Stable Channel Update for Chromebooks
http://googlechromereleases.blogspot.com/2012/02/stable-channel-update-for-chromebooks_24.html
InterScan VirusWall スタンダードエディション 7.0 Windows版 Patch3 ビルド1354 ならびに 6.02 Linux版 Patch4 ビルド7815 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1743
BOMからパトライト社の信号灯を点灯させる
http://www.say-tech.co.jp/support/bom-for-windows/bom-7/index.shtml
プレス発表
IPAと米国NIST、暗号モジュール試験及び認証制度の共同認証で合意
http://www.ipa.go.jp/about/press/20120227.html
Flashback Trojan in the Wild
http://isc.sans.edu/diary.html?date=2012-02-24
+ DBI 1.618 released
http://search.cpan.org/~timb/DBI-1.618/
+ MySQL 5.0.95 released
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-95.html
+ Sun Java Web Start Plugin Command Line Argument Injection (2012)
http://www.exploit-db.com/exploits/18520/
http://www.securityfocus.com/bid/52015/exploit
[ANNOUNCE] Release of Apache MyFaces Extensions CDI 1.0.4
http://s.apache.org/CODI_104
[ANNOUNCE] Apache OFBiz 09.04.02 released
http://ofbiz.apache.org/
PHP 5.4.0 RC8 released
http://www.php.net/archive/2012.php#id-1
「ウイルス対策は8割だがパッチ適用は4割」、国内企業のサーバー事情
IPAがセキュリティ対策状況を調査、1割以上がウイルス感染を経験
http://itpro.nikkeibp.co.jp/article/NEWS/20120227/383084/?ST=security
Dropbear SSH server use-after-free vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00151.html
PHP Gift Registry 1.5.5 SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00150.html
[Onapsis Security Advisory 2012-08] Oracle JD Edwards Security Kernel Information Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00149.html
[Onapsis Security Advisory 2012-07] Oracle JD Edwards SawKernel SET_INI Configuration Modificati
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00148.html
[Onapsis Security Advisory 2012-06] Oracle JD Edwards JDENET Large Packets Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00147.html
[Onapsis Security Advisory 2012-05] Oracle JD Edwards JDENET Multiple Information Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00146.html
[Onapsis Security Advisory 2012-04] Oracle JD Edwards SawKernel GET_INI Information Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00145.html
[Onapsis Security Advisory 2012-03] Oracle JD Edwards SawKernel Arbitrary File Read
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00144.html
[Onapsis Security Advisory 2012-02] Oracle JD Edwards Security Kernel Remote Password Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00143.html
[Onapsis Security Advisory 2012-01] Oracle JD Edwards JDENET Arbitrary File Write
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00142.html
[security bulletin] HPSBMU02739 SSRT100280 rev.2 - HP Data Protector Storage Media Operations (S
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00141.html
[security bulletin] HPSBUX02737 SSRT100747 rev.2 - HP-UX Running OpenSSL, Remote Denial of S
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00140.html
[ MDVSA-2012:022 ] mozilla
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00139.html
[SECURITY] [DSA 2416-1] notmuch security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00138.html
CJWSoft ASPGuest GuestBook edit.asp - SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00137.html
Security advisory for Bugzilla 4.2 and 4.0.5
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00135.html
Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00136.html
YVS Image Gallery Sql injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00134.html
NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00133.html
[SECURITY] [DSA 2417-1] libxml2 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00132.html
TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00131.html
ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Co
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00130.html
ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00129.html
ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00128.html
ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00127.html
ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerabili
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00126.html
ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00125.html
ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00124.html
ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code E
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00123.html
Mobile Mp3 Search Engine HTTP Response Splitting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-02/msg00122.html
JVNDB-2012-001565 UTC Fire & Security Master Clock の管理者パスワードがハードコードされている問題
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001565.html
JVNDB-2011-003692 Samba の smbd 内の process.c におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003692.html
JVNDB-2011-003691 IBM WebSphere Lombardi Edition におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003691.html
IBM AIX ICMP Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026742
The Uploader "username" SQL Injection Vulnerability
http://secunia.com/advisories/48141/
Cisco Small Business SRP520 / SRP540 Series Multiple Vulnerabilities
http://secunia.com/advisories/48129/
ELBA "account group name" SQL Injection Vulnerability
http://secunia.com/advisories/48014/
Ubuntu update for openjdk-6
http://secunia.com/advisories/48144/
TYPO 3 TC BE User Admin Extension Script Insertion Vulnerability
http://secunia.com/advisories/48122/
phpDenora Multiple File Disclosure and SQL Injection Vulnerabilities
http://secunia.com/advisories/48145/
Red Hat update for kernel-rt
http://secunia.com/advisories/48155/
Ubuntu update for puppet
http://secunia.com/advisories/48161/
Puppet Group Privileges Security Issue and K5login Privilege Escalation Vulnerability
http://secunia.com/advisories/48166/
Debian update for notmuch
http://secunia.com/advisories/48156/
PHP Live! Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/48146/
Notmuch Emacs MML Tag Information Disclosure Vulnerability
http://secunia.com/advisories/48139/
Red Hat update for samba
http://secunia.com/advisories/48154/
SUSE update for wireshark
http://secunia.com/advisories/48164/
Samba Any Batched Request Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/48152/
REMOTE: HP Data Protector 6.1 EXEC_CMD Remote Code Execution
http://www.exploit-db.com/exploits/18521
REMOTE: Sun Java Web Start Plugin Command Line Argument Injection (2012)
http://www.exploit-db.com/exploits/18520
DoS/PoC: Tiny HTTP Server <=v1.1.9 Remote Crash PoC
http://www.exploit-db.com/exploits/18524
Changes in DBI 1.618 (svn r15170) 25rd February 2012
http://search.cpan.org/~timb/DBI/Changes#Changes_in_DBI_1.618_(svn_r15170)_25rd_February_2012
Bugzilla "xmlrpc.cgi" Cross-Site Request Forgery Vulnerability
http://www.vupen.com/english/ADV-2012-0111.php
BlackBerry PlayBook Tablet File Sharing Remote Code Execution
http://www.vupen.com/english/ADV-2012-0110.php
Samba smbd AndX Offsets Remote Code Execution Vulnerability
http://www.vupen.com/english/ADV-2012-0109.php
IBM AIX X-Server Render Extension Remote Code Execution Vulnerability
http://www.vupen.com/english/ADV-2012-0108.php
Movable Type Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/52138
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/51281
Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013
Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/51407
Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016
Oracle Java SE CVE-2011-3560 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50236
Oracle Java SE CVE-2011-3557 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50234
Oracle Java SE CVE-2011-3552 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50248
Oracle Java SE CVE-2011-3549 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50223
SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49778
Oracle Java SE CVE-2011-3556 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50231
Oracle Java SE CVE-2011-3548 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50211
Oracle Java SE CVE-2011-3545 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50220
Oracle Java SE CVE-2011-3547 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50243
HP Diagnostics Server 'magentservice.exe' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51398
Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018
Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017
Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014
Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009
Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012
Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194
Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011
Puppet Multiple Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/52158
Todd Miller Sudo 'Sudo_Debug()' Path Resolution Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51719
IBM Lotus Symphony Image Object Integer Overflow Vulnerability
http://www.securityfocus.com/bid/51591
Mozilla Firefox/SeaMonkey/Thunderbird XSLT Stylesheets Denial of Service Vulnerability
http://www.securityfocus.com/bid/51754
Oracle Java SE CVE-2012-0498 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52019
Oracle Java SE CVE-2012-0500 Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52015
libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52049
X.Org X11 Local Privilege Escalation Vulnerability and Memory Leak Vulnerability
http://www.securityfocus.com/bid/50002
UTC Fire & Security GE-MC100-NTP/GPS-ZB Default Credentials Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/52083
Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
http://www.securityfocus.com/bid/51524
Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
http://www.securityfocus.com/bid/51515
Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
http://www.securityfocus.com/bid/51520
Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/51526
Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
http://www.securityfocus.com/bid/51509
Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
http://www.securityfocus.com/bid/51502
Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
http://www.securityfocus.com/bid/51505
IBM WebSphere Lombardi Edition 'Coach' Script HTML Injection Vulnerability
http://www.securityfocus.com/bid/52104
Oracle JDEdwards CVE-2011-2325 Password Disclosure Security Vulnerability
http://www.securityfocus.com/bid/51486
Oracle JD Edwards EnterpriseOne Tools CVE-2011-2317 Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/51456
Oracle JDEdwards CVE-2011-2326 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51482
Orbit Downloader 'Download Failed' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/28541
Oracle JDEdwards EnterpriseOne Tools CVE-2011-2324 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51455
Trend Micro Control Manager 'CmdProcessor.exe' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/50965
Oracle JDEdwards CVE-2011-3514 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/51464
Oracle JDEdwards CVE-2011-3509 Remote File Disclosure Vulnerability
http://www.securityfocus.com/bid/51459
Oracle JDEdwards EnterpriseOne Tools CVE-2011-2321 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51478
Oracle JDEdwards EnterpriseOne Tools CVE-2011-3524 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51468
Multiple Virtualization Applications Intel VT-d chipsets Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/48515
Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50322
Linux Kernel 'xfs_readlink()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/50370
PHP Gift Registry 'users.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/52163
CJWSoft ASPGuest GuestBook 'edit.asp' SQL Injection Vulnerability
http://www.securityfocus.com/bid/52162
Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52159
PHP Live! Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/52157
The Uploader 'username' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52156
Notmuch Emacs Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52155
0 件のコメント:
コメントを投稿