InterScan VirusWall スタンダードエディション 6.02 Linux版 Patch 3 ならびに Critical Patch ビルド 7806 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1551
Trend Micro Network VirusWall Enforcer 2500 Service Pack 1 Patch 2 リパック版公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1550
JVNDB-2011-001296 HarfBuzz の hb-buffer.c 内にある hb_buffer_ensure 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001296.html
JVNDB-2011-001295 複数の Mozilla 製品の nsIScriptableUnescapeHTML.parseFragment メソッドにおける 任意の JavaScript を実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001295.html
JVNDB-2011-001294 複数の Mozilla 製品におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001294.html
JVNDB-2011-001293 複数の Mozilla 製品におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001293.html
JVNDB-2011-001292 Windows 上で稼働する Mozilla Firefox および SeaMonkey の バッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001292.html
JVNDB-2011-001291 Mozilla Firefox および SeaMonkey の Web Worker 実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001291.html
JVNDB-2009-002644 BlackBerry Enterprise Server におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002644.html
JVNDB-2009-002643 BlackBerry Desktop Software の IBM Lotus Notes Intellisync ActiveX コントロールにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002643.html
JVNDB-2009-002642 BlackBerry Application Web Loader の Motion RIM AxLoader ActiveX コントロールの Research におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002642.html
JVNDB-2010-002061 Red Hat Package Manager の lib/fsm.c における 権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002061.html
JVNDB-2010-002748 Linux-PAM の pam_namespace.c における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002748.html
JVNDB-2010-002747 Linux-PAM の run_coprocess 関数における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002747.html
JVNDB-2010-002746 Linux-PAM の run_coprocess 関数における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002746.html
JVNDB-2010-002614 ISC BIND におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002614.html
JVNDB-2010-002544 ISC BIND named validator に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002544.html
JVNDB-2010-002543 ISC BIND におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002543.html
JVNDB-2010-002653 Microsoft Internet Explorer に任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002653.html
Subversion 'mod_dav_svn' Apache Server NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46734
libcgroup 'cgrulesengd' Daemon Netlink Messages Event Spoofing Vulnerability
http://www.securityfocus.com/bid/46578
libcgroup Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46729
phpMyAdmin Error Page Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45633
eXPert PDF Batch Creator Denial of Service Vulnerability
http://www.securityfocus.com/bid/47040
RealPlayer '.rmp' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47039
+ GCC 4.6.0 has been released.
http://gcc.gnu.org/gcc-4.6/
+ Linux kernel 2.6.32.36, 2.6.37.6, 2.6.38.2 released
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.32/ChangeLog-2.6.32.36
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37.6
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.2
+ OpenLDAP 2.4.25 released
http://www.openldap.org/
http://www.openldap.org/software/release/changes.html
+ Linux Kernel "iriap_getvaluebyclass_indication()" Buffer Overflows
http://secunia.com/advisories/43841/
2524375: 不正なデジタル証明書により、なりすましが行われる
http://www.microsoft.com/japan/technet/security/advisory/2524375.mspx
Google Chrome 10.0.648.204 released
http://googlechromereleases.blogspot.com/2011/03/stable-channel-update.html
CESA-2011:0373 (firefox)
http://lwn.net/Alerts/435267/
CESA-2011:0374 (thunderbird)
http://lwn.net/Alerts/435268/
CESA-2011:0375 (seamonkey)
http://lwn.net/Alerts/435269/
HPSBMA02649 SSRT100430 rev.1 - HP Diagnostics, Remote Cross Site Scripting (XSS)
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02770512
Postfix 2.9 Snapshot 20110323
http://mirror.postfix.jp/postfix-release/experimental/postfix-2.9-20110323.HISTORY
Rdbhost's Rdbadmin Utility version 4 released
http://www.postgresql.org/about/news.1305
UPDATE: Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client
http://www.cisco.com/en/US/products/products_security_advisory09186a00808a0554.shtml
+ Vulnerability in the ActiveSync feature of Citrix Presentation Server and XenApp could result in arbitrary code execution
http://support.citrix.com/article/CTX128366
Trend Micro Network VirusWall Enforcer 1500i / 3500i バージョン 3.1 公開停止のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1552
パフォーマンスカウンタ監視で-207エラーによりステータスがNGとなる
http://www.say-tech.co.jp/support/bom-for-windows/207ng/index.shtml
同一種の監視を200個以上行うと正常な監視結果が得られない。
http://www.say-tech.co.jp/support/bom-for-windows/200/index.shtml
Debian : [DSA-2202-1] apache2: failure to drop root privil
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35410
High-Tech Bridge SA : [HTB22895] XSS vulnerability in Ripe website manager
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35411
High-Tech Bridge SA : [HTB22896] SQL injection vulnerability in Ripe website manager
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35412
High-Tech Bridge SA : [HTB22897] SQL injection vulnerability in Ripe website manager
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35413
High-Tech Bridge SA : [HTB22898] XSRF (CSRF) in Ripe website manager
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35414
High-Tech Bridge SA : [HTB22899] Path disclosure in SyndeoCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35415
High-Tech Bridge SA : [HTB22900] Multiple XSS vulnerabilities in SyndeoCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35416
High-Tech Bridge SA : [HTB22901] SQL injection in SyndeoCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35417
High-Tech Bridge SA : [HTB22902] XSS in SyndeoCMS
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35418
SuSE : [SUSE-SA:2011:015] Linux kernel
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35409
YGN Ethical Hacker Group : Parallels Plesk 7.0 - 8.2 | Open URL Redirection Vulnerability
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35419
Mandriva : [MDVSA-2011:052] php
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35398
Mandriva : [MDVSA-2011:053] php
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35399
Ubuntu Security Notice : [USN-1091-1] Firefox and Xulrunner vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35420
Core Security Technologies : [CORE-2011-0208] VLC Vulnerabilities handling .AMV and .NSV files
http://www.criticalwatch.com/support/security-advisories.aspx?AID=35403
プレス発表
「2011年版 10大脅威 進化する攻撃...その対策で十分ですか?」を公開
~情報漏えいやウェブサイトを経由した攻撃が上位に~
http://www.ipa.go.jp/about/press/20110324.html
「義援金詐取サイト」防止のため、コモドジャパンがサーバー向けSSL証明書を無償提供
http://itpro.nikkeibp.co.jp/article/NEWS/20110325/358745/?ST=security
IP電話サーバー乗っ取りによる不正国際通話被害、アジルネットワークスが注意を呼びかけ
http://itpro.nikkeibp.co.jp/article/NEWS/20110324/358716/?ST=security
McAfeeがDBセキュリティー会社を買収へ、統合プラットフォーム化を推進
http://itpro.nikkeibp.co.jp/article/NEWS/20110324/358673/?ST=security
Android対応のウイルス対策ソフト製品版を無償提供、Doctor Webが期間限定で
http://itpro.nikkeibp.co.jp/article/NEWS/20110324/358662/?ST=security
JVN#99977321 Picasa における実行ファイル読み込みに関する脆弱性
http://jvn.jp/jp/JVN99977321/index.html
JVNVU#636925 Apple Mac OS X における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU636925/index.html
JVNDB-2011-001185 複数の Oracle 製品の Java Runtime Environment コンポーネントにおける脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001185.html
JVNDB-2011-001290 Mozilla Firefox および SeaMonkey の JavaScript エンジンにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001290.html
JVNDB-2011-001289 Mozilla Firefox および SeaMonkey の JavaScript エンジンにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001289.html
JVNDB-2011-001288 Mozilla Firefox および SeaMonkey の JSON.stringify メソッドにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001288.html
JVNDB-2011-001287 Mozilla Firefox および SeaMonkey におけるダイアログの質問に対し応答を強制される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001287.html
JVNDB-2011-001286 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001286.html
JVNDB-2011-001285 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001285.html
JVNDB-2011-001284 Samba におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001284.html
JVNDB-2011-001283 Mutare Software Enabled VoiceMail (EVM) のウェブインターフェースに複数の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001283.html
JVNDB-2011-001282 IBM WebSphere Portal Server の入力値検証に脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001282.html
JVNDB-2011-000021 e107 におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000021.html
JVNDB-2011-000022 Picasa における実行ファイル読み込みに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000022.html
JVNDB-2011-001281 Microsoft Malware Protection Engine における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001281.html
JVNDB-2011-001280 Cisco Adaptive Security Appliances デバイスにおける任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001280.html
JVNDB-2011-001279 Cisco Adaptive Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001279.html
JVNDB-2011-001278 複数の Cisco 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001278.html
JVNDB-2011-001277 Cisco Adaptive Security Appliances デバイスおよび Cisco PIX Security Appliances デバイスにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001277.html
JVNDB-2011-001276 ISC BIND にサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001276.html
JVNDB-2010-002773 Linux kernel の mm/mprotect.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002773.html
JVNDB-2010-002772 Linux kernel の do_tcp_setsockopt 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002772.html
JVNDB-2011-001275 PivotX において第三者にパスワードを変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001275.html
JVNDB-2010-002771 memcached の memcached.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002771.html
JVNDB-2010-002761 libxml2 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002761.html
JVNDB-2010-002521 libxml2 の XPath 表現におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-002521.html
JVNDB-2010-001805 libpng に含まれる pngrutil.c におけるメモリリークの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001805.html
JVNDB-2010-001730 libpng に脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001730.html
Strange Shockwave File with Surprising Attachments
http://isc.sans.edu/diary.html?storyid=10612
APT Tabletop Exercise
http://isc.sans.edu/diary.html?storyid=10606
The Recent RSA Breach - Imagining the Worst Case, And Why it Isn't Time to Panic (Yet)
http://isc.sans.edu/diary.html?storyid=10609
Symantec LiveUpdate Administrator Management GUI HTML Injection
http://securityreason.com/securityalert/8160
DVD Rental Software SQL injection Vulnerability
http://securityreason.com/securityalert/8159
Pre Online Tests Generator Pro SQL Injection Vulnerability
http://securityreason.com/securityalert/8158
HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow
http://securityreason.com/securityalert/8157
HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow
http://securityreason.com/securityalert/8156
HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow
http://securityreason.com/securityalert/8155
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
http://securityreason.com/securityalert/8154
HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow
http://securityreason.com/securityalert/8153
Adobe Flash Player AVM Bytecode Verification
http://securityreason.com/securityalert/8152
HP OpenView NNM nnmRptConfig nameParams Buffer Overflow
http://securityreason.com/securityalert/8151
HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow
http://securityreason.com/securityalert/8150
Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability
http://securityreason.com/securityalert/8149
Adobe ColdFusion - Directory Traversal'
http://securityreason.com/securityalert/8148
RealNetworks RealPlayer CDDA URI Initialization Vulnerability
http://securityreason.com/securityalert/8147
openC Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/43865/
openC "FORM[profilbild]" Script Insertion Vulnerability
http://secunia.com/advisories/43866/
Group-Office Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/43869/
ClanSphere CKEditor Cross-Site Scripting and File Upload Vulnerabilities
http://secunia.com/advisories/43871/
Mahara Cross-Site Request Forgery and Script Insertion Vulnerabilities
http://secunia.com/advisories/43858/
SUSE update for kernel
http://secunia.com/advisories/43880/
Fedora update for krb5
http://secunia.com/advisories/43881/
Loggerhead Filename Script Insertion Vulnerability
http://secunia.com/advisories/43822/
netjukebox "skin" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/43868/
SyndeoCMS Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/43834/
Linux Kernel "iriap_getvaluebyclass_indication()" Buffer Overflows
http://secunia.com/advisories/43841/
Avaya IP Office Manager TFTP Denial of Service Vulnerability
http://secunia.com/advisories/43819/
Python urllib.request "file://" Redirect Security Issue
http://secunia.com/advisories/43883/
Python urllib/urllib2 "file://" Redirect Security Issue
http://secunia.com/advisories/43831/
Citrix Products ActiveSync Service Denial of Service Vulnerability
http://secunia.com/advisories/38748/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/43859/
Google Picasa Insecure Library Loading Vulnerability
http://secunia.com/advisories/43853/
Advantech WebAccess Network Service Component Code Execution Vulnerability
http://secunia.com/advisories/43877/
IBM Lotus Domino Server Controller Authentication Bypass Vulnerability
http://secunia.com/advisories/43860/
XMB Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/43862/
Nokia E75 Lock Code Bypass Vulnerability
http://secunia.com/advisories/43827/
HP StorageWorks P4000 Virtual SAN Appliance Software Buffer Overflow
http://secunia.com/advisories/43876/
VLC Media Player Large Video Dimension Vulnerability
http://secunia.com/advisories/43826/
MediaScripts Social Media "view" File Inclusion Vulnerability
http://secunia.com/advisories/43793/
Debian update for wireshark
http://secunia.com/advisories/43795/
Drupal Webform Block Module Script Insertion Vulnerability
http://secunia.com/advisories/43838/
SUSE update for pango
http://secunia.com/advisories/43873/
SUSE update for flash-player
http://secunia.com/advisories/43864/
Fedora update for postfix
http://secunia.com/advisories/43874/
Fedora update for mhonarc
http://secunia.com/advisories/43875/
Apple iPhone iOS "OfficeArtMetafileHeader" Parsing Vulnerability
http://secunia.com/advisories/43832/
Citrix XenApp and Citrix Presentation Server Bug in ActiveSync Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025254
EMC Data Protection Advisor Collector for Solaris File Permission Error Lets Remote Authenticated Users Gain Elevated Privileges
http://www.securitytracker.com/id/1025253
Immunity Debugger HTTP Update Buffer Overflow Lets Remote Users Execute Arbitrary Code via Man-in-the-Middle Attacks
http://www.securitytracker.com/id/1025252
HP Data Protector Media Operations Flaw in 'DBServer.exe' Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025251
HP Virtual SAN Appliance Stack Overflow in 'hydra.exe' Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1025249
REMOTE: wodWebServer.NET 1.3.3 Directory Traversal
http://www.exploit-db.com/exploits/17053/
REMOTE: VLC AMV Dangling Pointer Vulnerability
http://www.exploit-db.com/exploits/17048/
REMOTE: HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
http://www.exploit-db.com/exploits/17047/
DoS/PoC: Avaya IP Office Manager 8.1 TFTP DOS
http://www.exploit-db.com/exploits/17045/
DoS/PoC: IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS
http://www.exploit-db.com/exploits/17033/
DoS/PoC: VMCPlayer 1.0 Denial of Service
http://www.exploit-db.com/exploits/17032/
RoundCube Requests Handling Cross-Site Request Forgery Vulnerabilities
http://www.vupen.com/english/advisories/2011/0767
Google Picasa "Locate on Disk" Feature Insecure Library Loading
http://www.vupen.com/english/advisories/2011/0766
Google Chrome Multiple Use-after-free and Buffer Overflow Vulnerabilities
http://www.vupen.com/english/advisories/2011/0765
Fedora Security Update Fixes PHP Code Execution and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2011/0764
Fedora Security Update Fixes krb5 KDC PKINIT Double-free Vulnerability
http://www.vupen.com/english/advisories/2011/0763
Apple Safari WebKit Library Redirections Address Bar Spoofing Vulnerability
http://www.vupen.com/english/advisories/2011/0762
Ecava IntegraXor HMI Remote SQL Statement Execution Vulnerability
http://www.vupen.com/english/advisories/2011/0761
Immunity Debugger HTTP Response Remote Buffer Overflow Vulnerability
http://www.vupen.com/english/advisories/2011/0760
VLC Media Player AMV and NSV Data Processing Memory Corruption
http://www.vupen.com/english/advisories/2011/0759
IBM Lotus Domino Cookie File Authentication Bypass and Code Execution
http://www.vupen.com/english/advisories/2011/0758
HP OpenView Storage Data Protector Media Operations Memory Corruption
http://www.vupen.com/english/advisories/2011/0757
HP StorageWorks P4000 Virtual SAN Appliance Stack Overflow Vulnerability
http://www.vupen.com/english/advisories/2011/0756
HP Discovery & Dependency Mapping Inventory SNMP Configuration Issue
http://www.vupen.com/english/advisories/2011/0755
Citrix Presentation Server and XenApp ActiveSync Remote Code Execution
http://www.vupen.com/english/advisories/2011/0754
Microsoft Windows Fraudulent SSL Certificates Information Disclosure
http://www.vupen.com/english/advisories/2011/0753
Fedora Security Update Fixes Postfix STARTTLS Command Injection
http://www.vupen.com/english/advisories/2011/0752
Fedora Security Update Fixes Firefox and Xulrunner Fraudulent Certificates
http://www.vupen.com/english/advisories/2011/0751
Fedora Security Update Fixes MHonArc Cross Site Scripting and DoS
http://www.vupen.com/english/advisories/2011/0750
Debian Security Update Fixes Apache2 MPM-ITK Configuration Parsing Issue
http://www.vupen.com/english/advisories/2011/0749
MPM-ITK Module for Apache2 "itk_merge_dir_config()" Config Parsing Issue
http://www.vupen.com/english/advisories/2011/0748
Debian Security Update Fixes Wireshark Multiple Code Execution and DoS
http://www.vupen.com/english/advisories/2011/0747
Debian Security Update Fixes Iceweasel Fraudulent SSL Certificates Issue
http://www.vupen.com/english/advisories/2011/0746
Debian Security Update Fixes Iceape Fraudulent SSL Certificates Issue
http://www.vupen.com/english/advisories/2011/0745
Mandriva Security Update Fixes PHP Code Execution and DoS Vulnerabilities
http://www.vupen.com/english/advisories/2011/0744
VLC Media Player '.AMV' and '.NSV' Files Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/47012
libcgroup 'cgrulesengd' Daemon Netlink Messages Event Spoofing Vulnerability
http://www.securityfocus.com/bid/46578
libcgroup Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46729
Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40884
Linux Kernel Block Layer Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/44793
Linux Kernel TIOCGICOUNT CVE-2010-4077 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45059
Linux Kernel 'hci_uart_tty_open()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/45014
Linux Kernel 'net/core/filter.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/44758
Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/25332
HP OpenView Network Node Manager 'getnnmdata.exe' Code Execution Vulnerability
http://www.securityfocus.com/bid/40072
netjukebox 'skin' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47027
PHP Exif Extension 'exif_read_data()' Function Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46365
libzip '_zip_name_locate()' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46354
PHP 'phar/phar_object.c' Format String Vulnerability
http://www.securityfocus.com/bid/46854
Family Connections 'getChat.php' XPath Injection Vulnerability
http://www.securityfocus.com/bid/47038
Family Connections 'subject' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/47037
EMC Data Protection Advisor Collector for Solaris SPARC Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/47036
PreProjects Pre Online Tests Generator Pro 'takefreestart.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/47035
Mahara Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/47033
Google Picasa Insecure Library Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/47031
Aybulut Portal 'resim.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47030
Cisco IOS CVE-2010-2829 H.323 Unspecified Denial of Service Vulnerability
http://www.securityfocus.com/bid/43395
MIT Kerberos KDC 'do_as_req.c' Double Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46881
RETIRED: Apple Mac OS X Prior to 10.6.7 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46950
Google Chrome prior to 9.0.597.107 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46614
MHonArc HTML Mail Conversion Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/45528
MHonArc Tag Nesting Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46923
Linux Kernel 'task_show_regs()' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46421
Linux Kernel 'drivers/media/dvb/ttpci/av7110_ca' IOCTL Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45986
Linux Kernel 'ethtool.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45972
Linux Kernel FSGEOMETRY_V1 IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46417
Linux Kernel 'load_mixer_volumes()' Multiple Vulnerabilities
http://www.securityfocus.com/bid/45629
Linux Kernel SCTP Local Race Condition Vulnerability
http://www.securityfocus.com/bid/45661
Linux Kernel 'blk_rq_map_user_iov()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/45660
Linux Kernel 'irda_getsockopt()' Local Integer Underflow Vulnerability
http://www.securityfocus.com/bid/45556
Linux Kernel Multiple 'net/' Subsystems Local Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/44630
Linux Kernel 'AF_ECONET' Protocol NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/45321
Linux Kernel 'posix-cpu-timers.c' Local Race Condition Vulnerability
http://www.securityfocus.com/bid/45028
Linux Kernel TIOCGICOUNT 'serial_core.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/43806
Linux Kernel 'sctp_process_unk_param()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/39794
Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/46767
HP OpenView Network Node Manager CVE-2010-1964 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40873
Wireshark 1.4.3 and 1.2.14 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46626
Wireshark '.pcap' File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46167
Wireshark Visual C++ Analyzer Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46416
Apache MPM-ITK Module Security Weakness
http://www.securityfocus.com/bid/46953
HP OpenView Network Node Manager 'ovwebsnmpsrv.exe' Bad Option Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40637
HP OpenView Network Node Manager 'ovutil.dll' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40638
HP OpenView Network Node Manager 'getnnmdata.exe' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40071
HP OpenView Network Node Manager (CVE-2010-1552) 'doLoad()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/40068
Social Media 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/42009
Loggerhead Filenames HTML Injection Vulnerability
http://www.securityfocus.com/bid/47032
Google Chrome Prior to 10.0.648.204 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/47029
OpenCollab Unspecified HTML Injection Vulnerability
http://www.securityfocus.com/bid/47026
Python 'urllib' and 'urllib2' Modules Information Disclosure and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/47024
Nokia E75 Firmware Lock Code Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/47022
Avaya IP Office Manager TFTP Server Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47021
SyndeoCMS Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/47018
Ripe Website Manager Cross Site Scripting and Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/47017
MC Content Manager Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/47014
0 件のコメント:
コメントを投稿