2011年データ侵害の過半数は“ハクティビスト”の仕業---Verizonの調査
http://itpro.nikkeibp.co.jp/article/NEWS/20120323/387721/?ST=security
JVNVU#194833 Apache Traffic Server にバッファオーバーフローの脆弱
http://jvn.jp/cert/JVNVU194833/index.html
JVNVU#743555 AtMail に複数の脆弱性
http://jvn.jp/cert/JVNVU743555/index.html
+ cURL 7.25.0 released
http://curl.haxx.se/changes.html#7_25_0
+ GCC 4.7.0 released
http://gcc.gnu.org/gcc-4.7/
http://gcc.gnu.org/gcc-4.7/changes.html
+ MySQL 5.0.96, 5.1.62, 5.5.22 released
http://dev.mysql.com/doc/refman/5.0/en/news-5-0-96.html
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-62.html
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-22.html
[ANNOUNCE] phpPgAdmin 5.0.4 released !
http://phppgadmin.sourceforge.net/doku.php?id=download
[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256
http://trafficserver.apache.org/downloads
https://www.cert.fi/en/reports/2012/vulnerability612884.html
UPDATE: Cisco Identity Services Engine Database Default Credentials Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110920-ise
RHSA-2012:0410 Important: raptor security update
http://rhn.redhat.com/errata/RHSA-2012-0410.html
CVE-2012-0037: OpenOffice.org data leakage vulnerability
http://www.openoffice.org/security/cves/CVE-2012-0037.html
DOVECOT: Red Hat/CentOS users
http://www.dovecot.org/
JVNDB-2012-001849 GoLismero の libs/updater.py における任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001849.html
JVNDB-2012-001848 as31 におけるファイルを生成または削除される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001848.html
JVNDB-2012-001847 Apache HTTP Server の mod_fcgid モジュールにおけるサービス運用妨害 (メモリ消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001847.html
JVNDB-2011-003766 WordPress 用 Video Embed & Thumbnail Generator プラグインにおけるインストールパスを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003766.html
JVNDB-2011-003765 WordPress 用 Video Embed & Thumbnail Generator プラグインにおける任意のコマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003765.html
JVNDB-2012-001846 MyJobList における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001846.html
JVNDB-2012-001845 Tiny Server におけるサービス運用妨害 (クラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001845.html
JVNDB-2012-001844 Webgrind における絶対パストラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001844.html
JVNDB-2012-001843 IDevSpot idev-BusinessDirectory におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001843.html
JVNDB-2012-001842 CreateVision CMS の artykul_print.php における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001842.html
JVNDB-2012-001841 Webfolio CMS におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001841.html
JVNDB-2012-001840 NetMechanica NetDecision の Traffic Grapher Server におけるソースコードを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001840.html
JVNDB-2012-001839 NetMechanica NetDecision の HTTP Server におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001839.html
JVNDB-2012-001838 NetMechanica NetDecision の Dashboard Server におけるインストールパスを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001838.html
JVNDB-2012-001837 Contao の main.php におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001837.html
JVNDB-2012-001836 Kongreg8 におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001836.html
JVNDB-2012-001835 Dotclear の inc/swf/swfupload.swf における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001835.html
JVNDB-2012-001834 WonderDesk SQL の wonderdesk.cgi におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001834.html
JVNDB-2012-001833 WordPress 用 s2Member Pro プラグインにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001833.html
JVNDB-2012-001832 Bitweaver の wiki/rankings.php におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001832.html
JVNDB-2012-001831 Webglimpse の wgarcmin.cgi におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001831.html
JVNDB-2012-001830 WebGlimpse の wgarcmin.cgi におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001830.html
JVNDB-2012-001829 WebGlimpse の wgarcmin.cgi におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001829.html
JVNDB-2012-001828 WebGlimpse の wgarcmin.cgi におけるインストールパスを取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001828.html
JVNDB-2012-001827 OSQA の questions/ask におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001827.html
JVNDB-2012-001826 Dotclear におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001826.html
JVNDB-2012-001825 OxWall におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001825.html
JVNDB-2012-001824 SocialCMS の ajax/commentajax.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001824.html
JVNDB-2012-001823 SocialCMS の search.php における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001823.html
JVNDB-2012-001760 (JVNTA12-073A) Microsoft Windows のリモートデスクトッププロトコルの実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001760.html
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00109.html
CA20120320-01: Security Notice for CA ARCserve Backup
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-03/msg00108.html
OpenOffice.org XML External Entity Processing Lets Remote Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1026837
VU#743555 AtMail webmail interface contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/743555
WordPress ALO EasyMail Newsletter Plugin Multiple Unspecified Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/48482/
SUSE update for osc
http://secunia.com/advisories/48477/
OpenOffice.org ODF Document XML External Entity Processing Information Disclosure Vulnerability
http://secunia.com/advisories/48494/
phplist "num" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48491/
Ubuntu update for thunderbird
http://secunia.com/advisories/48513/
Debian update for icedove
http://secunia.com/advisories/48483/
Drupal Wishlist Module "wl_reveal" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48486/
Atheme "myuser_delete()" Certificate Fingerprint Handling Vulnerability
http://secunia.com/advisories/48481/
WordPress Carousel Slideshow Plugin Unspecified Vulnerabilities
http://secunia.com/advisories/48470/
WordPress Blaze Slideshow Plugin Unspecified Vulnerabilities
http://secunia.com/advisories/48472/
Public Knowledge Project Open Conference Systems Multiple Vulnerabilities
http://secunia.com/advisories/48467/
Public Knowledge Project Open Journal Systems Multiple Vulnerabilities
http://secunia.com/advisories/48464/
Public Knowledge Project Open Journal Systems "authors[][url]" Script Insertion Vulnerability
http://secunia.com/advisories/48449/
IBM AIX OpenSSL Multiple Vulnerabilities
http://secunia.com/advisories/48528/
Blue Coat PacketShaper and PolicyCenter OpenSSL Ciphersuite Downgrade Vulnerability
http://secunia.com/advisories/48517/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/48512/
REMOTE: MS10-002 Internet Explorer Object Memory Use-After-Free
http://www.exploit-db.com/exploits/18642
REMOTE: Google Talk gtalk:// Deprecated Uri Handler Parameter Injection Vulnerability
http://www.exploit-db.com/exploits/18640
DoS/PoC: Ricoh DC Software DL-10 FTP Server (SR10.exe) <= 1.1.0.6 Remote Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/18643
DoS/PoC: Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability
http://www.exploit-db.com/exploits/18641
Raptor XML External Entity Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52681
libpng 'png_inflate()' Function Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52453
IBM WebSphere Portal Search Center Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/47954
Real Networks RealPlayer Versions Prior to 15.0.0 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/50741
OpenSSL Ciphersuite Downgrade Security Weakness
http://www.securityfocus.com/bid/45164
phpMoneyBooks 'index.php' Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/52532
Real Networks RealPlayer 'coded_frame_size' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51889
Real Networks RealPlayer 'VIDOBJ_START_CODE' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51885
Adobe Flash Player CVE-2012-0754 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52034
RETIRED: Joomla! 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/52549
Joomla! 'redirect.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/52312
Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52235
Dell Webcam Center 'CrazyTalk4Native.dll' ActiveX Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/52560
Microsoft Internet Explorer Cloned DOM Object Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/37894
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0458 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52460
Mozilla Firefox/Thunderbird/SeaMonkey HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/52463
Mozilla Firefox/Thunderbird/SeaMonkey 'array.join' CVE-2012-0464 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52465
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0456 SVG Filters Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52461
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0461 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52464
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0457 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52459
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0462 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52467
Mozilla Firefox, Thunderbird, and SeaMonkey Drag and Drop Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52458
Mozilla Firefox/SeaMonkey/Thunderbird 'window.fullScreen' Security Bypass Vulnerability
http://www.securityfocus.com/bid/52456
Mozilla Firefox/Thunderbird/SeaMonkey 'cssText' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52457
vBShout 'shoutbox' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/52685
AtMail Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52684
WordPress ALO EasyMail Newsletter Plugin Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/52683
Apache Wicket 'pageMapName' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52680
Apache Wicket Hidden Files Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52679
WordPress Carousel Slideshow Plugin Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/52678
WordPress Blaze Slideshow Plugin Unspecified Security Vulnerability
http://www.securityfocus.com/bid/52677
Cisco Wireless-G PTZ Internet Video Camera WVC200 'PlayerPT.ocx' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52673
Google Talk '/gaiaserver' Parameter Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52669
0 件のコメント:
コメントを投稿