:: IT Security Neophyte Investigator's MEMO ::: 18日水曜日、赤口

2012年4月18日水曜日

18日水曜日、赤口

+ RHSA-2012:0481 Moderate: kernel security, bug fix, and enhancement update
http://rhn.redhat.com/errata/RHSA-2012-0481.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1097

+ RHSA-2012:0480 Important: kernel security, bug fix, and enhancement update
http://rhn.redhat.com/errata/RHSA-2012-0480.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1583

+ Google Chrome 18.0.1025.163 on Mac released
http://googlechromereleases.blogspot.jp/2012/04/stable-channel-update_16.html

+ CVE-2012-0053 Information Disclosure vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0053_information_disclosure

+ CVE-2012-0031 Resource Management Errors vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0031_resource_management

+ CVE-2011-3607 Buffer Overflow vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2011_3607_buffer_overflow

+ CVE-2011-4317 Improper Input Validation vulnerability in Apache HTTP Server
https://blogs.oracle.com/sunsecurity/entry/cve_2011_4317_improper_input

+ CVE-2011-4815 Denial of Service (DoS) vulnerability in Ruby
https://blogs.oracle.com/sunsecurity/entry/cve_2011_4815_denial_of

+ CVE-2011-4362 Denial of Service (DoS) vulnerability in lighttpd
https://blogs.oracle.com/sunsecurity/entry/cve_2011_4362_denial_of

+ CVE-2012-0044 Integer Overflow vulnerability in Graphics drm
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0044_integer_overflow

+ Multiple Denial of Service vulnerabilities in Ghostscript
https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_vulnerabilities7

+ CVE-2011-4028 Information Disclosure vulnerability in X.org
https://blogs.oracle.com/sunsecurity/entry/cve_2011_4028_information_disclosure

+ HPSBMU02766 SSRT100624 rev.1 - HP Onboard Administrator (OA), Remote Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03285138%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ HPSBUX02645 SSRT100387 rev.2 - HP-UX Apache Web Server, Remote Information Disclosure, Cross-Site Scripting (XSS), Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c02752210%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ Oracle Critical Patch Update Advisory - April 2012
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html

+ Zimbra Collaboration Suite Open Source Edition 6.0.16, 7.2.0 released
http://files.zimbra.com/website/docs/Zimbra%20OS%20Release%20Notes%206.0.16.pdf
http://files.zimbra.com/website/docs/7.2/Zimbra_OS_Release_Notes_7.2.0.pdf

+ Linux Kernel 'xfrm6_tunnel_rcv()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1583

+ Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/53046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883

+ Apache HTTP Server 2.4.2 released
http://www.apache.org/dist/httpd/Announcement2.4.html
http://www.apachelounge.com/Changelog-2.4.html

Postgres Enterprise Manager 2.1 is released
http://www.postgresql.org/about/news/1389/

[security bulletin] HPSBOV02762 SSRT100825 rev.1 - HP Secure Web Server (SWS) for OpenVMS runnin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00114.html

[security bulletin] HPSBOV02763 SSRT100826 rev.1 - HP Secure Web Server (SWS) for OpenVMS runnin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00113.html

[security bulletin] HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running o
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00112.html

Fwd: PHP Gift Registry 1.5.5 SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00109.html

個人情報を盗む「the Movie」アプリは29種類、数百万人が被害の恐れ
インストール数は潜在的に30万件、シマンテックが詳細を公表
http://itpro.nikkeibp.co.jp/article/NEWS/20120417/391245/?ST=security

新サイバーセキュリティ法案「CISPA」、プライバシー擁護団体などが抗議行動
http://itpro.nikkeibp.co.jp/article/NEWS/20120417/391122/?ST=security

UPDATE: JVNTA12-101A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-101A/index.html

UPDATE: JVNTA12-101B Adobe 製品における複数の脆弱性
http://jvn.jp/cert/JVNTA12-101B/index.html

Oracle Database Bugs Let Remote Authenticated Users Gain Full Control and Let Remote Users Partial Access and Modify Data and Deny Service
http://www.securitytracker.com/id/1026929

Apache OFBiz Unspecified Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1026928

Apache OFBiz Input Validation Flaws Permit Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1026927

OpenVMS Unspecified Denial of Service Vulnerability
http://secunia.com/advisories/48801/

OpenVMS update for Secure Web Server
http://secunia.com/advisories/48802/

OpenVMS update for Secure Web Server
http://secunia.com/advisories/48841/

IBM Tivoli Directory Server Paged Searches Denial of Service Vulnerability
http://secunia.com/advisories/48872/

DokuWiki "target" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48848/

Munin Insecure Temporary File Creation Security Issue
http://secunia.com/advisories/48859/

Ushahidi Cross-Site Request Forgery and Script Insertion Vulnerabilities
http://secunia.com/advisories/48845/

SocialABC NetworX CMS Security Bypass Vulnerability
http://secunia.com/advisories/48838/

SUSE update for samba
http://secunia.com/advisories/48844/

SUSE update for acroread
http://secunia.com/advisories/48846/

Joomla! Phoca Favicon Component Insecure Directory Permissions Weakness
http://secunia.com/advisories/48806/

WordPress Yahoo Answer WordPress Auto Poster Plugin Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/48862/

Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/50802

HP System Management Homepage CVE-2011-3846 Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/52974

Apache HTTP Server 'mod_proxy' Reverse Proxy Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49957

Apache HTTP Server CVE-2011-3639 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/51869

Oracle Solaris CVE-2012-1684 Local Vulnerability
http://www.securityfocus.com/bid/53138

Oracle GlassFish Enterprise Server CVE-2012-0551 Remote Vulnerability
http://www.securityfocus.com/bid/53136

Oracle Solaris CVE-2012-1681 Local Vulnerability
http://www.securityfocus.com/bid/53135

Oracle SPARC Enterprise M Series Servers CVE-2012-0548 Local Vulnerability
http://www.securityfocus.com/bid/53134

Oracle SPARC Enterprise M Series Servers CVE-2012-1693 Remote vulnerability
http://www.securityfocus.com/bid/53131

Oracle FLEXCUBE Universal Banking CVE-2012-0573 Remote Vulnerability
http://www.securityfocus.com/bid/53129

Oracle Solaris CVE-2012-1698 Remote Vulnerability
http://www.securityfocus.com/bid/53128

Oracle Solaris CVE-2012-1692 Local Vulnerability
http://www.securityfocus.com/bid/53125

Oracle FLEXCUBE Direct Banking CVE-2012-1706 Remote Vulnerability
http://www.securityfocus.com/bid/53116

Oracle FLEXCUBE Universal Banking CVE-2012-0567 Remote Vulnerability
http://www.securityfocus.com/bid/53114

Oracle FLEXCUBE Direct Banking CVE-2012-0576 Remote Vulnerability
http://www.securityfocus.com/bid/53113

Oracle FLEXCUBE Universal Banking CVE-2012-0575 Remote Vulnerability
http://www.securityfocus.com/bid/53111

Oracle FLEXCUBE Universal Banking CVE-2012-0546 Remote Vulnerability
http://www.securityfocus.com/bid/53108

Oracle FLEXCUBE Direct Banking CVE-2012-1707 Remote Vulnerability
http://www.securityfocus.com/bid/53107

Oracle Database Server CVE-2012-1708 Remote Application Express Vulnerability
http://www.securityfocus.com/bid/53104

Oracle FLEXCUBE Universal Bank CVE-2012-0571 Remote Vulnerability
http://www.securityfocus.com/bid/53103

Oracle Database Server CVE-2012-0511 Remote OCI Vulnerability
http://www.securityfocus.com/bid/53101

Oracle Database Server CVE-2012-0552 Remote Oracle Spatial Vulnerability
http://www.securityfocus.com/bid/53097

Oracle Database Server CVE-2012-0527 Remote Enterprise Manager Base Platform Vulnerability
http://www.securityfocus.com/bid/53093

Oracle Database Server CVE-2012-0512 Remote Enterprise Manager Base Platform Vulnerability
http://www.securityfocus.com/bid/53092

Oracle Database Server CVE-2012-0510 Remote Core RDBMS Vulnerability
http://www.securityfocus.com/bid/53090

Oracle Database Server CVE-2012-0528 Remote Enterprise Manager Base Platform Vulnerability
http://www.securityfocus.com/bid/53089

Oracle Outside In Technology CVE-2012-0556 Remote Vulnerability
http://www.securityfocus.com/bid/53087

Oracle Database Server CVE-2012-0526 Remote Enterprise Manager Base Platform Vulnerability
http://www.securityfocus.com/bid/53084

Oracle BI Publisher CVE-2012-0543 Remote Vulnerability
http://www.securityfocus.com/bid/53083

Oracle WebCenter Forms Recognition CVE-2012-1709 Remote Vulnerability
http://www.securityfocus.com/bid/53082

Oracle Database Server CVE-2012-0520 Remote Enterprise Manager Base Platform Vulnerability
http://www.securityfocus.com/bid/53081

Oracle Identity Manager Connector CVE-2012-0515 Remote Vulnerability
http://www.securityfocus.com/bid/53079

Oracle Supply Chain Products Suite CVE-2012-0549 Remote Oracle AutoVue Office Vulnerability
http://www.securityfocus.com/bid/53077

Oracle Database Server CVE-2012-0534 Remote RDBMS Core Vulnerability
http://www.securityfocus.com/bid/53076

Oracle Database Server CVE-2012-0519 Remote Core RDBMS Vulnerability
http://www.securityfocus.com/bid/53072

Oracle Outside In Technology CVE-2012-0555 Remote Vulnerability
http://www.securityfocus.com/bid/53070

Oracle Outside In Technology CVE-2012-0554 Remote Vulnerability
http://www.securityfocus.com/bid/53069

Oracle E-Business Suite CVE-2012-0542 Remote Oracle iStore Vulnerability
http://www.securityfocus.com/bid/53068

Oracle E-Business Suite CVE-2012-0537 Remote Oracle Application Object Library Vulnerability
http://www.securityfocus.com/bid/53066

Oracle Database Server CVE-2012-0525 Remote Enterprise Manager Base Platform Vulnerability
http://www.securityfocus.com/bid/53063

Oracle WebCenter Forms Recognition CVE-2012-1710 Remote Vulnerability
http://www.securityfocus.com/bid/53062

Oracle Identity Manager CVE-2012-0532 Remote Vulnerability
http://www.securityfocus.com/bid/53060

Oracle E-Business Suite CVE-2012-0535 Remote Oracle Application Object Library Vulnerability
http://www.securityfocus.com/bid/53059

Oracle E-Business Suite CVE-2012-0513 Remote Oracle Application Object Library Vulnerabilty
http://www.securityfocus.com/bid/53055

Oracle Outside In Technology CVE-2012-0557 Remote Vulnerability
http://www.securityfocus.com/bid/53054

Oracle Fusion Middleware CVE-2012-0522 Remote Vulnerability
http://www.securityfocus.com/bid/53053

Apache HTTP Server CVE-2011-3348 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/49616

OpenSSL ECDH Ciphersuites Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/49471

OpenSSL Internal Certificate Verification Routine Security Bypass Vulnerability
http://www.securityfocus.com/bid/49469

Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/49303

cURL/libcURL GSS/Negotiate Feature Spoofing Security Vulnerability
http://www.securityfocus.com/bid/48434

PHP 'socket_connect()' Function Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47950

PHP Prior to 5.3.7 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/49249

PHP CVE-2011-2202 Security Bypass Vulnerability
http://www.securityfocus.com/bid/48259

PHP 'crypt()' Function Security Bypass Vulnerability
http://www.securityfocus.com/bid/49376

PHP 'Zip' Extension 'zip_fread()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/46975

PHP 'OpenSSL' Extension Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/46977

PHP 'Zip' Extension 'stream_get_contents()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/46969

PHP 'Intl' Extension 'NumberFormatter::setSymbol()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/46968

PHP 'phar/phar_object.c' Format String Vulnerability
http://www.securityfocus.com/bid/46854

Apache APR 'apr_fnmatch()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/47820

libxslt 'generate-id()' Function Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47668

OpenSSL OCSP Stapling 'ClientHello' Handshake Message Parsing Security Vulnerability
http://www.securityfocus.com/bid/46264

PHP 'substr_replace()' Use After Free Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46843

PHP Versions Prior to 5.3.7 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49241

PHP 'getSymbol()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/45119

PHP 'open_basedir' Security-Bypass Vulnerability
http://www.securityfocus.com/bid/44723

Apache 'mod_proxy_http' Timeout Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/40827

Apache APR-util 'apr_brigade_split_line()' Denial of Service Vulnerability
http://www.securityfocus.com/bid/43673

Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
http://www.securityfocus.com/bid/42102

PHP 'zend_strtod()' Function Floating-Point Value Denial of Service Vulnerability
http://www.securityfocus.com/bid/45668

cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
http://www.securityfocus.com/bid/33962

cURL/libcURL CURLOPT_ENCODING Option Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/38162

Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/41963

GNU glibc 'nargs' Integer Overflow Security Bypass Vulnerability
http://www.securityfocus.com/bid/52201

GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52668

Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52973

GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52667

Apache Tomcat WAR File Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37944

PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability
http://www.securityfocus.com/bid/44605

PHP 'SplObjectStorage' Unserializer Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/40948

Mozilla Firefox/Thunderbird/SeaMonkey 'shlwapi.dll' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52455

Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016

Oracle Java SE CVE-2012-0498 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52019

Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013

Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194

Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009

Linux Kernel 'Clone()' Function 'CLONE_IO' Flag Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52152

Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274

Linux Kernel CVE-2012-1090 CIFS 'umount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52197

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0462 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52467

Mozilla Firefox/Thunderbird/SeaMonkey HTTP Header Security Bypass Vulnerability
http://www.securityfocus.com/bid/52463

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0458 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52460

Mozilla Firefox/Thunderbird/SeaMonkey 'cssText' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52457

Mozilla Firefox/SeaMonkey/Thunderbird 'window.fullScreen' Security Bypass Vulnerability
http://www.securityfocus.com/bid/52456

Mozilla Firefox, Thunderbird, and SeaMonkey Drag and Drop Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52458

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0456 SVG Filters Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52461

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0461 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52464

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0457 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52459

Mozilla Firefox/Thunderbird/SeaMonkey 'array.join' CVE-2012-0464 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52465

GIMP GIF Image Parsing 'LZWReadByte()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49148

PHP 'shmop_read()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/46786

PHP Exif Extension 'exif_read_data()' Function Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/46365

libzip '_zip_name_locate()' NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46354

PHP 'EXTR_OVERWRITE' Parameter Security-Bypass Vulnerability
http://www.securityfocus.com/bid/46448

PHP Web Form Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51193

PHP GD Extension 'imagepstext()' Function Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45338

PHP Zend Engine (CVE-2010-4697) Use-after-free Heap Corruption Vulnerability
http://www.securityfocus.com/bid/45952

PHP Versions Prior to 5.3.3/5.2.14 Multiple Vulnerabilities
http://www.securityfocus.com/bid/41991

PHP 'ext/imap/php_imap.c' Use After Free Denial of Service Vulnerability
http://www.securityfocus.com/bid/44980

PHP ZipArchive::getArchiveComment() NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/44718

PHP NULL Character Security Bypass Vulnerability
http://www.securityfocus.com/bid/44951

PHP 'php_filter_validate_email()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/43926

Oracle Java Floating-Point Value Denial of Service Vulnerability
http://www.securityfocus.com/bid/46091

Apache Tomcat AJP Protocol Security Bypass Vulnerability
http://www.securityfocus.com/bid/49353

Apache Commons Daemon 'jsvc' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49143

Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48667

Apache Tomcat Authentication Header Realm Name Information Disclosure Vulnerability
http://www.securityfocus.com/bid/39635

Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses
http://www.securityfocus.com/bid/49762

Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48456

Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935

Apache Tomcat Windows Installer Insecure Password Vulnerability
http://www.securityfocus.com/bid/36954

Apache Tomcat Java AJP Connector Invalid Header Denial of Service Vulnerability
http://www.securityfocus.com/bid/35193

Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness
http://www.securityfocus.com/bid/35196

Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37942

Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37945

Linux Kernel 'xfrm6_tunnel_rcv()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53139

Oracle Sun Products Suite CVE-2012-1691 Local Solaris Vulnerability
http://www.securityfocus.com/bid/53137

Oracle Sun Products Suite CVE-2012-0516 Remote Oracle iPlanet Web Server Vulnerability
http://www.securityfocus.com/bid/53133

Oracle Sun Products Suite CVE-2012-0523 Local Oracle Grid Engine Vulnerability
http://www.securityfocus.com/bid/53132

Oracle Sun Products Suite CVE-2012-1683 Local Solaris Vulnerability
http://www.securityfocus.com/bid/53130

Oracle PeopleSoft Enterprise PeopleTools CVE-2012-0524 Local Vulnerability
http://www.securityfocus.com/bid/53127

Oracle Sun Products Suite CVE-2012-1694 Remote Solaris Vulnerability
http://www.securityfocus.com/bid/53126

Oracle PeopleSoft Enterprise Portal CVE-2012-0531 Remote Vulnerability
http://www.securityfocus.com/bid/53124

Oracle Sun Products Suite CVE-2012-0208 Remote Oracle Grid Engine Vulnerability
http://www.securityfocus.com/bid/53123

Oracle Sun Products Suite CVE-2012-0539 Local Solaris Vulnerability
http://www.securityfocus.com/bid/53120

Oracle PeopleSoft Enterprise PeopleTools CVE-2012-0529 Remote Vulnerability
http://www.securityfocus.com/bid/53119

Oracle Sun Products Suite CVE-2012-0550 Remote GlassFish Enterprise Server Vulnerability
http://www.securityfocus.com/bid/53118

Oracle PeopleSoft Enterprise PeopleTools CVE-2012-0561 Remote Vulnerability
http://www.securityfocus.com/bid/53115

Oracle Financial Services CVE-2012-0577 Remote Oracle FLEXCUBE Universal Banking Vulnerability
http://www.securityfocus.com/bid/53112

Oracle PeopleSoft Enterprise SCM CVE-2012-0530 Remote Vulnerability
http://www.securityfocus.com/bid/53110

Oracle Financial Services CVE-2012-0579 Remote Oracle FLEXCUBE Universal Banking Vulnerability
http://www.securityfocus.com/bid/53109

Oracle Financial Services CVE-2012-0544 Remote Oracle FLEXCUBE Universal Banking Vulnerability
http://www.securityfocus.com/bid/53106

Oracle PeopleSoft Enterprise SCM CVE-2012-0559 Remote Vulnerability
http://www.securityfocus.com/bid/53105

Oracle Financial Services CVE-2012-1676 Remote Oracle FLEXCUBE Direct Banking Vulnerability
http://www.securityfocus.com/bid/53102

Oracle Financial Services CVE-2012-0541 Remote Oracle FLEXCUBE Direct Banking Vulnerability
http://www.securityfocus.com/bid/53100

Oracle PeopleSoft Enterprise HRMS CVE-2012-0536 Remote Vulnerability
http://www.securityfocus.com/bid/53099

Oracle Financial Services CVE-2012-1679 Remote Oracle FLEXCUBE Direct Banking Vulnerability
http://www.securityfocus.com/bid/53098

Oracle Financial Services CVE-2012-0509 Remote Oracle FLEXCUBE Direct Banking Vulnerability
http://www.securityfocus.com/bid/53096

Oracle PeopleSoft Enterprise HRMS CVE-2012-0562 Remote Vulnerability
http://www.securityfocus.com/bid/53095

Oracle Financial Services CVE-2012-1704 Remote Oracle FLEXCUBE Direct Banking Vulnerability
http://www.securityfocus.com/bid/53094

Oracle PeopleSoft Enterprise HCM CVE-2012-0521 Remote Vulnerability
http://www.securityfocus.com/bid/53091

Oracle PeopleSoft Enterprise FCSM CVE-2012-0533 Remote Vulnerability
http://www.securityfocus.com/bid/53088

Oracle Supply Chain Products Suite CVE-2012-0566 Remote Oracle Agile Vulnerability
http://www.securityfocus.com/bid/53086

Oracle Supply Chain Products Suite CVE-2012-0580 Remote Oracle Agile PLM for Process Vulnerability
http://www.securityfocus.com/bid/53085

Oracle CRM CVE-2012-0514 Remote Vulnerability
http://www.securityfocus.com/bid/53080

Oracle Supply Chain Products Suite CVE-2012-0565 Remote Oracle Agile Vulnerability
http://www.securityfocus.com/bid/53078

Oracle Supply Chain Products Suite CVE-2012-0581 Remote Oracle Agile Vulnerability
http://www.securityfocus.com/bid/53075

Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53074

Oracle PeopleSoft Enterprise PeopleTools CVE-2012-0560 Remote Vulnerability
http://www.securityfocus.com/bid/53073

Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53071

Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53067

Oracle PeopleSoft Enterprise PeopleTools CVE-2012-0538 Remote Vulnerability
http://www.securityfocus.com/bid/53065

Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53064

Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53061

Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53058

Oracle PeopleSoft Enterprise HRMS CVE-2012-0517 Remote Vulnerability
http://www.securityfocus.com/bid/53057

Oracle Primavera CVE-2012-0558 Remote Primavera P6 Enterprise Project Portfolio Management Vulnerabi
http://www.securityfocus.com/bid/53056

Oracle Industry Applications CVE-2012-1674 Remote Siebel Clinical Vulnerability
http://www.securityfocus.com/bid/53052

Oracle PeopleSoft Enterprise PeopleTools CVE-2012-0564 Remote Vulnerability
http://www.securityfocus.com/bid/53051

Oracle Industry Applications CVE-2012-0582 Remote Siebel Clinical Vulnerability
http://www.securityfocus.com/bid/53050

Acuity CMS 'UserName' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53048

TYPO3 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53047

Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/53046

HP OpenVMS CVE-2012-0134 Unspecified Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53045

DokuWiki 'target' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53041

Joomla! Phoca Favicon Component Insecure Directory Permissions Vulnerability
http://www.securityfocus.com/bid/53040

Joomla! JA T3 Framework Component Directory Traversal Vulnerability
http://www.securityfocus.com/bid/53039

TeamPass 'login' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/53038

:: IT Security Neophyte Investigator's MEMO ::

2012年4月18日水曜日

18日水曜日、赤口

0 件のコメント:

コメントを投稿

2012年4月18日水曜日

18日 水曜日、赤口

0 件のコメント:

コメントを投稿

18日水曜日、赤口