2012年4月17日火曜日

17日 火曜日、大安


+ MySQL 5.5.23 released
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-23.html

+ Sudo 1.8.5rc2 released
http://www.sudo.ws/sudo/devel.html#1.8.5rc2

+ Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/52931

+ Squid Proxy 'Host' HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/53024

+ McAfee Web Gateway 'Host' HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/53015

UPDATE: Crafted ICMP Messages Can Cause Denial of Service
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20050412-icmp

HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03280632%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

HPSBOV02763 SSRT100826 rev.1 - HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/action.process/public/kb/docDisplay/?javax.portlet.action=true&spf_p.tpst=kbDocDisplay&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.prp_kbDocDisplay=wsrp-interactionState%3DdocId%253Demr_na-c03281867%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.endCacheTok=com.vignette.cachetoken

HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA, Remote Denial of Service (DoS), Unauthorized Access, Privilege Escalation, Unauthorized Disclosure of Information, Unauthorized Modification
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/action.process/public/kb/docDisplay/?javax.portlet.action=true&spf_p.tpst=kbDocDisplay&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.prp_kbDocDisplay=wsrp-interactionState%3DdocId%253Demr_na-c03281831%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.endCacheTok=com.vignette.cachetoken

HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/action.process/public/kb/docDisplay/?javax.portlet.action=true&spf_p.tpst=kbDocDisplay&javax.portlet.begCacheTok=com.vignette.cachetoken&spf_p.prp_kbDocDisplay=wsrp-interactionState%3DdocId%253Demr_na-c03281869%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.endCacheTok=com.vignette.cachetoken

Trend Micro Network VirusWall Enforcer 1500i / 3500i バージョン 3.2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1751

PostGIS 2.0.0 Released
http://www.postgresql.org/about/news/1387/

ミロク情報サービス、エージェント型の情報漏えい対策製品を販売
http://itpro.nikkeibp.co.jp/article/NEWS/20120416/391036/?ST=security

Facebook、新サイバーセキュリティ法案を支持、「個人情報は守り続ける」
http://itpro.nikkeibp.co.jp/article/NEWS/20120416/390971/?ST=security

UPDATE: JVNVU#903934 ハッシュ関数を使用しているウェブアプリケーションにサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU903934/index.html

JVNDB-2012-001018 OpenSSL におけるメモリ二重開放の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001018.html

JVNDB-2012-001017 OpenSSL の DTLS の実装における平文を復元される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001017.html

JVNDB-2011-002805 Mozilla Firefox および Thunderbird における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002805.html

JVNDB-2011-002804 Mozilla Firefox および Thunderbird のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002804.html

JVNDB-2011-002802 Mozilla Firefox および Thunderbird のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002802.html

JVNDB-2011-002801 Mozilla Firefox および Thunderbird のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002801.html

JVNDB-2011-002800 Mozilla Firefox および Thunderbird におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002800.html

JVNDB-2011-002798 Mozilla Firefox および Thunderbird におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002798.html

JVNDB-2012-001077 Apache Tomcat における IP アドレスおよび HTTP ヘッダ情報を意図せず読み取られる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001077.html

JVNDB-2012-002050 Wireshark の lanalyzer_read 関数におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002050.html

JVNDB-2012-002049 Wireshark の wiretap/iptrace.c におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002049.html

JVNDB-2012-002048 Wireshark におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002048.html

JVNDB-2012-002047 Wireshark の reassemble_message 関数におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002047.html

JVNDB-2011-002105 libpng におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002105.html

JVNDB-2012-002046 Wireshark におけるサービス運用妨害 (Null ポインタデリファレンスおよびアプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002046.html

JVNDB-2012-002045 Wireshark の dissect_packet 関数におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002045.html

JVNDB-2011-002111 Samba Web Administration Tool におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002111.html

JVNDB-2011-005038 Certec atvise webMI2ADS の Web サーバにおけるサービス運用妨害 (リソース消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005038.html

JVNDB-2011-003302 ISC DHCP の dhcpd におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003302.html

JVNDB-2011-005037 Certec atvise webMI2ADS の Web サーバにおけるサービス運用妨害 (アプリケーションの終了) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005037.html

JVNDB-2012-002067 Certec atvise webMI2ADS の web サーバにおけるサービス運用妨害 (Null ポインタデリファレンス) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002067.html

JVNDB-2011-003545 FreeBSD の telnetd の libtelnet/encrypt.c におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003545.html

JVNDB-2012-002066 Certec atvise webMI2ADS の Web サーバにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002066.html

JVNDB-2012-002065 MICROSYS PROMOTIC における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002065.html

JVNDB-2011-002110 Samba Web Administration Tool におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002110.html

JVNDB-2012-002067 Certec atvise webMI2ADS の web サーバにおけるサービス運用妨害 (Null ポインタデリファレンス) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002067.html

JVNDB-2012-002066 Certec atvise webMI2ADS の Web サーバにおけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002066.html

JVNDB-2012-002065 MICROSYS PROMOTIC における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002065.html

JVNDB-2012-002038 (JVNTA12-101A) 複数の Microsoft 製品の Office Works ファイル コンバータにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002038.html

JVNDB-2012-002037 (JVNTA12-101A) Microsoft Internet Explorer 6 から 8 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002037.html

JVNDB-2012-002036 (JVNTA12-101A) Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002036.html

JVNDB-2012-002035 (JVNTA12-101A) Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002035.html

JVNDB-2012-002034 (JVNTA12-101A) Microsoft Internet Explorer 9 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002034.html

JVNDB-2012-002033 (JVNTA12-101A) Microsoft Internet Explorer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002033.html

JVNDB-2012-002031 (JVNTA12-101A) 複数の Microsoft 製品の MSCOMCTL.OCX の ActiveX における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002031.html

JVNDB-2012-002030 (JVNTA12-101A) 複数の Microsoft Windows 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002030.html

JVNDB-2012-002029 (JVNTA12-101A) Microsoft Forefront Unified Access Gateway における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002029.html

JVNDB-2012-002028 (JVNTA12-101A) Microsoft Forefront Unified Access Gateway におけるオープンリダイレクトの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002028.html

[ MDVSA-2012:059 ] python-sqlalchemy
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00107.html

ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00108.html

[SECURITY] [DSA 2453-1] gajim security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00106.html

[SECURITY] [DSA 2452-1] apache2 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00105.html

Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00104.html

FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00103.html

[CVE-2012-1622] Apache OFBiz information disclosure vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00102.html

[CVE-2012-1621] Apache OFBiz information disclosure vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00101.html

Passwords^12 : Call for Presentations
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00100.html

[Suspected Spam] Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00099.html

Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00098.html

Mathematica8.0.4 on Linux /tmp/MathLink vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00097.html

Total Quality Machines (productdetail.php) SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00096.html

Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00095.html

[Suspected Spam] K-Meleon Browser v1.5.4 - Denial of Service Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00094.html

APPLE-SA-2012-04-13-1 Flashback malware removal tool
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00093.html

Challenge: What can you do with Funky Directory Names (Part 2)
http://isc.sans.edu/diary.html?storyid=13000

McAfee DAT troubles
http://isc.sans.edu/diary.html?storyid=13003

HP System Management Homepage Bugs Lets Local Users Gain Elevated Privileges and Remote Authenticated Users Deny Service
http://www.securitytracker.com/id/1026925

Debian update for gajim
http://secunia.com/advisories/48794/

Gajim Insecure Temporary File Creation Security Issue
http://secunia.com/advisories/48695/

PacketFence Captive Portal Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48833/

OllyDbg Resource Directory Processing Integer Overflow Vulnerability
http://secunia.com/advisories/48834/

latex2man Insecure Temporary File Security Issue
http://secunia.com/advisories/48860/

Apache OFBiz Cross-Site Scripting and Code Execution Vulnerabilities
http://secunia.com/advisories/48800/

Attachmate Reflection X X.Org xrdb Hostname Command Injection Security Issue
http://secunia.com/advisories/48865/

SUSE update for samba
http://secunia.com/advisories/48873/

SUSE update for samba
http://secunia.com/advisories/48879/

SRWare Iron Multiple Vulnerabilities
http://secunia.com/advisories/48866/

MediaXXX Mobile Video Module "query" SQL Injection Vulnerability
http://secunia.com/advisories/48836/

RealPlayer Enterprise Multiple Vulnerabilities
http://secunia.com/advisories/48868/

IBM 31-bit SDK for z/OS and IBM 64-bit SDK for z/OS Multiple Vulnerabilities
http://secunia.com/advisories/48854/

IP.Board and IP.Gallery Module Multiple Vulnerabilities
http://secunia.com/advisories/48808/

OpenJPEG Gray16 TIFF Image Tile Decoding Vulnerability
http://secunia.com/advisories/48781/

WordPress SH Slideshow Plugin TimThumb "src" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48815/

Pale Moon Multiple Vulnerabilities
http://secunia.com/advisories/48823/

ActiveScriptRuby GRScript18.dll ActiveX Control Ruby Code Execution Vulnerability
http://secunia.com/advisories/48811/

Seditio SF - Quick Ban Plugin Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/48777/

Seditio Chat Plugin Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/48796/

Debian update for puppet
http://secunia.com/advisories/48789/

Ubuntu update for linux-lts-backport-maverick
http://secunia.com/advisories/48799/

Ubuntu update for kernel
http://secunia.com/advisories/48820/

IrfanView FlashPix PlugIn Image Decompression Buffer Overflow
http://secunia.com/advisories/48772/

Ubuntu update for samba
http://secunia.com/advisories/48816/

Debian update for samba
http://secunia.com/advisories/48818/

Dokodemo Rikunabi 2013 Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48813/

VMware Multiple Products Privilege Escalation Security Issue
http://secunia.com/advisories/48782/

nginx ngx_http_mp4_module Module Buffer Overflow Vulnerability
http://secunia.com/advisories/48827/

Red Hat update for Red Hat Enterprise MRG
http://secunia.com/advisories/48829/

Cumin Unspecified Script Insertion Vulnerabilities
http://secunia.com/advisories/48810/

SUSE update for php5
http://secunia.com/advisories/48828/

GnuTLS 'gnutls_session_get_data()' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50609

GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52667

libpng 'png_inflate()' Function Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52453

Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/52931

X.Org xrdb Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/47189

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0456 SVG Filters Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52461

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0461 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52464

Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0457 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52459

Oracle Java SE CVE-2012-0500 Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52015

Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016

Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018

Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013

Oracle Java SE CVE-2012-0498 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52019

Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009

Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194

Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017

Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014

Oracle Java SE Remote Java Runtime Environment Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52161

Google Chrome Prior to 17.0.963.56 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52031

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52049

SQLAlchemy 'limit' and 'offset' Parameters SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/52330

Adobe Acrobat and Reader (CVE-2012-0774) Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52951

Adobe Acrobat and Reader (CVE-2012-0777) Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52950

Adobe Acrobat and Reader (CVE-2012-0775) Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52949

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52973

Samba 'AndX' Request CVE-2012-0870 Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52103

Samba Memory Leak Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51713

Real Networks RealPlayer Versions Prior to 15.0.0 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/50741

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49778

cURL/libcURL Remote Input Validation Vulnerability
http://www.securityfocus.com/bid/51665

Gajim SQL Injection and Code Execution Vulnerabilities
http://www.securityfocus.com/bid/52943

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0458 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52460

Mozilla Firefox, Thunderbird, and SeaMonkey Drag and Drop Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52458

Mozilla Firefox/Thunderbird/SeaMonkey 'array.join' CVE-2012-0464 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52465

V-CMS Multiple Cross Site Scripting Arbitrary File Upload and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/50706

Mozilla Firefox/Thunderbird/SeaMonkey Out of Bounds Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51138

IrfanView FlashPix PlugIn CVE-2012-0278 Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53009

Siche Search 'ssearch.php' Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/53035

OllyDBG Resource Directory Integer Overflow Vulnerability
http://www.securityfocus.com/bid/53033

Joomla! Beatz Plugin Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53030

Fastpath WebChat Multiple Fields Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53029

PacketFence Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53027

Cyberoam UTM Multiple 'file' Local File Include Vulnerabilities
http://www.securityfocus.com/bid/53026

Apache OFBiz Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53025

Squid Proxy 'Host' HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/53024

Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53023

Bioly 'index.php' Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/53018

EmbryoCore CMS SQL Injection and Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53016

McAfee Web Gateway 'Host' HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/53015

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)