability
http://secunia.com/advisories/42489/
Fedora update for clamav
http://secunia.com/advisories/42523/
Fedora update for kernel
http://secunia.com/advisories/42513/
Red Hat update for apr-util
http://secunia.com/advisories/42537/
Ubuntu update for paste
http://secunia.com/advisories/42500/
Ubuntu update for quagga
http://secunia.com/advisories/42498/
Ubuntu update for imagemagick
http://secunia.com/advisories/42497/
Fedora update for bind
http://secunia.com/advisories/42522/
Fedora update for bareftp
http://secunia.com/advisories/42538/
bareFTP LD_LIBRARY_PATH Security Issue
http://secunia.com/advisories/42521/
ISC BIND 'allow-query' Zone ACL Security Bypass Vulnerability
http://www.securityfocus.com/bid/45134
ISC BIND Key Algorithm Rollover Security Vulnerability
http://www.securityfocus.com/bid/45137
ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45133
phpMyAdmin Database Search Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45100
MIT Kerberos 5 1.7.x Checksum Multiple Remote Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/45116
MIT Kerberos Checksum AD-SIGNEDPATH and AD-KDC-ISSUED Security Bypass Vulnerability
http://www.securityfocus.com/bid/45117
MIT Kerberos 5 1.3.x Checksum Multiple Remote Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/45118
Freefloat FTP Server 'USER' Command Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45181
JBoss Enterprise Application Platform Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/45148
Linux Kernel CVE-2010-4073 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45073
Linux Kernel TIOCGICOUNT CVE-2010-4074 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45074
Linux Kernel 'hdsp.c' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45063
Linux Kernel 'FBIOGET_VBLANK' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45062
Linux Kernel 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45058
Linux Kernel TIOCGICOUNT CVE-2010-4077 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45059
Linux Kernel 'VIAFB_GET_INFO' IOCTL Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43817
Linux Kernel 'drivers/scsi/gdth.c' IOCTL Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44648
Linux Kernel 'perf_event_mmap()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/44861
Linux Kernel 'net/core/filter.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44758
Linux Kernel 'ipc/sem.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43809
Linux Kernel TIOCGICOUNT 'serial_core.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43806
Linux Kernel 'inet_diag.c' Netlink Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/44665
Linux Kernel 'hmid_ds structure' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45054
Linux Kernel 915 GEM IOCTL Local Memory Overwrite Vulnerability
http://www.securityfocus.com/bid/44067
Linux Kernel Multiple 'net/' Subsystems Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/44630
Linux Kernel ALSA 'sound/core/control.c' Local Integer Overflow Vulnerability
http://www.securityfocus.com/bid/43787
Linux Kernel CAN Protocol Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44661
Linux Kernel ETHTOOL_GRXCLSRLALL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44427
Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/44301
Linux Kernel 'sctp_outq_flush()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43480
Linux Kernel SCTP HMAC Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/43701
PHP 'setSymbol()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/45235
Exponent CMS Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/44095
Apple QuickTime JP2 Image Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44798
Apple QuickTime Track Header (tkhd) Atoms Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45242
OpenJDK 'IcedTea' plugin (CVE-2010-3860) Unspecified Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45114
EncFS Flawed CBC/CFB Cryptography Implementation Weaknesses
http://www.securityfocus.com/bid/42779
Apple QuickTime (CVE-2010-3802) QTVR File Memory Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/45239
Pidgin 'X-Status' Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/41881
Libpurple MSN Protocol Custom Emoticons Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/40138
CUPS Server 'cups/ipp.c' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44530
Xpdf 'Gfx::getPos()' (CVE-2010-3702) Unitialized Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/43845
CUPS Web Interface Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40897
CUPS 'texttops' Filter NULL-pointer Dereference Vulnerability
http://www.securityfocus.com/bid/40943
Linux Kernel Local Address Limit Override Security Weakness
http://www.securityfocus.com/bid/45159
MIT Kerberos 5 Key Distribution Center 'KrbFastReq' Forgery Security Bypass Vulnerability
http://www.securityfocus.com/bid/45122
HP Insight Diagnostics Online Edition Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/42888
Tomboy 'tomboy-panel' LD_LIBRARY_PATH Environment Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44750
PHP 'php_filter_validate_email()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/43926
libxml2 'XPATH' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44779
PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability
http://www.securityfocus.com/bid/44605
Adobe Reader 9.4 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44638
Adobe Acrobat, Reader, and Flash CVE-2010-3654 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44504
Babylon 'besextension.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42889
OpenSSL Ciphersuite Downgrade Security Weakness
http://www.securityfocus.com/bid/45164
Apache APR-util 'apr_brigade_split_line' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43673
Drupal Embedded Media Field/Media: Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities
http://www.securityfocus.com/bid/45276
Injader 'login.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/45268
WordPress Safe Search Plugin 'v1' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45267
WordPress Processing Embed Plugin 'pluginurl' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45266
WWWThreads 'reputation.php' HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/45265
Epson LP-S7100 / LP-S9000 Insecure Default Directory Permissions Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45258
Movable Type (CVE-2010-3922) SQL Injection Vulnerability
http://www.securityfocus.com/bid/45253
Movable Type (CVE-2010-3921) Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45250
Altova MapForce 2011 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/45248
HP webOS Contacts Application vCard Remote Script Code Injection Vulnerability
http://www.securityfocus.com/bid/45247
Microsoft Internet Explorer CSS Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45246
0 件のコメント:
コメントを投稿