2012年3月27日火曜日

27日 火曜日、友引







+ JK-1.2.35 released
http://tomcat.apache.org/connectors-doc/index.html
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

+- PHP CVE-2012-0789 Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52043

- PHP 'Content-Length' Header Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52704

[ANN] Apache Tomcat Connectors 1.2.35 released
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

PDFCreator 1.3.2 released
http://www.pdfforge.org/

CentOS alert CESA-2012:0411 (openoffice.org)
http://lwn.net/Alerts/488638/

Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120215-nxos

Tomcat Connectors 1.2.35 Released
http://tomcat.apache.org/
http://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html

キヤノンIT、単機能化で価格を下げたHD暗号化ソフトを発売
http://itpro.nikkeibp.co.jp/article/NEWS/20120326/388034/?ST=security

トレンドマイクロ、サーバー数無制限のSSL証明書を顧客向けに提供
http://itpro.nikkeibp.co.jp/article/NEWS/20120326/388003/?ST=security

ベクターに不正アクセス、個人情報26万件が流出の恐れ
クレジットカード情報を含む、補償などについては今後報告
http://itpro.nikkeibp.co.jp/article/NEWS/20120326/387992/?ST=security

米連邦政府の情報システム、グローバルな製品・サービスの採用が新たな脅威に
http://itpro.nikkeibp.co.jp/article/NEWS/20120326/387989/?ST=security

Facebook、雇用者によるパスワード開示強要に法的措置を示唆
http://itpro.nikkeibp.co.jp/article/NEWS/20120326/387986/?ST=security

vBulletin vBDownloads Module "mirrors[]" Script Insertion Vulnerability
http://secunia.com/advisories/48522/

vBulletin vBQuiz Module "quiz_name" Script Insertion Vulnerability
http://secunia.com/advisories/48521/

vBulletin Forumon RPG Module "monster[title]" Script Insertion Vulnerability
http://secunia.com/advisories/48514/

vBulletin vbShout Module Cross-Site Scripting and Script Insertion Vulnerabilities
http://secunia.com/advisories/48519/

vBulletin vbActivity Module "reason" Script Insertion Vulnerabilities
http://secunia.com/advisories/48490/

vBulletin "[URL]" BBCode Script Insertion Vulnerability
http://secunia.com/advisories/48506/

WordPress CMS Tree Page View Plugin "cms_tpv_view" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48510/

SUSE update for openssl
http://secunia.com/advisories/48516/

Hitachi IT Operations Analyzer Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48556/

Hitachi IT Operations Director Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48555/

phpFox static/ajax.php Command Injection Vulnerability
http://secunia.com/advisories/48550/

Pale Moon Multiple Vulnerabilities
http://secunia.com/advisories/48561/

NetFront Life Browser for Android Unspecified Vulnerability
http://secunia.com/advisories/48557/

Apache Traffic Server Host Header Buffer Overflow Vulnerability
http://secunia.com/advisories/48509/

SUSE update for php5
http://secunia.com/advisories/48567/

Red Hat Enterprise Virtualization Manager XML External Entity Processing Lets Remote Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1026848

Hitachi IT Operations Products Unspecified Cross Site Scripting Vulnerability
http://www.vupen.com/english/ADV-2012-0172.php

Quagga OSPF and BGP Handling Remote Buffer Overflow Vulnerabilities
http://www.vupen.com/english/ADV-2012-0170.php

IBM TS3310 Tape Library Pre-configured Default Accounts Vulnerability
http://www.vupen.com/english/ADV-2012-0169.php

REMOTE: UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow
http://www.exploit-db.com/exploits/18666

GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
2012-03-27
http://www.securityfocus.com/bid/52667

systemd 'systemd-logind' Insecure Temporary File Handling Vulnerability
2012-03-27
http://www.securityfocus.com/bid/52538

libpng 'png_inflate()' Function Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52453

Linux Kernel 'iproute' Package Multiple Insecure Temporary File Creation Vulnerabilities
http://www.securityfocus.com/bid/52185

PHP CVE-2012-0789 Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52043

PHP PDORow Object Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51952

PHP 'tidy_diagnose()' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51992

Suhosin Extension Transparent Cookie Encryption Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51574

PHP CVE-2012-0831 'magic_quotes_gpc' Directive Security Bypass Weakness
http://www.securityfocus.com/bid/51954

PHP 'zend_strndup()' Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/51417

Jetty Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51199

RESTEasy JaxB XML Entity References Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51766

RESTEasy XML Entity References Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51748

Google Chrome Prior to 17.0.963.79 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52395

Google Chrome Prior to 17.0.963.78 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52369

Google Chrome Prior to 17.0.963.83 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52674

Google Chrome Prior to 17.0.963.65 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52271

Google Chrome Prior to 13.0.782.215 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49279

Linux Kernel 'net/ipv4/igmp.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/51343

Linux Kernel KVM CVE-2012-0045 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51389

UltraVNC VNCViewer 'ClientConnection.cpp' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/27561

Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/45015

PHP Web Form Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51193

PHP Exif Extension 'exif_read_data()' Function Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46365

PHP Stream Component Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46970

PHP Calendar Extension 'SdnToJulian()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/46967

PHP 'exif_process_IFD_TAG()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/50907

PHP CVE-2011-2202 Security Bypass Vulnerability
http://www.securityfocus.com/bid/48259

PHP 'substr_replace()' Use After Free Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46843

PHP 'exif_process_IFD_TAG()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/50907

PHP CVE-2011-2202 Security Bypass Vulnerability
http://www.securityfocus.com/bid/48259

PHP 'substr_replace()' Use After Free Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46843

PHP Versions Prior to 5.3.7 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49241

Real Networks RealPlayer Versions Prior to 15.0.0 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/50741

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0461 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0457 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52459

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0456 SVG Filters Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52461

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0458 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52460

Mozilla Firefox, Thunderbird, and SeaMonkey Drag and Drop Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52458

Mozilla Firefox/Thunderbird/SeaMonkey 'array.join' CVE-2012-0464 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52465

Mozilla Firefox/Thunderbird/SeaMonkey HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/52463

Mozilla Firefox/Thunderbird/SeaMonkey 'cssText' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52457

Mozilla Firefox/SeaMonkey/Thunderbird 'window.fullScreen' Security Bypass Vulnerability
http://www.securityfocus.com/bid/52456

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0463 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52466

Mozilla Firefox/Thunderbird/SeaMonkey 'shlwapi.dll' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52455

Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52235

FreePBX Multiple Cross Site Scripting and Remote Command Execution Vulnerabilities
http://www.securityfocus.com/bid/52630

Fortigate UTM WAF Appliances Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/51708

GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52668

ioQuake3 Engine Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/52719

FlexNet License Server Manager 'lmgrd' Component Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52718

vBulletin vBshop module HTML Injection Vulnerability
http://www.securityfocus.com/bid/52717

Family Connections 'uid' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52716

vBShout 'Shoutbox Search Archive' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52715

vBShout 'vbshout.php' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52714

vBulletin vBDownloads module 'mirrors[]' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/52713

vBQuiz 'class_profileblock.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/52712

vBulletin vbActivity Pro module 'reason' parameter Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52711

vBulletin '[URL]' BBCode Tag HTML Injection Vulnerability
http://www.securityfocus.com/bid/52709

WordPress CMS Tree Page View Plugin 'cms_tpv_view' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52708

vBulletin Forumon RPG module 'monster[title]' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/52707

Hitachi IT Operations Products Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52705

Real Networks RealPlayer '.mp4' File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52706

PHP 'Content-Length' Header Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52704

RIPS 'file' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/52703

Event Calendar PHP 'cal_year' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52701

0 件のコメント:

コメントを投稿