+ Linux kernel 2.6.38 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
UPDATE: 2501696: MHTML の脆弱性により、情報漏えいが起こる
http://www.microsoft.com/japan/technet/security/advisory/2501696.mspx
トレンドマイクロ オンラインストレージ SafeSync
サーバにアクセスできない現象について
http://www.trendmicro.co.jp/support/news.asp?id=1548
「うがい薬を絶対に飲まないで」、東日本大震災に関するネットのデマに注意
「健康への影響を低減する」との偽情報が流布、有毒物質が含まれる恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20110315/358338/?ST=security
Limiting Exploit Capabilities by Using Windows Integrity Levels
http://isc.sans.edu/diary.html?storyid=10531
Internet Explorer 9 is out, includes new security features.
http://isc.sans.edu/diary.html?storyid=10552
Microsoft Windows Shell Graphics biCompression Buffer Overflow Vulnerability
http://www.securiteam.com/windowsntfocus/5DP36153PY.html
ZOHO ManageEngine ADSelfService Plus Multiple Vulnerabilities
http://www.securiteam.com/securitynews/5EP37153PK.html
Symantec Intel Handler Service Denial Of Service Vulnerability
http://www.securiteam.com/windowsntfocus/5GP39153PE.html
Novell GroupWise TZID Variable Buffer Overflow Vulnerability
http://www.securiteam.com/windowsntfocus/5PP3B153PS.html
Cisco Content Services Gateway Multiple vulnerabilities
http://www.securiteam.com/securitynews/5QP3C153PW.html
Cisco WebEx .atp and .wrf Overflow Vulnerabilities
http://www.securiteam.com/securitynews/5OP3A153PQ.html
HP Power Manager running on Linux and Windows Cross Site Request Forgery Vulnerability
http://www.securiteam.com/securitynews/5FP38153PE.html
Check Point Endpoint Security Flaw in SNX Service Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1025207
Microsoft Announces Global Availability of Internet Explorer 9
http://www.microsoft.com/Presspass/press/2011/mar11/03-14IE9RTWPR.mspx
Adobe Acrobat and Reader "authplay.dll" Code Execution Vulnerability
http://www.vupen.com/english/advisories/2011/0656
Adobe Flash Player Content Processing Code Execution Vulnerability
http://www.vupen.com/english/advisories/2011/0655
BlackBerry Smartphones Browser WebKit Style Handling Memory Corruption
http://www.vupen.com/english/advisories/2011/0654
IBM Tivoli Application Dependency Discovery Manager Java Denial of Service
http://www.vupen.com/english/advisories/2011/0653
Check Point Products SNX Service Local Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2011/0652
HP Client Automation (HPCA) Remote Code Eeecution Vulnerability
http://www.vupen.com/english/advisories/2011/0651
SAP Crystal Reports Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2011/0650
SAP NetWeaver Multiple Parameter Cross Site Scripting Vulnerabilities
http://www.vupen.com/english/advisories/2011/0649
SAP GUI File Processing Insecure Library Loading Remote Code Execution
http://www.vupen.com/english/advisories/2011/0648
VMware vCenter Orchestrator Struts Remote Code Execution Vulnerability
http://www.vupen.com/english/advisories/2011/0647
Oracle Sun Solaris Flash Player Multiple Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2011/0646
Oracle Java SE and Java for Business CVE-2010-4448 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46398
Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46406
Oracle Java SE and Java for Business CVE-2010-4469 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46400
Oracle Java SE and Java for Business CVE-2010-4471 Remote Security Vulnerability
http://www.securityfocus.com/bid/46399
Oracle Java SE and Java for Business CVE-2010-4450 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46397
Oracle Java Floating-Point Value Denial of Service Vulnerability
http://www.securityfocus.com/bid/46091
Oracle Java SE and Java for Business CVE-2010-4472 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46404
OpenJDK 'IcedTea' Multiple Signers Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/46439
Oracle Java SE and Java for Business CVE-2010-4470 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46387
+ Linux kernel 2.6.37.4, 2.6.32.33 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37.4
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.33
+ Linux Kernel TPM Information Disclosure Weakness
http://secunia.com/advisories/43576/
http://www.securityfocus.com/bid/46866
+ OpenLDAP modrdn Request Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1025191
+ PHP 'phar/phar_object.c' Format String Vulnerability
http://www.securityfocus.com/bid/46854
+ PHP 'substr_replace()' Use After Free Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46843
- Microsoft Internet Explorer Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/46821
Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
http://www.adobe.com/support/security/advisories/apsa11-01.html
HPSBMA02644 SSRT100284 rev.1 - HP Client Automation Enterprise (HPCA) Running on Windows, Remote Execution of Arbitrary Code
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02750690
Devart Lightweight Database Drivers Speed Up Working with PostgreSQL!
http://www.postgresql.org/about/news.1299
VMSA-2011-0005 VMware vCenter Orchestrator remote code execution vulnerability
http://www.vmware.com/security/advisories/VMSA-2011-0005.html
YGN Ethical Hacker Group : Joomla! - Cross Site Scripting Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35294
YGN Ethical Hacker Group : Joomla! - SQL Injection Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35295
Independent Researcher : bbPress - Cross Site Scripting Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35298
Debian : [DSA-2190-1] wordpress - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35293
Independent Researcher : Trixbox CE - undocumented Web Admin Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35296
Independent Researcher : CMS WebManager-Pro - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35297
Ubuntu Security Notice : [USN-1087-1] libvpx - Denial-Of-Service Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35292
Cosmoshop Multiple Vulnerabilities
http://secunia.com/advisories/43680/
Constructr CMS Cross-Site Scripting And SQL Injection Vulnerabilities
http://secunia.com/advisories/43743/
SAP GUI Insecure Library Loading Vulnerability
http://secunia.com/advisories/43707/
SAP NetWeaver Cross-Site Scripting and Script Insertion Vulnerabilities
http://secunia.com/advisories/43737/
SAP Crystal Reports Server Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/43723/
SUSE update for MozillaFirefox and mozilla-xulrunner
http://secunia.com/advisories/43712/
SUSE aaa_base "/etc/init.d/boot.localfs" Security Issue
http://secunia.com/advisories/43741/
SUSE update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey
http://secunia.com/advisories/43746/
Linux Kernel TPM Information Disclosure Weakness
http://secunia.com/advisories/43576/
Fedora update for clamav
http://secunia.com/advisories/43752/
bbPress "re" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/43736/
Qualitynet CMS "id" SQL Injection Vulnerability
http://secunia.com/advisories/43754/
Fedora update for wireshark
http://secunia.com/advisories/43759/
Fedora update for pidgin
http://secunia.com/advisories/43721/
Fedora update for libxml2
http://secunia.com/advisories/43753/
Ibid Two Information Disclosure Weaknesses
http://secunia.com/advisories/43720/
Ubuntu update for libvpx
http://secunia.com/advisories/43728/
Debian update for wordpress
http://secunia.com/advisories/43729/
Unik Scripts Cover Vision "id" SQL Injection Vulnerability
http://secunia.com/advisories/43719/
SRWare Iron Multiple Vulnerabilities
http://secunia.com/advisories/43745/
ABBS Audio Media Player Playlist Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/43724/
Google Chrome Style Handling Memory Corruption Vulnerability
http://secunia.com/advisories/43748/
Oracle Solaris Adobe Flash Player Multiple Vulnerabilities
http://secunia.com/advisories/43747/
Tsunami in Japan and self modifying RogueAV code
http://isc.sans.edu/diary.html?storyid=10543
The Sad Reality of Spam/Phishing Attempts
http://isc.sans.edu/diary.html?storyid=10546
Adobe Flash 0-day being used in targeted attacks
http://isc.sans.edu/diary.html?storyid=10549
SAP NetWeaver Input Validation Hole in SOAP Adapter Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1025206
HP Client Automation Enterprise Unspecified Configuration Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025205
QEMU Password Option Error Lets Remote Users Bypass Authentication
http://www.securitytracker.com/id/1025199
OpenLDAP modrdn Request Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1025191
OpenLDAP back-ndb Lets Remote Users Authenticate Without a Valid Password
http://www.securitytracker.com/id/1025190
OpenLDAP Forwarding Error May Let Remote Users Bypass Authentication for External Applications
http://www.securitytracker.com/id/1025188
REMOTE: Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
http://www.exploit-db.com/exploits/16974
REMOTE: checkview v1.1 for iPhone / iPod Touch Directory Traversal
http://www.exploit-db.com/exploits/16972
REMOTE: Kolibri <= v2.0 HTTP Server HEAD Buffer Overflow
http://www.exploit-db.com/exploits/16970
LOCAL: ABBS Electronic Flash Cards 2.1 .fcd Buffer Overflow Exploit
http://www.exploit-db.com/exploits/16977
LOCAL: ABBS Audio Media Player 3.0 .lst Buffer Overflow Exploit (SEH)
http://www.exploit-db.com/exploits/16976
LOCAL: ABBS Audio Media Player Buffer Overflow Exploit (M3U/LST)
http://www.exploit-db.com/exploits/16971
DoS/PoC: Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit
http://www.exploit-db.com/exploits/16973
XWork 'ParameterInterceptor' Class OGNL (CVE-2010-1870) Security Bypass Vulnerability
http://www.securityfocus.com/bid/41592
XWork 'ParameterInterceptor' Class OGNL Security Bypass Vulnerability
http://www.securityfocus.com/bid/32101
Apache Struts Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/34686
Struts Multiple Directory Traversal Vulnerabilities
http://www.securityfocus.com/bid/32104
ABBS Audio Media Player Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/46847
ProFTPD Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/44562
ProFTPD 'mod_sql' Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44933
WebKit 'removeChild()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/40642
SAP Netweaver Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/46853
Symantec Intel Alert Management System Message Handling Multiple Code Execution Vulnerabilities
http://www.securityfocus.com/bid/45935
Microsoft Windows Media Player/Windows Media Center '.dvr-ms' File Code Execution Vulnerability
http://www.securityfocus.com/bid/46680
IBM Informix Dynamic Server Oninit Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46230
Microsoft Internet Explorer Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/46821
Google Chrome prior to 10.0.648.127 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46785
Linux Kernel TIOCGICOUNT CVE-2010-4077 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45059
Accellion File Transfer Appliance Version Prior to FTA 8.0.562 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/46203
Blackberry Browser Multiple Unspecified Information Disclosure and Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/46833
Mail-Box Perl Module Unspecified Security Vulnerability
http://www.securityfocus.com/bid/46779
vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46617
Libpurple Yahoo Protocol 'YMSG' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/46837
Avahi 'avahi-core/socket.c' NULL UDP Packet Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46446
Avahi 'avahi-core/socket.c' Zero Size Packet Denial Of Service Vulnerability
http://www.securityfocus.com/bid/41075
libxml2 'XPATH' Expressions Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45617
ClamAV 'vba_read_project_strings()' Double Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46470
ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40317
libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46658
python-feedparser Denial of Service and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/46867
Linux Kernel 'drivers/char/tpm/tpm.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46866
SmarterTools SmarterMail 'frmPopupContactsList.aspx' HTML Injection Vulnerability
http://www.securityfocus.com/bid/46865
Trend Micro WebReputation API URI Security Bypass Vulnerability
http://www.securityfocus.com/bid/46864
ABBS Electronic Flash Cards Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46863
HP Client Automation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46862
BoutikOne Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/46861
Adobe Flash Player CVE-2011-0609 'SWF' File Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46860
CoolZip '.zip' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46858
SAP GUI DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/46857
SAP Crystal Reports Server Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/46855
PHP 'phar/phar_object.c' Format String Vulnerability
http://www.securityfocus.com/bid/46854
Ibid Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/46850
Zend Framework 'Zend_Tool_Project_Context_Zf_ViewScriptFile' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/46848
bbPress 'bb-login.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/46845
Joomla! Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/46846
Cover Vision 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/46844
PHP 'substr_replace()' Use After Free Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46843
0 件のコメント:
コメントを投稿