2011年10月31日月曜日

31日 月曜日、友引


JVN#56667137 複数のスカイアークシステム製品におけるクロスサイトリクエストフォージェリの脆弱性
http://jvn.jp/jp/JVN56667137/index.html

JVN#41032068 複数のスカイアークシステム製品におけるアクセス制限不備の脆弱性
http://jvn.jp/jp/JVN41032068/index.html

REMOTE: BroadWin WebAccess SCADA/HMI Client Remote Code Execution
http://www.exploit-db.com/exploits/18051

DoS/PoC: Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC
http://www.exploit-db.com/exploits/18052

DoS/PoC: Microsys PROMOTIC 8.1.4 ActiveX GetPromoticSite Unitialized Pointer
http://www.exploit-db.com/exploits/18049




+ Linux Kernel Network Bridge NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/50417

[ANNOUNCEMENT] Apache Commons Digester 3.1 released!
http://commons.apache.org/digester/download_digester.cgi

[courier-announce] Courier and courier-imap builds 20111028
http://www.courier-mta.org/download.php

UPDATE: HPSBUX02715 SSRT100623 rev.3 - HP-UX Containers (SRP), Local Unauthorized Access and Increased Privileges
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03057703%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

Benetl, a free ETL tool for postgreSQL, is out in version 3.8
http://www.postgresql.org/about/news.1361

PostgreSQL Data Sync released
http://www.postgresql.org/about/news.1360

LedgerSMB 1.3.0 Released
http://www.postgresql.org/about/news.1359

Debian : [DSA-2329-1] torque - Buffer Overflow Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37003

Hewlett-Packard : [HPSBMU02714 SSRT100244] - HP - Network Node Manager i - Information Disclosure Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36996

High-Tech Bridge SA : [HTB23052] SPIP - Path Disclosure Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37002

Red Hat : [RHSA-2011:1402-01] FreeType - Denial-Of-Service Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37004

Red Hat : [RHSA-2011:1409-01] OpenSSL - Security Bypass Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37005

Ubuntu Security Notice : [USN-1238-2] Puppet - Man-In-The-Middle Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37006

Ubuntu Security Notice : [USN-1247-1] Nova - Information Disclosure Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37007

Ubuntu Security Notice : [USN-1248-1] KDE-Libs - Spoofing Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37008

VMware : [VMSA-2011-0013] Multiple Products - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37009

ZDI : [ZDI-11-311] Apple - QuickTime - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37010

ZDI : [ZDI-11-312] Apple - QuickTime - Code Execution Isshe
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37011

ZDI : [ZDI-11-313] Apple - QuickTime - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37012

ZDI : [ZDI-11-314] Apple - QuickTime - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37013

ZDI : [ZDI-11-315] Apple - QuickTime - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37014

ZDI : [ZDI-11-316] Apple - QuickTime - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37015

Cisco : [cisco-sa-20111026-webex] Cisco - WebEx Player - Multiple Buffer Overflow Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36997

Cisco : [cisco-sa-20111026-csa] Cisco - Security Agent - Multiple Code Execution Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36998

Cisco : [cisco-sa-20111026-cucm] Cisco - Unified Communications Manager - Directory Traversal Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36999

Cisco : [cisco-sa-20111026-uccx] Cisco - Unified Contact Center Express - Directory Traversal Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37000

Cisco : [cisco-sa-20111026-camera] Cisco - Video Surveillance IP Cameras - Denial-Of-Service Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37001

Gentoo Linux : [GLSA 201110-24] Squid - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36982

Gentoo Linux : [GLSA 201110-25] Pure-FTPd - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36983

Gentoo Linux : [GLSA 201110-26] libxml2 - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36984

Hewlett-Packard : [HPSBUX02700 SSRT100506] HP-UX - VEA - Denial-Of-Service and Code Execution Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36972

Ubuntu Security Notice : [USN-1238-1] Puppet - Man-In-The-Middle Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36974

Ubuntu Security Notice : [USN-1239-1] Linux kernel - EC2 - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36975

Ubuntu Security Notice : [USN-1240-1] Linux kernel - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36976

Ubuntu Security Notice : [USN-1241-1] Linux Kernel - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36977

Ubuntu Security Notice : [USN-1242-1] Linux Kernel - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36978

Ubuntu Security Notice : [USN-1243-1] Linux Kernel - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36979

Ubuntu Security Notice : [USN-1245-1] Linux Kernel - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36980

ZDI : [ZDI-11-308] Cisco - WebEx Player - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36985

ZDI : [ZDI-11-309] Novell - iPrint Client - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36986

ZDI : [ZDI-11-310] Adobe - Reader - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36987

ZDI : [ZDI-11-296] Adobe - Reader - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36988

ZDI : [ZDI-11-297] Adobe - Reader - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36989

ZDI : [ZDI-11-298] Adobe - Reader - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36990

ZDI : [ZDI-11-299] Adobe - Reader - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36991

ZDI : [ZDI-11-300] Adobe - Reader - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36992

ZDI : [ZDI-11-301] Adobe - Reader - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36993

ZDI : [ZDI-11-302] Adobe - Reader - Buffer Overflow and Code Execution Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36994

Cisco : Cisco Nexus OS (NX-OS) - Command Injection Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36968

Gentoo Linux : [GLSA 201110-22] PostgreSQL - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36995

Gentoo Linux : [GLSA 201110-23] Apache - mod_authnz_external - SQL Injection Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36995

Independant Researcher : zFtp Server - Denial-Of-Service Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36981

Mandriva : [MDVSA-2011:161] postgresql - Weak Encrypted Password Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36964

Red Hat : [RHSA-2011:1401-01] xen - Denial-Of-Service Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36963

Ubuntu Security Notice : [USN-1237-1] PAM - Multiple Denial-Of-Service Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36962

Debian : [DSA-2326-1] PAM - Code Execution Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36966

Debian : [DSA-2327-1] libfcgi-perl - Authentication Bypass Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36970

Debian : [DSA 2328-1] Freetype - Denial-Of-Service and Code Execution Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36973

Gentoo Linux : [GLSA 201110-21] Asterisk - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36971

Independant Researcher : [TC-SA-2011-01] OmniTouch - Instant Communication Suite - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36965

Debian : [DSA-2325-1] kfreebsd-8 - Buffer Overflow Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=36967

[SECURITY] [DSA 2323-1] radvd security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00205.html

[SECURITY] [DSA 2331-1] tor security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00206.html

[PT-2011-30] Disclosure of sensitive information in D-Link DIR-300 Router
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00204.html

[PT-2011-29] Arbitrary file reading and arbitrary code execution in Router Manager for D-
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00203.html

[PT-2011-21] SQL injection vulnerability in OneOrZero AIMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00202.html

[PT-2011-20] Authorization bypass vulnerability in OneOrZero AIMS
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00201.html

VMSA-2011-0013 VMware third party component updates for VMware vCenter Server, vCenter Updat
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00199.html

[security bulletin] HPSBUX02715 SSRT100623 rev.2 - HP-UX Containers (SRP), Local Unauthorize
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00198.html

[security bulletin] HPSBUX02719 SSRT100658 rev.1 - HP-UX Running BIND, Remote Denial of Serv
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00197.html

ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00196.html

ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00195.html

ZDI-11-314 : Apple Quicktime PnPixPat PatType 3 Parsing Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00194.html

ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00192.html

ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vu
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00193.html

ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00191.html

[SECURITY] [DSA 2330-1] simplesamlphp security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00190.html

eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00207.html

[SECURITY] [DSA 2329-1] torque security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00174.html

foofus.net security advisory - Toshiba eStudio Multifunction Printer Information Leakage
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00189.html

APPLE-SA-2011-10-26-1 QuickTime 7.7.1
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00188.html

[ GLSA 201110-26 ] libxml2: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00187.html

[ GLSA 201110-25 ] Pure-FTPd: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00186.html

[ GLSA 201110-24 ] Squid: Multiple vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00185.html

DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-33
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00184.html

ZDI-11-310 : Adobe Reader Compound Glyph Index Sign Extension Remote Code Execution Vulnerab
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00183.html

ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00182.html

ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerabilit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00181.html

ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vu
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00180.html

ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerabi
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00178.html

ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00179.html

ZDI-11-304 : Apple Quicktime Advanced Audio Codec Frame Parsing Remote Code Execution Vulner
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00177.html

ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00176.html

SANS AppSec 2012 CFP is Open
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2011-10/msg00175.html

JVN#72640744 複数の D-Link 製品におけるバッファオーバーフローの脆弱性
http://jvn.jp/jp/JVN72640744/index.html

JVNVU#402731 Enspire eClient に SQL インジェクションの脆弱性
http://jvn.jp/cert/JVNVU402731/index.html

プレス発表
複数のD-Link製品におけるセキュリティ上の弱点(脆弱性)の注意喚起
http://www.ipa.go.jp/about/press/20111028.html

The Sub Critical Control? Evidence Collection
http://isc.sans.edu/diary.html?storyid=11914

IBM Lotus Sametime Configuration Servlet Lets Remote Users Obtain Configuration Data
http://www.securitytracker.com/id/1026255

Cisco NX-OS Command Validation Flaw Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026254

HP Power Manager 'formExportDataLogs' Buffer Overflow
http://securityreason.com/securityalert/8482

Apple Safari Webkit libxslt Arbitrary File Creation
http://securityreason.com/securityalert/8481

Ubuntu update for backuppc
http://secunia.com/advisories/46621/

VMware vCenter Products JRE Multiple Vulnerabilities
http://secunia.com/advisories/46651/

HP-UX update for BIND
http://secunia.com/advisories/46633/

VMware ESX Server Multiple Vulnerabilities
http://secunia.com/advisories/46529/

Enspire eClient Unspecified SQL Injection Vulnerability
http://secunia.com/advisories/46638/

Tor TLS Certificate Reuse User De-Anonymisation Security Issue
http://secunia.com/advisories/46634/

VMware ESXi Server "sblim-sfcb" Integer Overflow Vulnerability
http://secunia.com/advisories/46650/

Gentoo update for libxml2
http://secunia.com/advisories/46601/

BackupPC "num" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/46615/

Cisco NX-OS / Unified Computing System "section" and "less" Privilege Escalation Vulnerabilities
http://secunia.com/advisories/46569/

D-Link Products SSH Server Buffer Overflow Vulnerability
http://secunia.com/advisories/46637/

FFFTP Insecure Executable Loading Vulnerability
http://secunia.com/advisories/46649/

IBM Lotus Sametime Configuration Servlet Authentication Security Issue
http://secunia.com/advisories/46647/

SUSE update for kernel
http://secunia.com/advisories/46608/

HP-UX BIND Requests Processing Remote Denial of Service Vulnerability
http://www.vupen.com/english/ADV-2011-2244.php

Tor Security Update Fixes Multiple Information Disclosure Vulnerabilities
http://www.vupen.com/english/ADV-2011-2243.php

IBM DB2 for Linux, UNIX and Windows "STMM" Security Vulnerability
http://www.vupen.com/english/ADV-2011-2242.php

IBM Lotus Sametime Configuration Servlet Remote Information Disclosure
http://www.vupen.com/english/ADV-2011-2241.php

VMware Products Code Execution and Denial of Service Vulnerabilities
http://www.vupen.com/english/ADV-2011-2240.php

Enspire eClient Data Processing Remote SQL Injection Vulnerability
http://www.vupen.com/english/ADV-2011-2239.php

Winamp Data Processing Multiple Heap and Integer Overflow Vulnerabilities
http://www.vupen.com/english/ADV-2011-2238.php

LOCAL: Xorg 1.4 to 1.11.2 File Permission Change PoC
http://www.exploit-db.com/exploits/18040

LOCAL: GTA SA-MP server.cfg Buffer Overflow
http://www.exploit-db.com/exploits/18038

DoS/PoC: GFI Faxmaker - Fax Viewer v10.0[build 237] DoS (Poc).
http://www.exploit-db.com/exploits/18043

Oracle Solaris CVE-2011-2311 ZFS Component Local Vulnerability
http://www.securityfocus.com/bid/50266

Oracle Solaris CVE-2011-2312 'ZFS' Sub Component Local Vulnerability
http://www.securityfocus.com/bid/50269

Oracle Sun Products Suite CVE-2011-3536 Local Vulnerability
http://www.securityfocus.com/bid/50262

Oracle Sun Products Suite CVE-2011-2286 Remote Vulnerability
http://www.securityfocus.com/bid/50265

Oracle Solaris CVE-2011-2304 Remote Vulnerability
http://www.securityfocus.com/bid/50257

Oracle Solaris CVE-2011-2313 Local Solaris Vulnerability
http://www.securityfocus.com/bid/50254

Oracle Sun Solaris CVE-2011-3508 Remote Vulnerability
http://www.securityfocus.com/bid/50201

Oracle Sun Solaris CVE-2011-3515 Local Vulnerability
http://www.securityfocus.com/bid/50235

Oracle Sun Product Suite CVE-2011-3537 Local Vulnerability
http://www.securityfocus.com/bid/50259

Oracle Sun Solaris CVE-2011-3535 Remote Vulnerability
http://www.securityfocus.com/bid/50255

Oracle Sun Solaris CVE-2011-3534 Remote Vulnerability
http://www.securityfocus.com/bid/50251

RETIRED: Linux Kernel kexec-tools Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/49944

Linux Kernel CVE-2011-3589 kexec-tools 'mkdumprd' Utility Information Disclosure Vulnerability
http://www.securityfocus.com/bid/50415

Empathy 'nickname' Field Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50323

Oracle Java SE and Java for Business CVE-2010-3541 Remote Networking Vulnerability
http://www.securityfocus.com/bid/44032

Oracle Java SE and Java for Business CVE-2010-4469 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46400

Cisco Nexus OS 'section' and 'less' Local Command Injection Vulnerabilities
http://www.securityfocus.com/bid/50347

Oracle Java SE and Java for Business NTLM Credentials Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46411

Oracle Java SE and Java for Business Java Runtime Environment CVE-2010-4454 Remote Vulnerability
http://www.securityfocus.com/bid/46391

Oracle Java SE and Java for Business CVE-2011-0871 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/48142

Oracle Java SE and Java for Business CVE-2011-0802 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/48149

Oracle Java SE and Java for Business CVE-2011-0864 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/48139

Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/47820

Apache APR 'apr_fnmatch.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/47929

Oracle Java SE and Java for Business CVE-2010-3574 Remote Networking Vulnerability
http://www.securityfocus.com/bid/44011

Microsoft Windows Local DNS Cache Poisoning Vulnerabilities
http://www.securityfocus.com/bid/50281

radvd Multiple Local and Remote Vulnerabilities
http://www.securityfocus.com/bid/50395

Oracle Java SE and Java for Business CVE-2010-3573 Same Origin Bypass Vulnerability
http://www.securityfocus.com/bid/44028

Oracle Java SE and Java for Business CVE-2010-3571 ICC Profile Vulnerability
http://www.securityfocus.com/bid/43965

Oracle Java SE and Java for Business CVE-2010-3572 Remote Sound Vulnerability
http://www.securityfocus.com/bid/44030

Oracle Java SE and Java for Business CVE-2010-3570 Remote Deployment Toolkit Vulnerability
http://www.securityfocus.com/bid/44020

Oracle Java SE and Java for Business 'defaultReadObject' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/44016

Oracle Java SE and Java for Business CVE-2010-3568 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/44012

Oracle Java SE and Java for Business CVE-2010-3565 JPEGImageWriter.writeImage Vulnerability
http://www.securityfocus.com/bid/43985

Oracle Java SE and Java for Business CVE-2010-3567 Remote 2D Vulnerability
http://www.securityfocus.com/bid/43992

Oracle Java SE and Java for Business CVE-2010-3566 ICC Profile Vulnerability
http://www.securityfocus.com/bid/43988

Oracle Java SE and Java for Business CVE-2010-3562 Remote 2D Vulnerability
http://www.securityfocus.com/bid/43979

Oracle Java SE and Java for Business CVE-2010-3563 BasicServiceImpl Vulnerability
http://www.securityfocus.com/bid/43999

Oracle Java SE and Java for Business CVE-2010-3561 Remote CORBA Vulnerability
http://www.securityfocus.com/bid/44013

Oracle Java SE and Java for Business CVE-2010-3560 Remote Networking Vulnerability
http://www.securityfocus.com/bid/44024

Oracle Java SE and Java for Business CVE-2010-3559 HeadspaceSoundbank.nGetName Vulnerability
http://www.securityfocus.com/bid/44026

Oracle Java SE and Java for Business CVE-2010-3557 Remote Swing Vulnerability
http://www.securityfocus.com/bid/44014

Oracle Java SE and Java for Business CVE-2010-3558 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/44021

Oracle Java SE and Java for Business CVE-2010-3556 Remote 2D Vulnerability
http://www.securityfocus.com/bid/43971

Oracle Java SE and Java for Business CVE-2010-3554 Remote CORBA Vulnerability
http://www.securityfocus.com/bid/43994

Oracle Java SE and Java for Business CVE-2010-3555 Remote ActiveX Plug-in Vulnerability
http://www.securityfocus.com/bid/44038

Oracle Java SE and Java for Business CVE-2010-3553 Remote Swing Vulnerability
http://www.securityfocus.com/bid/44035

Oracle Java SE and Java for Business CVE-2010-3552 Remote New Java Plug-in Vulnerability
http://www.securityfocus.com/bid/44023

Oracle Java SE and Java for Business CVE-2010-3551 Remote Networking Vulnerability
http://www.securityfocus.com/bid/44009

Oracle Java SE and Java for Business CVE-2010-3549 HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/44027

Oracle Java SE and Java for Business CVE-2010-3550 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/44040

Cisco IOS 'ethernet-lldp' Component Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50377

MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/40235

Oracle Java SE and Java for Business CVE-2010-3548 Remote JNDI Vulnerability
http://www.securityfocus.com/bid/44017

Oracle Java SE and Java for Business CVE-2010-4472 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46404

Oracle Java SE and Java for Business CVE-2010-4470 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46387

Oracle Java SE and Java for Business CVE-2010-4471 Remote Security Vulnerability
http://www.securityfocus.com/bid/46399

Oracle Java SE and Java for Business CVE-2010-4474 Remote Java DB Vulnerability
http://www.securityfocus.com/bid/46407

Oracle Java SE and Java for Business CVE-2010-4467 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46395

Oracle Java SE and Java for Business CVE-2010-4422 Remote Vulnerability
http://www.securityfocus.com/bid/46402

Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46388

Oracle Java SE and Java for Business Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46386

Oracle Java SE and Java for Business CVE-2010-4451 Vulnerability
http://www.securityfocus.com/bid/46405

Oracle Java Floating-Point Value Denial of Service Vulnerability
http://www.securityfocus.com/bid/46091

Oracle Java SE and Java for Business CVE-2010-4473 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46403

Oracle Java SE and Java for Business CVE-2010-4475 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46410

Oracle Java SE and Java for Business CVE-2010-4468 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46393

Cisco IOS dot1x Port Handling Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/50375

Oracle Java SE and Java for Business CVE-2010-4450 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46397

Oracle Java SE and Java for Business Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46394

Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/46406

Oracle Java SE and Java for Business CVE-2010-4448 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46398

Oracle Java SE and Java for Business CVE-2010-4447 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/46409

Linux Kernel 'CIFSFindNext()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/49295

Linux Kernel EFI Partition Denial of Service Vulnerability
http://www.securityfocus.com/bid/47343

Linux Kernel CIFS Mount Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/49626

Linux Kernel Auerswald USB Device Driver Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/48687

Oracle Java SE and Java for Business CVE-2011-0815 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/48143

Oracle Java SE and Java for Business ICC Profile Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/48137

Oracle Java SE and Java for Business CVE-2011-0865 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/48147

Oracle Java SE and Java for Business CVE-2011-0873 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/48148

Oracle Java SE and Java for Business CVE-2011-0867 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48144

Oracle Java SE and Java for Business CVE-2011-0814 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/48145

Linux Kernel EFI Partition Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47796

X.Org X11 File Read Permission Information Disclosure Vulnerability
http://www.securityfocus.com/bid/50196

ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/48566

Multiple Browser Wild Card Certificate Spoofing Vulnerability
http://www.securityfocus.com/bid/42817

libuser 'luseradd' Default Password Security Bypass Vulnerability
http://www.securityfocus.com/bid/45791

SBLIM-SFCB Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/40475

OpenSSL Ciphersuite Downgrade Security Weakness
http://www.securityfocus.com/bid/45164

OpenSSL Ciphersuite Modification Allows Disabled Cipher Security Bypass Vulnerability
http://www.securityfocus.com/bid/45254

Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/36377

Plici Search 'p48-search.html' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50428

SjXjV 'post.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/50426

D-Link DIR-300 Unspecified Remote Code Execution and Remote File Disclosure Vulnerabilities
http://www.securityfocus.com/bid/50424

simpleSAMLphp Multiple Remote Security Vulnerabilities
http://www.securityfocus.com/bid/50423

Joomla! Techfolio Component 'catid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/50422

Opera Web Browser Escape Sequence Stack Buffer Overflow Denial of Service Vulnerability
http://www.securityfocus.com/bid/50421

eFront 'professor.php' Script Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/50419

Empathy 'nickname' Field 'me-type' Event Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50418

Linux Kernel Network Bridge NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/50417

Tor Directory Remote Information Disclosure Vulnerability Bridge Enumeration Weaknesses
http://www.securityfocus.com/bid/50414

FFFTP Insecure Excutable File Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/50412

Touhou Hisouten Unspecified Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50411

IBM Lotus Sametime Configuration Servlet Authentication Security Bypass Vulnerability
http://www.securityfocus.com/bid/50410

bzexe '/tmp/$prog' Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/50409

Serendipity Karma Plugin Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50408

BackupPC 'index.cgi' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50406

D-Link Multiple Products Unspecified Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50405

0 件のコメント:

コメントを投稿