2011年10月21日金曜日

21日 金曜日、先負

2011/10/20 Samba 3.6.1がリリースされました
http://wiki.samba.gr.jp/mediawiki/index.php?title=%E3%83%A1%E3%82%A4%E3%83%B3%E3%83%9A%E3%83%BC%E3%82%B8

ウイルスバスター2012 プログラムアップデートのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1667

UPDATE: Oracle Critical Patch Update Advisory - October 2011
http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html

ソフトウェア等の脆弱性関連情報に関する届出状況
[2011年第3四半期(7月~9月)]
http://www.ipa.go.jp/security/vuln/report/vuln2011q3.html

JVNVU#819894: libpng における sCAL チャンクの処理に脆弱性
http://jvn.jp/cert/JVNVU819894/index.html

JVNVU#707943: Windows プログラムの DLL 読み込みに脆弱性
http://jvn.jp/cert/JVNVU707943/index.html

JVN#44724673: Java Web Start において許可されていないシステムクラスが実行される脆弱性
http://jvn.jp/jp/JVN44724673/index.html

JVNTA11-286A: Apple Mac OS Xにおける複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA11-286A/index.html

JVNTA11-284A: Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA11-284A/index.html

JVNDB-2011-002451 Microsoft Internet Explorer 8 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002451.html

JVNDB-2011-002450 Microsoft Internet Explorer 9 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002450.html

JVNDB-2011-002449 Microsoft Internet Explorer 6 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002449.html

JVNDB-2011-002448 Microsoft Internet Explorer 6 から 8 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002448.html

JVNDB-2011-002447 Microsoft Internet Explorer 6 から 9 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002447.html

JVNDB-2011-002446 Microsoft Internet Explorer 6 から 9 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002446.html

JVNDB-2011-002445 Microsoft Windows XP および Windows Server 2003 の afd.sys における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002445.html

JVNDB-2011-002444 Microsoft Windows XP および Windows Server 2003 における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002444.html

JVNDB-2011-002443 Microsoft Forefront UAG の MicrosoftClient.jar における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002443.html

JVNDB-2011-002442 Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002442.html

JVNDB-2011-002441 Microsoft Forefront UAG 2010 におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002441.html

JVNDB-2011-002440 Microsoft Forefront UAG 2010 における CRLF インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002440.html

JVNDB-2011-002439 Microsoft .NET Framework および Silverlight における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002439.html

JVNDB-2011-002438 Microsoft Windows のカーネルモードドライバ内にある win32k.sys における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002438.html

JVNDB-2011-002437 Microsoft Windows の win32k.sys のバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002437.html

JVNDB-2011-002436 Microsoft Windows の win32k.sys におけるサービス運用妨害 (システムハング) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002436.html

JVNDB-2011-002435 Microsoft Windows の win32k.sys における権限昇格またはサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002435.html

JVNDB-2011-002434 Microsoft Windows Vista および Windows 7 の Windows Media Center における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002434.html

JVNDB-2011-002433 Microsoft Windows の Microsoft Active Accessibility コンポーネントにおける権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002433.html

JVNDB-2011-002432 複数の Microsoft 製品における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002432.html

JVNDB-2011-002431 Microsoft Windows SharePoint Services および SharePoint Foundation におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002431.html

JVNDB-2011-002430 複数の Microsoft SharePoint 製品の EditForm.aspx におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002430.html

JVNDB-2011-002429 複数の Microsoft SharePoint 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002429.html

JVNDB-2011-002428 Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002428.html

JVNDB-2011-002427 Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002427.html

JVNDB-2011-002426 Microsoft Host Integration Server におけるサービス運用妨害 (SNA サーバサービスの休止) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002426.html

JVNDB-2011-002425 Microsoft Host Integration Server におけるサービス運用妨害 (SNA サーバサービスの休止) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002425.html

JVNDB-2011-002424 Apple iTunes で使用される CoreMedia におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002424.html

JVNDB-2011-002423 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002423.html

JVNDB-2011-002422 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002422.html

JVNDB-2011-002421 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002421.html

JVNDB-2011-002420 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002420.html

JVNDB-2011-002419 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002419.html

JVNDB-2011-002418 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002418.html

JVNDB-2011-002417 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002417.html

JVNDB-2011-002416 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002416.html

JVNDB-2011-002415 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002415.html

JVNDB-2011-002414 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002414.html

JVNDB-2011-002413 Apple iTunes で使用される WebKit における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002413.html

JVNDB-2011-002412 複数の Microsoft SharePoint 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002412.html

JVNDB-2011-002411 Microsoft Office 2003 および 2007 における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002411.html

JVNDB-2011-002410 Microsoft Office 2007 および 2010 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002410.html

JVNDB-2011-002409 Windows Server 2003 および 2008 の WINS における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002409.html

JVNDB-2011-002408 Microsoft Excel 2003 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002408.html

JVNDB-2011-002407 複数の Microsoft Excel 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002407.html

JVNDB-2011-002406 複数の Microsoft Excel 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002406.html

JVNDB-2011-002405 複数の Microsoft Excel 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002405.html

JVNDB-2011-002404 複数の Microsoft Excel 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002404.html

JVNDB-2011-002403 Microsoft Windows における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002403.html

JVNDB-2011-002402 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002402.html

JVNDB-2011-002401 Adobe Reader および Acrobat の CoolType.dll におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002401.html

JVNDB-2011-002400 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002400.html

JVNDB-2011-002399 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002399.html

Independant Researcher : Django - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36928

Red Hat : [RHSA-2011:1379-01] krb5 - Denial-Of-Service Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36924

Red Hat : [RHSA-2011:1380-01] java-1.6.0-openjdk - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36925

Red Hat : [RHSA-2011:1384-01] java-1.6.0-sun - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36926

Red Hat : QEMU - Buffer Overflow Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36927

Cisco : [cisco-sa-20111019-sns] Cisco Show and Share - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36929

New Flash Click Jacking Exploit
http://isc.sans.edu/diary.html?storyid=11857

JBoss Worm
http://isc.sans.edu/diary.html?storyid=11860

Check Point UTM-1 Edge / Safe@Office WebUI Multiple Vulnerabilities
http://secunia.com/advisories/46486/

DoS/Poc: Opera <= 11.51 Use After Free Crash PoC
http://www.exploit-db.com/exploits/18014

HP Power Manager 'formExportDataLogs' Buffer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37867

Oracle Java SE CVE-2011-3558 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50242

Oracle Java SE CVE-2011-3548 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50211

Oracle Java SE CVE-2011-3551 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50224


+ Samba 3.6.1 Available for Download
http://www.samba.org/samba/history/samba-3.6.1.html
http://www.samba.org/samba/history/

+ Important: kernel security, bug fix, and enhancement update
http://rhn.redhat.com/errata/RHSA-2011-1386.html

+ Moderate: httpd security and bug fix update
http://rhn.redhat.com/errata/RHSA-2011-1392.html

+ Linux Kernel 'taskstats' Access Restriction Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/50314
http://www.redhat.com/security/data/cve/CVE-2011-2494.html

+ Linux Kernel 'clock_gettime()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50311

- Linux Kernel EXT4 Extent Format File Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/48697

RHSA-2011:1391 Moderate: httpd security and bug fix update
http://rhn.redhat.com/errata/RHSA-2011-1391.html

CESA-2011:1380 (java-1.6.0-openjdk)
http://lwn.net/Alerts/463927/

CESA-2011:1385 (kdelibs)
http://lwn.net/Alerts/463929/

[SECURITY] [DSA 2324-1] wireshark security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00127.html

GotRoot Security Challenge
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00126.html

[security bulletin] HPSBPI02711 SSRT100647 rev.1 - HP MFP Digital Sending Software Running on Wi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00120.html

OCS Inventory NG 2.0.1 Persistent XSS (CVE-2011-4024)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00125.html

Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overf
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00124.html

Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00119.html

Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00118.html

Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00117.html

[security bulletin] HPSBMU02716 SSRT100651 rev.1 - HP Data Protector Notebook Extension, Remote
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00123.html

Multiple vulnerabilities in Tine 2.0
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00122.html

ZDI-11-295 : Apple QuickTime FlashPix JPEG Tables Selector Remote Code Execution Vulnerabili
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00116.html

DNS Poisoning via Port Exhaustion
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00121.html

[ GLSA 201110-13 ] Tor: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00115.html

MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00114.html

Critical Control 13: Limitation and Control of Network Ports, Protocols, and Services
http://isc.sans.edu/diary.html?storyid=11845

Evil Printers Sending Mail
http://isc.sans.edu/diary.html?storyid=11848

IBM WebSphere Application Server for z/OS JAX-WS Applications Unspecified Vulnerability
http://secunia.com/advisories/46469/

KaiBB Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/45311/

wizmall "BID" and "UID" SQL Injection Vulnerabilities
http://secunia.com/advisories/46440/

wizmall Two File Disclosure Vulnerabilities
http://secunia.com/advisories/46484/

Splunk Cross-Site Scripting and Denial of Service Vulnerabilities
http://secunia.com/advisories/46462/

Fedora update for java-1.6.0-openjdk
http://secunia.com/advisories/46538/

Honeywell EBI Temaline Remote Installer ActiveX Control "DownloadURL()" Insecure Method
http://secunia.com/advisories/46497/

Fedora update for tomcat6
http://secunia.com/advisories/46537/

HP MFP Digital Sending Software Workflow Metadata Information Disclosure Weakness
http://secunia.com/advisories/46532/

CiscoWorks Common Services Home Page Component Command Injection Vulnerability
http://secunia.com/advisories/46533/

Cisco Show and Share Security Bypass Security Issue and File Upload Vulnerability
http://secunia.com/advisories/46465/

Red Hat update for krb5
http://secunia.com/advisories/46480/

Red Hat update for java-1.6.0-sun
http://secunia.com/advisories/46490/

Simple PHP Forum Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/46485/

Microsoft Internet Explorer DOM Modification Race Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/6O03H002UW.html

Microsoft Internet Explorer layout-grid-char style Code Execution Vulnerability
http://www.securiteam.com/windowsntfocus/6P03I002UQ.html

Lotus Notes XLS viewer malformed BIFF record heap overflow Vulnerability
http://www.securiteam.com/windowsntfocus/6T03M002UC.html

7T Interactive Graphical SCADA System Memory Corruption Vulnerability
http://www.securiteam.com/securitynews/6S03L002US.html

Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Code Execution Vulnerability
http://www.securiteam.com/securitynews/6R03K002US.html

Oracle Java ICC Profile 'bfd ' Tag Parsing Code Execution Vulnerability
http://www.securiteam.com/securitynews/6Q03J002UU.html

Avaya Identity Engines Ignition Server Remote Code Execution Vulnerability
http://www.vupen.com/english/ADV-2011-2213.php

MIT Kerberos Packets Processing Remote Denial of Service Vulnerabilities
http://www.vupen.com/english/ADV-2011-2212.php

HP MFP Digital Sending Software Local Information Disclosure
http://www.vupen.com/english/ADV-2011-2211.php

Novell ZENworks Configuration Management Multiple Vulnerabilities
http://www.vupen.com/english/ADV-2011-2210.php

Novell ZENworks Handheld Management Code Execution and Dir Traversal
http://www.vupen.com/english/ADV-2011-2209.php

Cisco Show and Share Unauthorized Access and Code Execution
http://www.vupen.com/english/ADV-2011-2208.php

Cisco CiscoWorks Common Services Command Execution Vulnerability
http://www.vupen.com/english/ADV-2011-2207.php

Oracle Java Multiple Remote Code Execution and Security Bypass
http://www.vupen.com/english/ADV-2011-2206.php

Oracle and Sun Products Multiple Code Execution and Security Bypass
http://www.vupen.com/english/ADV-2011-2205.php

DoS/PoC: UnrealIRCd 3.2.8.1 Local Configuration Stack Overflow
http://www.exploit-db.com/exploits/18011

DoS/PoC: Opera <= 11.52 Stack Overflow
http://www.exploit-db.com/exploits/18008

DoS/PoC: Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow
http://www.exploit-db.com/exploits/18007

DoS/PoC: Opera <= 11.52 PoC Denial of Service
http://www.exploit-db.com/exploits/18006

SUSE Linux 'scsi_discovery tool' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/36887

Linux Kernel '/proc/PID/io' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49408

Linux Kernel TCP Sequence Number Generation Security Weakness
http://www.securityfocus.com/bid/49289

Linux Kernel SCTP INIT/INIT-ACK Chunk Length Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47308

Linux Kernel Auerswald USB Device Driver Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/48687

Wireshark Lua Script File Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/49528

acpid Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/45915

Linux Kernel 'CIFSFindNext()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/49295

Xen DMA Requests IOMMU Denial of Service Vulnerability
http://www.securityfocus.com/bid/49146

Linux Kernel Generic Receive Offload (GRO) CVE-2011-2723 Denial of Service Vulnerability
http://www.securityfocus.com/bid/48929

Linux Kernel eCryptfs Multiple Vulnerabilities
http://www.securityfocus.com/bid/49108

Linux Kernel 'taskstats.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/48383

Linux Kernel CIFS Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/47381

Linux Kernel 'mremap()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47321

Linux Kernel IPv6 Fragment Identification Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/48802

Linux Kernel 'drivers/char/tpm/tpm.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46866

Linux Kernel EXT4 Extent Format File Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/48697

Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/49616

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49957

Oracle Java SE CVE-2011-3544 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50218

Oracle Java SE CVE-2011-3521 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50215

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49778

Oracle Java SE CVE-2011-3552 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50248

Oracle Java SE CVE-2011-3557 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50234

Oracle Java SE CVE-2011-3547 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50243

Oracle Java SE CVE-2011-3560 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50236

Oracle Java SE CVE-2011-3554 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50216

Oracle Java SE CVE-2011-3556 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50231

OCS Inventory NG Unspecified HTML Injection Vulnerability
http://www.securityfocus.com/bid/50011

Oracle Java SE CVE-2011-3551 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50224

KDE KSSL Common Name SSL Certificate Spoofing Vulnerability
http://www.securityfocus.com/bid/49925

Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48667

Apache Tomcat AJP Protocol Security Bypass Vulnerability
http://www.securityfocus.com/bid/49353

Apache Tomcat NIO Connector Denial of Service Vulnerability
http://www.securityfocus.com/bid/46164

Apache Tomcat SecurityManager Security Bypass Vulnerability
http://www.securityfocus.com/bid/46177

Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48456

Apache Tomcat HTML Manager Interface HTML Injection Vulnerability
http://www.securityfocus.com/bid/46174

ldns 'rr.c' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49748

Oracle Java SE CVE-2011-3548 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50211

Oracle Java SE CVE-2011-3558 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50242

Mozilla Firefox/SeaMonkey CVE-2011-2993 Security Bypass Vulnerability
http://www.securityfocus.com/bid/49248

Mozilla Firefox and Thunderbird CVE-2011-2991 JavaScript Memory-Corruption Vulnerabiility
http://www.securityfocus.com/bid/49243

Cyclope Internet Filtering Proxy 'user' HTML Injection Vulnerability
http://www.securityfocus.com/bid/50317

MetaSploit Framework 'project[name]' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/50315

Linux Kernel 'taskstats' Access Restriction Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/50314

Red Hat Linux Kernel Ethernet Bridge Interface Denial of Service Vulnerability
http://www.securityfocus.com/bid/50313

Red Hat Linux Kernel CVE-2011-3347 VLAN Packets Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50312

Linux Kernel 'clock_gettime()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50311

IBM WebSphere Application Server JAX-WS Unspecified Vulnerability
http://www.securityfocus.com/bid/50310

PreProjects Pre Studio Business Cards Designer 'page.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/50309

Skype Technologies Skype Client for Windows File Transfer Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50308

Tine Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50307

TYPO3 pmkshadowbox and pmkslimbox Cross Site Scripting and Arbitrary File Download Vulnerabilities
http://www.securityfocus.com/bid/50306

Oracle DataDirect Multiple Native Wire Protocol ODBC Driver Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50305

TYPO3 pdf_generator2 Extension Remote Commend Execution and Remote File Disclosure Vulnerabilities
http://www.securityfocus.com/bid/50304

Novell ZENworks Handheld Management Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/50303

wizmall Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/50302

osCommerce Remote File Upload and File Disclosure Vulnerabilities
http://www.securityfocus.com/bid/50301

wizmall Multiple Remote File Disclosure Vulnerabilities
http://www.securityfocus.com/bid/50300

KaiBB SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50299

Splunk Web component Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50298

Splunk 'segment' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50296

Innovate Portal 'cat' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50295

CMS Mini 'name' Parameter Directory Traversal Vulnerability
http://www.securityfocus.com/bid/50294

Uiga Personal Portal SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50293

Simple Free PHP Forum Script 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/50292

fims File Management System 'password' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/50291

fims File Management System 'f' Parameter Arbitrary File Download Vulnerability
http://www.securityfocus.com/bid/50290

OpenEMR 'add_edit_issue.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/50289

0 件のコメント:

コメントを投稿