:: IT Security Neophyte Investigator's MEMO ::: 25日水曜日、先勝

2012年4月25日水曜日

25日水曜日、先勝

+ RHSA-2012:0516 Critical: thunderbird security update
http://rhn.redhat.com/errata/RHSA-2012-0516.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0479

+ RHSA-2012:0515 Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2012-0515.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0479

+ RHSA-2012:0518 Important: openssl security update
http://rhn.redhat.com/errata/RHSA-2012-0518.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110

+ Mozilla Firefox 12 released
http://mozilla.jp/firefox/download/all/

+ Mozilla Thunderbird 12 released
http://mozilla.jp/thunderbird/download/all/

+ Postfix 2.6.15, 2.7.9, 2.8.10, 2.9.1 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.15.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.7.9.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.8.10.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.9.2.HISTORY

+ Sudo 1.8.5rc3 released
http://www.sudo.ws/sudo/devel.html#1.8.5rc3

+ OpenSSL CVE-2012-2131 Encoded ASN.1 Data Incomplete Fix Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131

+ Linux Kernel Hugepages CVE-2012-2133 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2133

MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds
http://www.mozilla.org/security/announce/2012/mfsa2012-33.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0479

MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors
http://www.mozilla.org/security/announce/2012/mfsa2012-32.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1187

MFSA 2012-31 Off-by-one error in OpenType Sanitizer
http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3062

MFSA 2012-30 Crash with WebGL content using textImage2D
http://www.mozilla.org/security/announce/2012/mfsa2012-30.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0478

MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
http://www.mozilla.org/security/announce/2012/mfsa2012-29.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0477

MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
http://www.mozilla.org/security/announce/2012/mfsa2012-28.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0475

MFSA 2012-27 Page load short-circuit can lead to XSS
http://www.mozilla.org/security/announce/2012/mfsa2012-27.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0474

MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error
http://www.mozilla.org/security/announce/2012/mfsa2012-26.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0473

MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite
http://www.mozilla.org/security/announce/2012/mfsa2012-25.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0472

MFSA 2012-24 Potential XSS via multibyte content processing errors
http://www.mozilla.org/security/announce/2012/mfsa2012-24.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0471

MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface
http://www.mozilla.org/security/announce/2012/mfsa2012-23.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0470

MFSA 2012-22 use-after-free in IDBKeyRange
http://www.mozilla.org/security/announce/2012/mfsa2012-22.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0469

MFSA 2012-21 Multiple security flaws fixed in FreeType v2.4.9
http://www.mozilla.org/security/announce/2012/mfsa2012-21.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144

MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)
http://www.mozilla.org/security/announce/2012/mfsa2012-20.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0467

CentOS alert CESA-2012:0509 (wireshark)
http://lwn.net/Alerts/494141/

phpMyAdmin 3.5.1-rc1 released
http://sourceforge.net/news/?group_id=23067&id=307432

Announcing phpMyAdmin's GSoC 2012 projects
http://sourceforge.net/news/?group_id=23067&id=307427

InterScan for Lotus Domino 3.0 及び 3.1 におけるウイルスパターンファイルリリースの遅延について
http://www.trendmicro.co.jp/support/news.asp?id=1773

PHP Ticket System Beta 1 p SQL Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00189.html

[ MDVSA-2012:064 ] openssl0.9.8
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00184.html

New IETF I-D: Security Implications of IPv6 on IPv4 networks
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00187.html

[security bulletin] HPSBUX02768 SSRT100664 rev.1 - CIFS Server (Samba), Remote Cross Site Reques
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00186.html

RuggedCom - Backdoor Accounts in my SCADA network? You dont say...
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00185.html

プレス発表
複数のジャストシステム製品におけるセキュリティ上の弱点（脆弱性）の注意喚起
http://www.ipa.go.jp/about/press/20120424.html

サイバーセキュリティ注意喚起サービス「icat」の公開
http://www.ipa.go.jp/security/vuln/icat.html

IPA テクニカルウォッチ
「クラウドコンピューティングのセキュリティその意味と社会的重要性の考察」レポート
http://www.ipa.go.jp/about/technicalwatch/20120424.html

トレンドマイクロ、標的型攻撃の実態をレポートで可視化する監視機器を発表
http://itpro.nikkeibp.co.jp/article/NEWS/20120424/393036/?ST=security

JVN#09619876 複数のジャストシステム製品におけるバッファオーバーフローの脆弱性
http://jvn.jp/jp/JVN09619876/index.html

JVN#95378720 複数のジャストシステム製品における DLL 読み込みに関する脆弱性
http://jvn.jp/jp/JVN95378720/index.html

JVNDB-2012-002125 Gallery における暗号化の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002125.html

JVNDB-2012-002124 Cumin におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002124.html

JVNDB-2012-002123 Gallery の管理サブシステムにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002123.html

JVNDB-2012-002122 NVIDIA UNIX ドライバにおける任意のメモリ領域にアクセスされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002122.html

JVNDB-2012-002121 IBM Tivoli Directory Server におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002121.html

JVNDB-2012-002120 IBM Tivoli Directory Server の Web Admin Tool におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002120.html

JVNDB-2012-002119 IBM Tivoli Directory Server の TLS のデフォルト設定における非暗号化通信を誘発される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002119.html

JVNDB-2012-002118 IBM Rational ClearQuest の Ole API におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002118.html

JVNDB-2012-002117 Debian GNU/Linux 上で稼働する apache2 におけるクロスサイトスクリプティング (XSS) 攻撃を誘発される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002117.html

JVNDB-2012-002116 TeamPass の sources/users.queries.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002116.html

JVNDB-2012-002115 WordPress の wp-comments-post.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002115.html

JVNDB-2012-002114 WordPress の wp-includes/formatting.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002114.html

JVNDB-2012-002113 WordPress の wp-admin/plugins.php におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002113.html

JVNDB-2012-002112 WordPress および他の製品で使用される Plupload における同一生成元ポリシーを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002112.html

JVNDB-2012-002111 WordPress の wp-includes/js/swfobject.js における詳細不明な脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002111.html

JVNDB-2012-002110 WordPress の wp-includes/js/swfupload/swfupload.swf における詳細不明な脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002110.html

JVNDB-2012-000035 (JVN#09619876) 複数のジャストシステム製品におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000035.html

JVNDB-2012-000034 (JVN#95378720) 複数のジャストシステム製品における DLL 読み込みに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000034.html

JVNDB-2012-001903 Windows 上で稼働する CA ARCserve Backup におけるサービス運用妨害 (サービスシャットダウン) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001903.html

JVNDB-2012-002109 ownCloud の files/ajax/download.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002109.html

JVNDB-2012-002108 ownCloud におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002108.html

JVNDB-2012-002107 ownCloud の index.php におけるオープンリダイレクトの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002107.html

JVNDB-2012-002106 ownCloud におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002106.html

JVNDB-2012-002105 PHP Gift Registry の users.php における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002105.html

JVNDB-2012-002104 Windows 7 64-bit プラットフォーム上で稼働する Comodo Internet Security におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002104.html

JVNDB-2012-001629 Adobe Flash Player における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001629.html

JVNDB-2012-002103 EMC Data Protection Advisor の DPA_Utilities ライブラリにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002103.html

JVNDB-2012-002102 EMC Data Protection Advisor におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002102.html

JVNDB-2012-002101 VideoLAN VLC media player におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002101.html

JVNDB-2012-002100 複数のプラットフォーム上で稼働する HP OpenVMS におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002100.html

JVNDB-2012-002099 OpenSSL の asn1_d2i_read_bio 関数におけるバッファオーバーフロー攻撃を誘発される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002099.html

OpenSSL reissues fix for ASN1 BIO vulnerability
http://isc.sans.edu/diary.html?storyid=13042

SPIP Input Validation Flaws Permit Cross-Site Scripting and Other Unspecified Attacks
http://www.securitytracker.com/id/1026970

WebCalendar Access Control and File Inclusion Bugs Let Remote Users Potentially Execute Arbitrary Code
http://www.securitytracker.com/id/1026966

REMOTE: RuggedCom Devices Backdoor Access
http://www.exploit-db.com/exploits/18779

DoS/PoC: .NET Framework EncoderParameter Integer Overflow Vulnerability
http://www.exploit-db.com/exploits/18777

DoS/PoC: BeyondCHM 1.1 Buffer Overflow
http://www.exploit-db.com/exploits/18776

Ubuntu update for linux-ec2 and linux
http://secunia.com/advisories/48914/

vBulletin Multiple Products MAPI Unspecified Vulnerability
http://secunia.com/advisories/48917/

Ubuntu update for mysql
http://secunia.com/advisories/48919/

WebCalendar "pref_THEME" File Inclusion Vulnerability
http://secunia.com/advisories/48906/

SUSE update for cobbler
http://secunia.com/advisories/48926/

SUSE update for SUSE Manager
http://secunia.com/advisories/48953/

Red Hat update for wireshark
http://secunia.com/advisories/48947/

Red Hat update for java-1.5.0-ibm
http://secunia.com/advisories/48948/

Liferay Portal "addUser" Method Security Bypass Vulnerability
http://secunia.com/advisories/43687/

SPIP Unspecified Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/48939/

Exponent CMS "src" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48911/

Exponent CMS Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/48902/

Asterisk Multiple Vulnerabilities
http://secunia.com/advisories/48891/

NET-i viewer ActiveX Controls "BackupToAvi()" Buffer Overflow Vulnerabilities
http://secunia.com/advisories/48966/

NET-i viewer ActiveX Controls "ConnectDDNS()" Code Execution Vulnerabilities
http://secunia.com/advisories/48965/

HP-UX update for CIFS Server
http://secunia.com/advisories/48943/

SUSE update for freetype2
http://secunia.com/advisories/48951/

SUSE update for kernel
http://secunia.com/advisories/48898/

JustSystems Multiple Products Two Vulnerabilities
http://secunia.com/advisories/47363/

Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0474 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53228

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0473 Out of Bounds Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53231

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0477 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53229

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0478 Denial of Service Vulnerability
http://www.securityfocus.com/bid/53227

Mozilla Firefox/Thunderbird/SeaMonkey 'cairo-dwrite' CVE-2012-0472 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53218

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0468 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53221

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-0470 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53225

Mozilla Firefox/SeaMonkey/Thunderbird Site Identity Spoofing Vulnerability
http://www.securityfocus.com/bid/53224

OpenType Sanitizer Off By One Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53222

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0471 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53219

Mozilla Firefox/Thunderbird/SeaMonkey IDBKeyRange Use-After-Free Vulnerability
http://www.securityfocus.com/bid/53220

Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50322

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158

OpenSSL CVE-2012-2131 Encoded ASN.1 Data Incomplete Fix Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53212

Rugged Operating System Backdoor Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/53215

Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
http://www.securityfocus.com/bid/52161

Oracle Java SE CVE-2012-0498 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52019

Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013

Oracle Java SE CVE-2012-0503 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52018

Oracle Java SE CVE-2011-3563 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52012

Oracle Java SE CVE-2012-0499 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52016

Oracle Java SE CVE-2012-0506 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52014

Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011

Oracle Java SE CVE-2012-0497 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52009

Oracle Java SE CVE-2012-0500 Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52015

Oracle GlassFish Server Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51194

Google Chrome Prior to 18.0.1025.142 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52762

Google Chrome prior to 10.0.648.127 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/46785

FreeType Versions Prior to 2.4.9 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/52318

Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166

MacVTap Device Driver Local Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53165

KVM CVE-2012-2121 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53162

Wicd 'SetWirelessProperty()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/52987

libpng 'png_set_text_2()' Function Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52830

Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53074

Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53067

Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
http://www.securityfocus.com/bid/53058

Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274

Linux Kernel KVM CVE-2012-0045 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51389

Linux Kernel CVE-2011-4347 Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/50811

Linux Kernel CVE-2012-1090 CIFS 'umount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52197

Wireshark Buffer Underflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/51710

Wireshark Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/51368

Wireshark 'ERF' data Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52737

Wireshark ERF File Parser Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50486

Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/48066

Wireshark NTLMSSP NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46796

Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability
http://www.securityfocus.com/bid/48506

Wireshark Versions Prior to 1.4.5/1.2.16 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/47392

Wireshark ANSI A MAP Files Denial of Service Vulnerability
http://www.securityfocus.com/bid/49071

Bind DynDB LDAP 'bind-dyndb-ldap' Package Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53236

PHP Ticket 'p' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/53235

Linux Kernel Hugepages CVE-2012-2133 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53233

libsoup SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/53232

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0475 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53230

Multiple vBulletin Products Unspecified Security Vulnerability
http://www.securityfocus.com/bid/53226

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0467 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53223

SPIP Multiple Unspecified Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53216

Multiple JustSystems Products Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/53214

BeyondCHM '.chm' File Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53213

:: IT Security Neophyte Investigator's MEMO ::

2012年4月25日水曜日

25日水曜日、先勝

0 件のコメント:

コメントを投稿

2012年4月25日水曜日

25日 水曜日、先勝

0 件のコメント:

コメントを投稿

25日水曜日、先勝