2011年3月17日木曜日

17日 木曜日、友引

- Multiple Vulnerabilities in Git Version Control System
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_git_version

- Multiple Vulnerabilities in Mozilla Firefox http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox - CVE-2010-0540 Cross-Site Request Forgery (CSRF) vulnerability in CUPS
http://blogs.sun.com/security/entry/cross_site_request_forgery_csrf

- Multiple Vulnerabilities in CUPS Printing System
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_cups_printing

- CVE-2010-2941 Resource Management Errors vulnerability in CUPS Printing System
http://blogs.sun.com/security/entry/cve_2010_2941_resource_management

- CVE-2010-1748 Buffer Overflow vulnerability in CUPS Printing System
http://blogs.sun.com/security/entry/buffer_overflow_vulnerability_in_cups

Twitterが常時HTTPS接続を呼びかけ、ユーザー設定で対応
http://itpro.nikkeibp.co.jp/article/NEWS/20110317/358429/?ST=security

JVNDB-2011-001243 Kerberos の do_standalone 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001243.html

JVNDB-2011-001242 Adobe ColdFusion における Web セッションをハイジャックされる脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001242.html

JVNDB-2011-001241 Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001241.html

JVNDB-2011-001240 Adobe ColdFusion の administrator コンソールにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001240.html

JVNDB-2011-001239 Adobe ColdFusion における任意の HTTP ヘッダを挿入される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001239.html

JVNDB-2011-001238 Adobe ColdFusion の administrator コンソールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001238.html

JVNDB-2011-001237 Adobe Shockwave Player の Font Xtra.x32 モジュールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001237.html

Asterisk TCP/TLS Server Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id/1025224

Asterisk Manager Interface Bug Lets Remote Users Consume Excessive Resources
http://www.securitytracker.com/id/1025223

ember 'LD_LIBRARY_PATH' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44341




+ MySQL 5.5.10 released
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-10.html

RHSA-2011:0356-1: Important: krb5 security update
http://rhn.redhat.com/errata/RHSA-2011-0356.html

UPDATE: Microsoft Security Bulletin Summary for March 2011
http://www.microsoft.com/technet/security/bulletin/MS11-mar.mspx

UPDATE: MS11-015 - Critical: Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030)
http://www.microsoft.com/technet/security/bulletin/MS11-015.mspx

Postfix 2.8.2 stable release candidate 1 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.8.2-RC1.HISTORY

MySQL 5.5.11 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-11.html

Trend Micro Network VirusWall Enforcer 1500i / 3500i バージョン 3.1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1547

ウイルスバスター2010 プログラムアップデートのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1546

Debian : [DSA-2192-1] chromium-browser: Multiple vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35316

High-Tech Bridge SA : [HTB22887] XSS vulnerability in LotusCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35318

High-Tech Bridge SA : [HTB22886] XSRF (CSRF) in LotusCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35319

High-Tech Bridge SA : [HTB22885] XSS vulnerability in LotusCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35320

High-Tech Bridge SA : [HTB22884] XSS vulnerability in LotusCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35321

High-Tech Bridge SA : [HTB22883] XSS vulnerability in LotusCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35322

High-Tech Bridge SA : [HTB22882] Path disclosure in OXID eShop
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35323

High-Tech Bridge SA : [HTB22877] Path disclosure in xt:Commerce
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35324

SuSE : [SUSE-SA:2011:013] Mozilla Firefox
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35315

JVNVU#943220 MIT Kerberos 5 KDC に double free の脆弱性
http://jvn.jp/cert/JVNVU943220/index.html

JVNVU#192052 Adobe Flash に脆弱性
http://jvn.jp/cert/JVNVU192052/index.html

JVNDB-2011-001236 Adobe Shockwave Player における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001236.html

JVNDB-2011-001235 Adobe Shockwave Player の Font Xtra.x32 モジュールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001235.html

JVNDB-2011-001234 Adobe Shockwave Player の TextXtra.x32 モジュールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001234.html

JVNDB-2011-001233 Adobe Shockwave Player におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001233.html

JVNDB-2011-001232 Adobe Shockwave Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001232.html

JVNDB-2011-001231 Adobe Shockwave Player の Shockwave 3d Asset モジュールにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001231.html

JVNDB-2010-002267 複数の Oracle 製品の Networking コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002267.html

JVNDB-2010-002266 複数の Oracle 製品の JNDI コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002266.html

JVNDB-2010-002265 複数の Oracle 製品の Networking コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002265.html

JVNDB-2010-002264 複数の Oracle 製品の Networking コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002264.html

JVNDB-2010-002263 複数の Oracle 製品の Networking コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002263.html

JVNDB-2010-002262 複数の Oracle 製品の Swing コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002262.html

JVNDB-2010-002261 複数の Oracle 製品の Networking コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002261.html

JVNDB-2010-002260 複数の Oracle 製品の CORBA コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002260.html

JVNDB-2010-002258 複数の Oracle 製品の Java Web Start コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002258.html

JVNDB-2010-002256 複数の Oracle 製品の Swing コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002256.html

JVNDB-2010-002255 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002255.html

JVNDB-2010-002254 複数の Oracle 製品の Sound コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002254.html

JVNDB-2010-002251 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002251.html

JVNDB-2010-002250 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002250.html

JVNDB-2010-002248 複数の Oracle 製品の CORBA コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002248.html

JVNDB-2010-002247 複数の Oracle 製品の 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002247.html

JVNDB-2010-002246 複数の Oracle 製品の 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002246.html

JVNDB-2010-002245 複数の Oracle 製品の 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002245.html

JVNDB-2010-002244 複数の Oracle 製品の 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002244.html

JVNDB-2010-002243 複数の Oracle 製品の 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002243.html

JVNDB-2010-002242 複数の Oracle 製品の 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002242.html

JVNDB-2010-001325 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001325.html

JVNDB-2010-001322 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001322.html

JVNDB-2010-001320 複数の Oracle 製品の Java 2D コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001320.html

Analyzing HTTP Packet Captures
http://isc.sans.edu/diary.html?storyid=10558

EMC Avamar Unspecified Vulnerability
http://secunia.com/advisories/43749/

EMC Avamar Information Disclosure Weakness
http://secunia.com/advisories/43797/

SugarCRM Duplicate Accounts and Contacts Information Disclosure Weakness
http://secunia.com/advisories/43774/

Red Hat update for java-1.6.0-ibm
http://secunia.com/advisories/43657/

TIBCO tibbr Web Server Cross-Site Scripting Vulnerability
http://secunia.com/advisories/43765/

Ubuntu update for krb5
http://secunia.com/advisories/43700/

RSA Access Manager Server Security Bypass Vulnerability
http://secunia.com/advisories/43796/

util-linux mount RLIMIT_FSIZE Security Issue
http://secunia.com/advisories/43596/

Open Virtual Machine Tools RLIMIT_FSIZE Security Issue
http://secunia.com/advisories/43798/

OpenVZ update for kernel
http://secunia.com/advisories/43762/

b2evolution "p" Script Insertion Vulnerability
http://secunia.com/advisories/43725/

Red Hat update for krb5
http://secunia.com/advisories/43760/

Debian update for chromium-browser
http://secunia.com/advisories/43782/

Fedora update for cgit
http://secunia.com/advisories/43788/

Newscoop Comments Script Insertion Vulnerability
http://secunia.com/advisories/43764/

Fedora update for whatsup
http://secunia.com/advisories/43787/

VMware vCenter Server Orchestrator Multiple Vulnerabilities
http://secunia.com/advisories/43717/

Nostromo Directory Traversal Vulnerability
http://secunia.com/advisories/43775/

Kerberos KDC "prepare_error_as" Double-Free Vulnerability
http://secunia.com/advisories/43783/

SUSE update for build
http://secunia.com/advisories/43763/

REMOTE: HP OpenView Performance Insight Server Backdoor Account Code Execution
http://www.exploit-db.com/exploits/16984/

REMOTE: Adobe ColdFusion - Directory Traversal'
http://www.exploit-db.com/exploits/16985/

LOCAL: Foxit PDF Reader 4.2 Javascript File Write
http://www.exploit-db.com/exploits/16978/

DoS/PoC: AVIPreview 0.26 Alpha Denial of Service
http://www.exploit-db.com/exploits/16986/

EMC Avamar Unspecified Administrative Privilege Escalation Vulnerability
http://www.vupen.com/english/advisories/2011/0678

EMC Avamar Service Requests and Email Notification Information Disclosure
http://www.vupen.com/english/advisories/2011/0677

RSA Access Manager Server Unauthorized Resource Access Vulnerability
http://www.vupen.com/english/advisories/2011/0676

SugarCRM Contacts and Customer Information Disclosure Vulnerability
http://www.vupen.com/english/advisories/2011/0675

nostromo nhttpd Web Server Remote Directory Traversal Vulnerability
http://www.vupen.com/english/advisories/2011/0674

Ubuntu Security Update Fixes krb5 KDC PKINIT Double-free Vulnerability
http://www.vupen.com/english/advisories/2011/0673

MIT Kerberos krb5 Key Distribution Center PKINIT Double-free Vulnerability
http://www.vupen.com/english/advisories/2011/0672

Debian Security Update Fixes Chromium Code Execution Vulnerability
http://www.vupen.com/english/advisories/2011/0671

Fedora Security Update Fixes Avahi Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0670

Fedora Security Update Fixes Pidgin Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0669

Fedora Security Update Fixes vsftpd Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0668

Fedora Security Update Fixes CGIT Remote Denial of Service Vulnerability
http://www.vupen.com/english/advisories/2011/0667

SugarCRM Lets Remote Authenticated Users Bypass 'List' Restrictions
http://www.securitytracker.com/id/1025222

SAP Crystal Reports Server Input Validation Flaw in PerformanceManagement Module Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1025221

TIBCO tibbr Input Validation Hole in Web Service Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1025220

The old "new" Japanese scams
http://www.zone-h.org/news/id/4738

TIBCO tibbr 'HTTP Request' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/46891

Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46388

Microsoft Windows Kerberos Encryption Standard Spoofing Vulnerability
http://www.securityfocus.com/bid/46140

Pango 'hb_buffer_ensure()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46632

Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46734

Mozilla Firefox and SeaMonkey JavaScript Worker Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46663

Mozilla Firefox and SeaMonkey JavaScript String Values Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46650

Mozilla Firefox CVE-2011-0062 Multiple Unspecified Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/46647

Mozilla Firefox/SeaMonkey Text Run Construction Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46660

Mozilla Firefox and SeaMonkey 'JSON.stringify()' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46661

Mozilla Firefox and SeaMonkey JavaScript Non-Local Variables Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46648

Mozilla Firefox/SeaMonkey Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/46652

Mozilla Firefox/SeaMonkey 'eval()' Function Security Bypass Vulnerability
http://www.securityfocus.com/bid/46643

Mozilla Firefox SeaMonkey and Thunderbird CVE-2011-0053 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/46645

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935

Linux Kernel 'do_io_submit()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/43353

Linux Kernel 'net/sched/act_police.c' File Memory Leak Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42529

Linux Kernel 'io_submit_one()' NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/44755

Linux Kernel Futex Macros Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/44754

Linux Kernel 'XFS_IOC_FSGETXATTR' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43022

HP Client Automation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46862

Linux Kernel IGB Panic VLAN Packet Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/45208

Xen 'fixup_page_fault()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/45099

Linux Kernel SCTP Local Race Condition Vulnerability
http://www.securityfocus.com/bid/45661

Linux Kernel 'ethtool.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45972

Linux Kernel 'drivers/scsi/bfa/bfa_core.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/45262

Linux Kernel Unix Sockets Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/45037

Linux Kernel 'hci_uart_tty_open()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/45014

Linux Kernel 'posix-cpu-timers.c' Local Race Condition Vulnerability
http://www.securityfocus.com/bid/45028

Linux Kernel Unix Socket Backlog Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/46637

Linux Kernel 'execve()' Memory Expansion 'OOM-killer' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/45004

Xen 'vbd_create()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/45795

Linux Kernel 'net/' Subsystem Socket Filter CVE-2010-4161 Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45064

Linux Kernel 'net/core/filter.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44758

Linux Kernel 'drivers/scsi/gdth.c' IOCTL Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/44648

Xen 'drivers/xen/blkback/blkback.c' Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/45029

Linux Kernel 'ipc/sem.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43809

Linux Kernel 'SNDRV_HDSP_IOCTL_GET_CONFIG_INFO' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45058

Linux Kernel 'hdsp.c' IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45063

WellinTech KingView 'KVWebSvr.dll' ActiveX Control Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46757

Linux Kernel TIOCGICOUNT 'serial_core.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43806

Linux Kernel 'hmid_ds structure' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45054

Linux Kernel 'inet_diag.c' Netlink Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/44665

Linux Kernel Multiple 'net/' Subsystems Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/44630

Linux Kernel CVE-2010-4073 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45073

Linux Kernel 'sctp_outq_flush()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43480

Linux Kernel Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/44354

Linux Kernel Reliable Datagram Sockets (RDS) Protocol Local Integer Overflow Vulnerability
http://www.securityfocus.com/bid/44549

Linux Kernel 'CHELSIO_GET_QSET_NUM' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43221

Linux Kernel ALSA 'sound/core/control.c' Local Integer Overflow Vulnerability
http://www.securityfocus.com/bid/43787

Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/44301

Xen 'blkback/blktap/netback' Leaked Kernel Thread Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/45039

KingView Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45727

Adobe ColdFusion CVE-2010-2861 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/42342

HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/46079

Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46406

Oracle Java SE and Java for Business CVE-2010-4447 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46409

Oracle Java SE and Java for Business NTLM Credentials Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46411

Oracle Java SE and Java for Business CVE-2010-4475 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46410

Oracle Java SE and Java for Business CVE-2010-4473 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46403

Oracle Java SE and Java for Business Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46394

Oracle Java SE and Java for Business CVE-2010-4448 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46398

Oracle Java SE and Java for Business CVE-2010-4468 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46393

Oracle Java SE and Java for Business CVE-2010-4471 Remote Security Vulnerability
http://www.securityfocus.com/bid/46399

Oracle Java SE and Java for Business Java Runtime Environment CVE-2010-4454 Remote Vulnerability
http://www.securityfocus.com/bid/46391

Oracle Java SE and Java for Business Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46386

Oracle Java SE and Java for Business CVE-2010-4467 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46395

Oracle Java SE and Java for Business CVE-2010-4422 Remote Vulnerability
http://www.securityfocus.com/bid/46402

MIT Kerberos KDC 'do_as_req.c' Double Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46881

cgit 'convert_query_hexchar()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46756

vsftpd FTP Server 'ls.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46617

MediaCoder '.m3u' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/34051

Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/36097

AplikaMedia CMS 'page_info.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/46896

Drupal Tagadelic Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/46895

Pointter PHP Content Management System Local File Include and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/46894

AVIPreview '.avi' File Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46892

Monkeya??s Audio '.ape' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46887

b2evolution Comment HTML Injection Vulnerability
http://www.securityfocus.com/bid/46886

0 件のコメント:

コメントを投稿