+ Linux kernel 2.6.38 released
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
* Vulnerability Note VU#943220: MIT KDC vulnerable to double-free when PKINIT enabled
http://www.kb.cert.org/vuls/id/943220
Google Chrome 10.0.648.134 released
http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html
Miramar (Thunderbird 3.3) Alpha 3 available for testing
https://developer.mozilla.org/devnews/index.php/2011/03/15/miramar-thunderbird-3-3-alpha-3-available-for-testing/
http://www.mozillamessaging.com/en-US/thunderbird/3.3a3/releasenotes/
Sysstat 10.0.0 released (stable version)
http://sebastien.godard.pagesperso-orange.fr/
Apache Tomcat Security Team : Apache Tomcat security constraint bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35314
Debian : [DSA-2191-1] proftpd-dfsg: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35299
Hewlett-Packard : HP Client Automation Enterprise (HPCA) Running on Windows, Remote Execution of Arbitrary Code
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35306
ProCheckUp : [PR10-08] Various XSS and information disclosure flaws within Adobe ColdFusion
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35311
DcLabs : [DCA-2011-0004] - Trend WebReputation API Bypass
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35307
Digital Security Research Group : [DSECRG-11-009] SAP NetWaver XI SOAP Adapter - XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35308
Digital Security Research Group : [DSECRG-11-010] SAP NetWeaver logon.html - XSS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35309
Ubuntu Security Notice : [USN-1085-2] tiff regression
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35312
Ubuntu Security Notice : [USN-1079-2] OpenJDK 6 vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35313
VMware : [VMSA-2011-0005] VMware vCenter Orchestrator remote code execution vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35310
「うがい薬を絶対に飲まないで」、東日本大震災に関するネットのデマに注意
「健康への影響を低減する」との偽情報が流布、有毒物質が含まれる恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20110315/358338/?ST=security
How to uninstall Internet Explorer 9 if you need to revert to IE 8.
http://isc.sans.edu/diary.html?storyid=10555
Nucleus CMS "user" Script Insertion Vulnerability
http://secunia.com/advisories/43727/
Foxit Phantom "createDataObject()" Arbitrary File Creation Vulnerability
http://secunia.com/advisories/43625/
Foxit Reader "createDataObject()" Arbitrary File Creation Vulnerability
http://secunia.com/advisories/43776/
LotusCMS Multiple Vulnerabilities
http://secunia.com/advisories/43682/
TYPO3 Direct Mail Extension Two Vulnerabilities
http://secunia.com/advisories/43715/
Debian update for proftpd-dfsg
http://secunia.com/advisories/43726/
PECL phar Extension Format String Vulnerabilities
http://secunia.com/advisories/43744/
Google Chrome Flash Player Unspecified Code Execution Vulnerability
http://secunia.com/advisories/43757/
SSWebPlus CMS "idx" SQL Injection Vulnerability
http://secunia.com/advisories/43761/
BlackBerry Device Software WebKit Integer Overflow Vulnerability
http://secunia.com/advisories/43735/
ABBS Electronic Flash Cards File Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/43755/
Adobe Reader/Acrobat authplay.dll Unspecified Code Execution Vulnerability
http://secunia.com/advisories/43772/
feedparser Multiple Vulnerabilities
http://secunia.com/advisories/43730/
HP Client Automation Enterprise Unspecified Code Execution Vulnerability
http://secunia.com/advisories/43766/
Adobe Flash Player Unspecified Code Execution Vulnerability
http://secunia.com/advisories/43751/
Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit
http://securityreason.com/securityalert/8129
Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
http://securityreason.com/securityalert/8128
VMware ESX/ESXi SLPD ESX Multiple Vulns
http://securityreason.com/securityalert/8127
Oracle WebLogic Session Fixation Via HTTP POST
http://securityreason.com/securityalert/8126
Novell iPrint Client ActiveX Control <= 5.52 Buffer Overflow
http://securityreason.com/securityalert/8125
FreeBSD <<= 6.4 Netgraph Local Privledge Escalation Exploit
http://securityreason.com/securityalert/8124
Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
http://securityreason.com/securityalert/8123
Alcatel-Lucent OmniVista 4760 NMS Directory Traversal Vulnerability
http://securityreason.com/securityalert/8122
Vulnerability Note VU#943220 MIT KDC vulnerable to double-free when PKINIT enabled
http://www.kb.cert.org/vuls/id/943220
Vulnerability Note VU#192052 Adobe Flash Player contains unspecified code execution vulnerability
http://www.kb.cert.org/vuls/id/192052
MIT Kerberos KDC Double Free in perpare_error_as() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025216
Apache Tomcat May Ignore @ServletSecurity Annotation Protections
http://www.securitytracker.com/id/1025215
RSA Access Manager Flaw Lets Remote Users Access Protected Resources
http://www.securitytracker.com/id/1025214
EMC Avamar Discloses Potentially Sensitive Customer Information to Remote Users
http://www.securitytracker.com/id/1025213
Blackberry Device Software Bug in WebKit Lets Remote Users Execute Code
http://www.securitytracker.com/id/1025212
Adobe Reader and Acrobat Flaw in 'authplay.dll' Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025211
Adobe Flash Player Player Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025210
Struts Input Validation Flaw Lets Remote Users Modify Server-Side Context Objects
http://www.securitytracker.com/id/1025208
DoS/PoC: Opera 11.01 NULL PTR Derefernce
http://www.exploit-db.com/exploits/16979/
JBoss Enterprise Web Server Tomcat Denial of Service Vulnerabilities
http://www.vupen.com/english/advisories/2011/0666
Redhat Security Update Fixes OpenLDAP Unauthorized Access and DoS
http://www.vupen.com/english/advisories/2011/0665
Redhat Security Update Fixes QEMU VNC Passwords Security Bypass
http://www.vupen.com/english/advisories/2011/0664
Redhat Security Update Fixes Kernel Privilege Escalation and DoS
http://www.vupen.com/english/advisories/2011/0663
Ubuntu Security Update Fixes Libvpx Memory Corruption Vulnerability
http://www.vupen.com/english/advisories/2011/0662
Slackware Security Update Fixes Pidgin Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0661
Slackware Security Update Fixes Subversion Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0660
Debian Security Update Fixes ProFTPD Multiple Remote Vulnerabilities
http://www.vupen.com/english/advisories/2011/0659
Debian Security Update Fixes WordPress Information Disclosure Vulnerabilities
http://www.vupen.com/english/advisories/2011/0658
Debian Security Update Fixes Chromium Code Execution Vulnerabilities
http://www.vupen.com/english/advisories/2011/0657
Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097
cgit 'convert_query_hexchar()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46756
MIT Kerberos KDC 'do_as_req.c' Double Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46881
Adobe ColdFusion (CVE-2011-0580) Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/46273
WebKit Style Handling Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46849
Google Chrome prior to 9.0.597.84 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46144
Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46388
Foxit Reader JavaScript API Arbitrary File Creation or Overwrite Vulnerability
http://www.securityfocus.com/bid/46763
Mozilla Firefox and SeaMonkey JavaScript Worker Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46663
Mozilla Firefox and Thunderbird JPEG Image Decoding Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46651
Mozilla Firefox SeaMonkey and Thunderbird CVE-2011-0053 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/46645
Mozilla Firefox/SeaMonkey Text Run Construction Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46660
Mozilla Firefox and SeaMonkey JavaScript Non-Local Variables Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46648
Mozilla Firefox and SeaMonkey JavaScript String Values Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46650
Mozilla Firefox CVE-2011-0062 Multiple Unspecified Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/46647
Mozilla Firefox/SeaMonkey Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/46652
Mozilla Firefox/SeaMonkey 'eval()' Function Security Bypass Vulnerability
http://www.securityfocus.com/bid/46643
Mozilla Firefox and SeaMonkey 'JSON.stringify()' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46661
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2010-3777 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/45348
Oracle Java Floating-Point Value Denial of Service Vulnerability
http://www.securityfocus.com/bid/46091
LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/41480
LibTIFF Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/41088
LibTIFF Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/41295
LibTIFF 'tiff' File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/43366
libTIFF TIFF Image Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46657
LibTIFF Out-Of-Order Tag Type Mismatch Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/41475
Ruby on Rails 'X-Forwarded-For' HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/46423
Oracle Java SE and Java for Business CVE-2010-4448 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46398
Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46406
Oracle Java SE and Java for Business CVE-2010-4469 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46400
Oracle Java SE and Java for Business CVE-2010-4471 Remote Security Vulnerability
http://www.securityfocus.com/bid/46399
Oracle Java SE and Java for Business CVE-2010-4450 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46397
Oracle Java SE and Java for Business CVE-2010-4472 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46404
OpenJDK 'IcedTea' Multiple Signers Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/46439
Oracle Java SE and Java for Business CVE-2010-4470 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46387
SugarCRM Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46885
If-CMS 'newlang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/46884
TYPO3 Direct Mail Extension Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/46882
nostromo nhttpd Directory Traversal Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/46880
EMC Avamar (CVE-2011-0442) Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46879
gksu 'gksu-server' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/46876
RSA Access Manager Server CVE-2011-0322 Security Bypass Vulnerability
http://www.securityfocus.com/bid/46875
EMC Avamar (CVE-2011-0648) Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/46874
LotusCMS Multiple Cross Site Scripting and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/46873
Opera Web Browser Window Null Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/46872
SSWebPlus 'idx' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/46870
Checkview for Apple iPhone/iPod touch Directory Traversal Vulnerability
http://www.securityfocus.com/bid/46869
VLC Media Player '.ape' File Denial of Service Vulnerability
http://www.securityfocus.com/bid/46868
0 件のコメント:
コメントを投稿