US-CERT Technical Cyber Security Alert TA12-073A -- Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2012-03/msg00000.html
JVNTA12-073A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-073A/index.html
2012年3月 Microsoft セキュリティ情報 (緊急 1件含) に関する注意喚起
http://www.jpcert.or.jp/at/2012/at120009.html
Dell、ネットワークセキュリティのSonicWALLを買収へ
http://itpro.nikkeibp.co.jp/article/NEWS/20120314/386225/?ST=security
スマートフォン50台をわざと紛失、連絡があったのはわずか半数
48台ではアプリやデータにアクセス、米シマンテックが実験
http://itpro.nikkeibp.co.jp/article/NEWS/20120314/386223/?ST=security
10代が6万ドル獲得:『Chrome』ハッキング・コンテスト (WIRED.jp)
http://itpro.nikkeibp.co.jp/article/NEWS/20120314/386222/?ST=security
日本HPがセキュリティ製品群を拡充、モバイル環境のリスクにも対応
http://itpro.nikkeibp.co.jp/article/NEWS/20120313/386201/?ST=security
インサイトテクノロジー、DB監査ログの保存/検索を強化するソフトを出荷
http://itpro.nikkeibp.co.jp/article/NEWS/20120313/386181/?ST=security
RHSA-2012:0388 Critical: thunderbird security update
http://rhn.redhat.com/errata/RHSA-2012-0388.html
RHSA-2012:0387 Critical: firefox security and bug fix update
http://rhn.redhat.com/errata/RHSA-2012-0387.html
MFSA 2012-19 Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)
http://www.mozilla.org/security/announce/2012/mfsa2012-19.html
MFSA 2012-18 window.fullScreen writeable by untrusted content
http://www.mozilla.org/security/announce/2012/mfsa2012-18.html
MFSA 2012-17 Crash when accessing keyframe cssText after dynamic modification
http://www.mozilla.org/security/announce/2012/mfsa2012-17.html
MFSA 2012-16 Escalation of privilege with Javascript: URL as home page
http://www.mozilla.org/security/announce/2012/mfsa2012-16.html
MFSA 2012-15 XSS with multiple Content Security Policy headers
http://www.mozilla.org/security/announce/2012/mfsa2012-15.html
MFSA 2012-14 SVG issues found with Address Sanitizer
http://www.mozilla.org/security/announce/2012/mfsa2012-14.html
MFSA 2012-13 XSS with Drag and Drop and Javascript: URL
http://www.mozilla.org/security/announce/2012/mfsa2012-13.html
MFSA 2012-12 Use-after-free in shlwapi.dll
http://www.mozilla.org/security/announce/2012/mfsa2012-12.html
APSB12-06 Security update: Hotfix available for ColdFusion
http://www.adobe.com/support/security/bulletins/apsb12-06.html
Firefox 11 is now available
https://developer.mozilla.org/devnews/
+ Sudo 1.8.4p4 released
http://www.sudo.ws/sudo/news.html
http://www.sudo.ws/sudo/stable.html#1.8.4p4
+ Samba 3.5.13 released
http://samba.org/samba/history/samba-3.5.13.html
+ JK-1.2.33 released
http://tomcat.apache.org/connectors-doc/index.html
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html
+ GCC 4.4.7 released
http://gcc.gnu.org/gcc-4.4/
http://gcc.gnu.org/gcc-4.4/changes.html
+ Linux kernel 3.2.11 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.11
+ マイクロソフト 2012 年 2 月のセキュリティ情報
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-Mar
+ MS12-017: DNS サーバーの脆弱性により、サービス拒否が起こる (2647170)
http://technet.microsoft.com/ja-jp/security/bulletin/MS12-017
+ MS12-018: Windows カーネルモード ドライバーの脆弱性により、特権が昇格される (2641653)
http://technet.microsoft.com/ja-jp/security/bulletin/MS12-018
+ MS12-019: 警告 DirectWrite の脆弱性により、サービス拒否が起こる (2665364)
http://technet.microsoft.com/ja-jp/security/bulletin/MS12-019
+ MS12-020: リモート デスクトップの脆弱性により、リモートでコードが実行される (2671387)
- MS12-021: Visual Studio の脆弱性により、特権が昇格される (2651019)
http://technet.microsoft.com/ja-jp/security/bulletin/MS12-021
- MS12-022: Expression Design の脆弱性により、リモートでコードが実行される (2651018)
http://technet.microsoft.com/ja-jp/security/bulletin/MS12-022
- 2269637: セキュリティで保護されていないライブラリのロードにより、リモートでコードが実行される
http://technet.microsoft.com/ja-jp/security/advisory/2269637
- 2647518 ActiveX の Kill Bit 更新プログラムのロールアップ
http://technet.microsoft.com/ja-jp/security/advisory/2647518
- libpng 'png_inflate()' Function Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52453
BIND 9.8.2rc2 released
https://www.isc.org/software/bind/982rc2
BIND 9.7.5rc2 released
https://www.isc.org/software/bind/975rc2
BIND 9.6-ESV-R6rc2 released
https://www.isc.org/software/bind/96-esv-r6rc2
PrivaWall Antivirus Office XML Format Evasion/Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00058.html
Announcing Hackademic CFP
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00057.html
ESA-2012-012: EMC Documentum eRoom Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00056.html
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability [CVE-2012-1417]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00055.html
[security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of S
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00054.html
March 2012 Microsoft Black Tuesday
http://isc.sans.edu/diary.html?storyid=12775
Why We Rated the MS12-020 Issue with RDP "Patch Now"
http://isc.sans.edu/diary.html?storyid=12781
Please transfer this email to your CEO or appropriate person, thanks
http://isc.sans.edu/diary.html?storyid=12778
Citrix XenServer Workload Balancer Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026797
HP Data Protector Express Bugs Let Remote Users Deny Service and Execute Arbitrary Code
http://www.securitytracker.com/id/1026796
EMC Documentum eRoom Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026795
Microsoft DirectWrite Unicode Character Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026794
Windows Kernel PostMessage() Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026793
Microsoft Visual Studio Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026792
Microsoft Expression Design DLL Loading Error Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026791
Windows Remote Desktop Protocol Bugs Let Remote Users Deny Service and Execute Arbitrary Code
http://www.securitytracker.com/id/1026790
Microsoft DNS Server Lets Remote Users Deny Service
http://www.securitytracker.com/id/1026789
Microsoft Visual Studio Insecure Add-In Path Privilege Escalation Vulnerability
http://secunia.com/advisories/48396/
Microsoft Windows DNS Service Resource Record Lookup Denial of Service Vulnerability
http://secunia.com/advisories/48394/
Microsoft Windows Remote Desktop Protocol Two Vulnerabilities
http://secunia.com/advisories/48395/
Microsoft Windows DirectWrite Unicode Parsing Denial of Service
http://secunia.com/advisories/48361/
Microsoft Windows win32k.sys "PostMessage()" Privilege Escalation
http://secunia.com/advisories/47919/
Microsoft Expression Design Insecure Library Loading Vulnerability
http://secunia.com/advisories/48353/
GNU Gnash "GnashImage::size()" Integer Overflow Vulnerability
http://secunia.com/advisories/47183/
OneFileCMS User Redirection Security Bypass Security Issue
http://secunia.com/advisories/48350/
Citrix XenServer Workload Balancing Component Denial of Service Vulnerability
http://secunia.com/advisories/48364/
Holdem Manager Multiple Memory Corruption Vulnerabilities
http://secunia.com/advisories/48339/
twicca for Android Media Upload Security Bypass Security Issue
http://secunia.com/advisories/48363/
Ubuntu update for ldm
http://secunia.com/advisories/48365/
osFileManager Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/48358/
Synology DiskStation Manager "name" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48334/
HP Data Protector Express Unspecified Code Execution Vulnerabilities
http://secunia.com/advisories/48370/
Ubuntu update for mysql
http://secunia.com/advisories/47082/
Debian update for libyaml-libyaml-perl
http://secunia.com/advisories/48344/
Apple Safari Multiple Vulnerabilities
http://secunia.com/advisories/48377/
SUSE update for lightdm
http://secunia.com/advisories/48371/
Microsoft Products Remote Code Execution and Privilege Escalation
http://www.vupen.com/english/ADV-2012-0141.php
HP Data Protector Express Multiple Remote Code Execution Vulnerabilities
http://www.vupen.com/english/ADV-2012-0140.php
RSA SecurID Software Token Converter Buffer Overflow Vulnerability
http://www.vupen.com/english/ADV-2012-0139.php
TIBCO Spotfire URL Processing Information Disclosure Vulnerability
http://www.vupen.com/english/ADV-2012-0138.php
TIBCO ActiveMatrix URL Processing Remote Information Disclosure
http://www.vupen.com/english/ADV-2012-0137.php
TIBCO BusinessEvents URL Processing Remote Information Disclosure
http://www.vupen.com/english/ADV-2012-0136.php
TIBCO ActiveMatrix Information Disclosure and Cross Site Scripting
http://www.vupen.com/english/ADV-2012-0135.php
Google Chrome Plug-in Load and GPU Memory Corruption (Pwnium)
http://www.vupen.com/english/ADV-2012-0134.php
Apple Safari for Mac OS X and Windows Code Execution Vulnerabilities
http://www.vupen.com/english/ADV-2012-0133.php
OpenSSL CMS and S/MIME Decryption Bleichenbacher Attack Weakness
http://www.vupen.com/english/ADV-2012-0132.php
VMware VirtualCenter and ESX Java Code Execution and Security Bypass
http://www.vupen.com/english/ADV-2012-0131.php
VMware vCenter Chargeback Manager Information Disclosure and DoS
http://www.vupen.com/english/ADV-2012-0130.php
RETIRED: Microsoft March 2012 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/52366
Microsoft Remote Desktop Protocol CVE-2012-0002 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52353
libpng 'png_inflate()' Function Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52453
LightDM Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/52452
FriBidi Python binding (pyfribidi) Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52451
UCMobile BloveStorm for Android Unspecified Security Vulnerability
http://www.securityfocus.com/bid/52449
AContact - Advanced Contact for Android Unspecified Security Vulnerability
http://www.securityfocus.com/bid/52448
Redmine Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52447
GNU Gnash 'GnashImage::size()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52446
Pansi SMS for Android Unspecified Security Vulnerability
http://www.securityfocus.com/bid/52444
Citrix XenServer Workload Balancer Component Unspecified Denial of Service Vulnerability
http://www.securityfocus.com/bid/52443
twicca Unspecified Security Bypass Vulnerability
http://www.securityfocus.com/bid/52442
EMC Documentum eRoom Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52441
EMC Documentum eRoom Cookies Session Hijacking Vulnerability
http://www.securityfocus.com/bid/52440
GE Proficy Real-Time Information Portal 'rifsrvd.exe' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/52439
Omnistar Live Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/52438
GE Proficy Historian Data Archiver Service Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52437
Adobe ColdFusion Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52436
GE Proficy Plant Applications Suite Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/52434
PBLang 'u' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/52433
Belkatalog CMS 'lnk' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52432
HP Data Protector Express Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/52431
osFileManager Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/52427
Microsoft Expression 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/52375
Microsoft Windows DNS Server (CVE-2012-0006) Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/52374
Microsoft Remote Desktop Protocol Service CVE-2012-0152 Denial of Service Vulnerability
http://www.securityfocus.com/bid/52354
Microsoft Windows 'DirectWrite' API Denial of Service Vulnerability
http://www.securityfocus.com/bid/52332
Microsoft Visual Studio Add-In Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/52329
Microsoft Windows Kernel 'Win32k.sys' (CVE-2012-0157) Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/52317
0 件のコメント:
コメントを投稿