+ RHSA-2012:0136 Important: libvorbis security update
http://rhn.redhat.com/errata/RHSA-2012-0136.html
UPDATE: 2269637: セキュリティで保護されていないライブラリのロードにより、リモートでコードが実行される
http://technet.microsoft.com/ja-jp/security/advisory/2269637
[ANN] Apache Commons Daemon 1.0.9 released
http://commons.apache.org/daemon/download_daemon.cgi
RHSA-2012:0135 Critical: java-1.6.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2012-0135.html
APSB12-02 Security update available for Adobe Shockwave Player
http://www.adobe.com/support/security/bulletins/apsb12-02.html
APSB12-04 Security update available for RoboHelp for Word
http://www.adobe.com/support/security/bulletins/apsb12-04.html
CentOS alert CESA-2012:0125 (glibc)
http://lwn.net/Alerts/481435/
CentOS alert CESA-2012:0126 (glibc)
http://lwn.net/Alerts/481436/
CentOS alert CESA-2012:0127 (mysql)
http://lwn.net/Alerts/481438/
CentOS alert CESA-2012:0128 (httpd)
http://lwn.net/Alerts/481448/
phpMyAdmin 3.4.10 is released
http://sourceforge.net/news/?group_id=23067&id=306177
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.4.10/phpMyAdmin-3.4.10-notes.html/view
Java SE 1.7.0_03 released
http://www.oracle.com/technetwork/java/javase/7u3-relnotes-1481928.html
InterScan Messaging Security Suite 7.1 Windows 版 Patch2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1733
Dovecot 2.1-RC7 released
http://www.dovecot.org/list/dovecot-news/2012-February/000212.html
DDoS対策ASIC搭載の負荷分散装置ミッドレンジモデル、A10ネットワークスが発売
http://itpro.nikkeibp.co.jp/article/NEWS/20120215/381733/?ST=security
JVN#35256978 cforms II におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN35256978/index.html
JVNTA12-045A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-045A/index.html
2012年2月 Microsoft セキュリティ情報 (緊急 4件含) に関する注意喚起
http://www.jpcert.or.jp/at/2012/at120005.html
Mandriva : [MDVSA-2012:018] Mozilla - Thunderbird - Use-After-Free Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37625
Ubuntu Security Notice : [USN-1359-1] Tomcat - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37624
Debian : [DSA-2408-1] php5 - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37626
Mandriva : [MDVSA-2012:017] Firefox - Use-After-Free Issue
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37623
Microsoft : [MS12-008] Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37634
Microsoft : [MS12-010] Cumulative Security Update for Internet Explorer
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37635
Microsoft : [MS12-013] Vulnerability in C Run-Time Library Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37623
Microsoft : [MS12-016] Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execu
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37637
Microsoft : [MS12-009] Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37638
Microsoft : [MS12-011] Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37639
Microsoft : [MS12-012] Vulnerability in Color Control Panel Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37640
Microsoft : [MS12-014] Vulnerability in Indeo Codec Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37641
Microsoft : [MS12-015] Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37642
Netragard : [NETRAGARD-20120201] Sonexis ConferenceManager - Multiple Issues
http://www.criticalwatch.com/support/security-advisories.aspx?AID=37628
YGN Ethical Hacker Group : CubeCart - Open URL Redirection Issue
Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017
Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018
Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012
Oracle Java SE CVE-2012-0502 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52011
Oracle Virtual Desktop Infrastructure (VDI) CVE-2011-3571 Remote Vulnerability
http://www.securityfocus.com/bid/51467
Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009
Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194
Adobe Shockwave Player CVE-2012-0758 DIR File Handling Remote Heap Overflow Vulnerability
http://www.securityfocus.com/bid/52007
Adobe Shockwave Player CVE-2012-0759 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52006
+ マイクロソフト セキュリティ情報 2012 年 2 月のセキュリティ情報
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-feb
+ MS12-008: Windows カーネルモード ドライバーの脆弱性により、リモートでコードが実行される (2660465)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-008
+ MS12-009: Ancillary Function ドライバーの脆弱性により、特権が昇格される (2645640)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-009
+ MS12-010: Internet Explorer 用の累積的なセキュリティ更新プログラム (2647516)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-010
+ MS12-012: カラー コントロール パネルの脆弱性により、リモートでコードが実行される (2643719)
http://technet.microsoft.com/ja-jp/security/bulletin/MS12-012
+ MS12-013: C ランタイム ライブラリの脆弱性により、リモートでコードが実行される (2654428)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-013
+ MS12-014: Indeo コーデックの脆弱性により、リモートでコードが実行される (2661637)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-014
+ MS12-016: .NET Framework および Microsoft Silverlight の脆弱性により、リモートでコードが実行される (2651026)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-016
+ Oracle Java SE Critical Patch Update Advisory - February 2012
http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
http://www.securitytracker.com/id/1026687
+ J2SE 1.6.0_31 released
http://www.oracle.com/technetwork/java/javase/6u31-relnotes-1482342.html
! Microsoft Windows Indeo Filter 'iacenc.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42730
! Microsoft Windows 'Msvcrt.dll' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51913
! Microsoft Windows 'win32k.sys' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51122
! Windows Server 2008 Color Control Panel DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/44157
- MS12-011: Microsoft SharePoint の脆弱性により、特権が昇格される (2663841)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-011
- MS12-015: Microsoft Visio Viewer 2010 の脆弱性により、リモートでコードが実行される (2663510)
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-015
? Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/51407
[ANNOUNCE] PostgreSQL Data Sync 12.2 released
http://www.sqlmaestro.com/products/postgresql/datasync/
「脆弱性対策の標準仕様SCAPの仕組み」セミナー 開催のお知らせ
~MyJVNバージョンチェッカのカスタマイズ入門~
http://www.ipa.go.jp/security/vuln/seminar/lab_semi_scap_2011_4.html
[ MDVSA-2012:019 ] apr
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00072.html
Adobe Shockwave Player and RoboHelp for Word Patches
http://isc.sans.edu/diary.html?storyid=12583
February 2012 Microsoft Black Tuesday
http://isc.sans.edu/diary.html?storyid=12586
Oracle Java SE Multiple Flaws Let Remote Users Execute Arbitrary Code and Deny Service
http://www.securitytracker.com/id/1026687
Microsoft SharePoint Input Validation Flaws Permit Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026686
Microsoft Windows Ancillary Function Driver Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026685
Microsoft Visio Viewer Multiple Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026684
Windows XP Indeo Codec DLL Loading Error Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026683
Windows Color Control Panel DLL Loading Error Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026682
Microsoft Silverlight Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026681
Microsoft .NET Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026680
Windows Kernel Keyboard Layout Use-After-Free Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026679
Windows C Runtime Library Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026678
Microsoft Internet Explorer Bugs Let Remote Users Execute Arbitrary Code and Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1026677
Adobe RoboHelp for Word Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026676
Adobe Shockwave Player Multiple Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026675
Cisco IronPort Encryption Appliance Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026669
Microsoft Internet Explorer Multiple Vulnerabilities
http://secunia.com/advisories/48028/
Microsoft Internet Explorer Copy and Paste Security Bypass Vulnerability
http://secunia.com/advisories/48031/
Microsoft SharePoint Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/48029/
Microsoft .NET Framework / Silverlight Two Vulnerabilities
http://secunia.com/advisories/48030/
Microsoft Windows C Run-Time Library Buffer Overflow Vulnerability
http://secunia.com/advisories/47949/
Microsoft Visio Viewer Multiple Vulnerabilities
http://secunia.com/advisories/47946/
Windows Ancillary Function Driver Two Privilege Escalation Vulnerabilities
http://secunia.com/advisories/47911/
Fork CMS "report" and "error" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/47937/
Semantic MediaWiki Halo Extension "target" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/47968/
IBM Telelogic / Rational License Server License Manager JRE Information Disclosure Vulnerability
http://secunia.com/advisories/47899/
IBM Rational License Key Server JRE Information Disclosure Vulnerability
http://secunia.com/advisories/47929/
Adobe RoboHelp for Word Generated Output Cross-Site Scripting Vulnerability
http://secunia.com/advisories/47936/
Adobe Shockwave Player Multiple Vulnerabilities
http://secunia.com/advisories/47932/
Red Hat update for httpd
http://secunia.com/advisories/47961/
WordPress Relocate Upload Plugin "abspath" File Inclusion Vulnerability
http://secunia.com/advisories/47976/
Ubuntu update for linux-ti-omap4
http://secunia.com/advisories/47974/
Red Hat update for glibc
http://secunia.com/advisories/47962/
Ubuntu update for kernel
http://secunia.com/advisories/48015/
Ubuntu update for kernel
http://secunia.com/advisories/48018/
Python SimpleXMLRPCServer Request Processing Denial of Service Vulnerability
http://secunia.com/advisories/47810/
WordPress s2Member Pro Plugin "Coupon Code" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/47954/
Red Hat update for mysql
http://secunia.com/advisories/47960/
Debian update for php5
http://secunia.com/advisories/47890/
Red Hat update for glibc
http://secunia.com/advisories/47970/
Ubuntu update for firefox
http://secunia.com/advisories/47993/
Ubuntu update for tomcat6
http://secunia.com/advisories/47996/
Mozilla Firefox/Thunderbird/SeaMonkey 'ReadPrototypeBindings()' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51975
RETIRED: Oracle Java SE Critical Patch Update February 2012 Advance Notification
http://www.securityfocus.com/bid/51949
Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194
Oracle Virtual Desktop Infrastructure (VDI) CVE-2011-3571 Remote Vulnerability
http://www.securityfocus.com/bid/51467
Microsoft Windows Indeo Filter 'iacenc.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/42730
Microsoft Windows 'Msvcrt.dll' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51913
GNU glibc Timezone Parsing Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/50898
GNU glibc 'svc_run()' EMFILE Error Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/51439
GNU glibc 'addmntent()' Mount Helper Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/46740
GNU glibc 'ld.so' ELF Header Parsing Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40063
RETIRED: Microsoft February 2012 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/51944
Microsoft Windows 'win32k.sys' Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51122
Windows Server 2008 Color Control Panel DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/44157
Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
http://www.securityfocus.com/bid/51520
Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
http://www.securityfocus.com/bid/51502
Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
http://www.securityfocus.com/bid/51505
Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
http://www.securityfocus.com/bid/51515
Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
http://www.securityfocus.com/bid/51524
Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51526
Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
http://www.securityfocus.com/bid/51509
Apache APR Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51917
Oracle Java SE CVE-2011-3547 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50243
phpLDAPadmin 'base' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51793
PHP Web Form Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51193
PHP 'php_register_variable_ex()' Function Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/51830
Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51706
'glibc' Library 'locale/programs/locale.c' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/47370
GNU glibc 'fnmatch()' Function Stack Corruption Vulnerability
http://www.securityfocus.com/bid/46563
WordPress Relocate Upload Plugin 'abspath' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/49693
Cyberoam Central Console 'file' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/51901
IBM Cognos TM1 Executive Viewer Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51905
eFront 'administrator.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51894
Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50322
Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/50802
Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/50494
Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/51407
Apache HTTP Server CVE-2012-0021 mod_log_config Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51705
Oracle Java SE CVE-2012-0504 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52020
Oracle Java SE CVE-2012-0498 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52019
Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018
Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017
Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016
Oracle Java SE CVE-2012-0500 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52015
Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012
Oracle Java SE CVE-2012-0502 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52011
Oracle JavaFX CVE-2012-0508 Remote Vulnerability
http://www.securityfocus.com/bid/52010
Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009
Adobe RoboHelp CVE-2012-0765 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52008
Adobe Shockwave Player CVE-2012-0758 Remote Heap Overflow Vulnerability
http://www.securityfocus.com/bid/52007
Adobe Shockwave Player CVE-2012-0759 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52006
Adobe Shockwave Player CVE-2012-0766 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52005
Adobe Shockwave Player CVE-2012-0764 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52004
Adobe Shockwave Player CVE-2012-0763 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52003
Adobe Shockwave Player CVE-2012-0762 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52002
Adobe Shockwave Player CVE-2012-0761 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52001
Adobe Shockwave Player CVE-2012-0760 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52000
Adobe Shockwave Player CVE-2012-0757 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51999
WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/51997
Python SimpleXMLRPCServer Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51996
Sonexis ConferenceManager Multiple Information Disclosure and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/51994
Microsoft Silverlight & .NET Framework Heap Corruption Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51940
Microsoft Silverlight & .NET Framework Unmanaged Objects Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51938
Microsoft SharePoint 'wizardlist.aspx' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51937
Microsoft Windows Ancillary Function Driver CVE-2012-0149 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51936
Microsoft Internet Explorer CVE-2012-0155 VML Handling Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51935
Microsoft SharePoint 'themeweb.aspx' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51934
Microsoft Internet Explorer CVE-2012-0011 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51933
Microsoft Internet Explorer Null Byte Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51932
Microsoft Internet Explorer CVE-2012-0010 Cross Domain Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51931
Microsoft Windows Ancillary Function Driver CVE-2012-0148 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51930
Microsoft SharePoint 'inplview.aspx' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51928
Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51920
Microsoft Visio Viewer VSD File Format CVE-2012-0138 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51908
Microsoft Visio Viewer VSD File Format CVE-2012-0137 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51907
Microsoft Visio Viewer VSD File Format CVE-2012-0136 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51906
Microsoft Visio Viewer VSD File Format CVE-2012-0020 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51904
Microsoft Visio Viewer VSD File Format CVE-2012-0019 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51903
0 件のコメント:
コメントを投稿