2012年5月1日火曜日
1日 火曜日、先勝
+ RHSA-2012:0533 Important: samba and samba3x security update
http://rhn.redhat.com/errata/RHSA-2012-0533.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
+ Google Chrome 18.0.1025.168 released
http://googlechromereleases.blogspot.jp/2012/04/stable-channel-update_30.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1521
+ DHCP 4.2.4rc1 released
https://deepthought.isc.org/article/AA-00666
+ HPSBMU02769 SSRT100846 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03298151%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2428
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0611
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1999
+ Oracle Security Alert for CVE-2012-1675
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1675
+ Linux kernel 3.0.30, 3.3.4 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.30
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4
+ Samba 3.6.5, 3.5.15, 3.4.17 released
http://samba.org/samba/history/samba-3.6.5.html
http://samba.org/samba/history/samba-3.5.15.html
http://www.samba.org/samba/history/samba-3.4.17.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
+ Samba CVE-2012-2111 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/53307
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111
VMSA-2012-0008 VMware ESX updates to ESX Service Console
http://www.vmware.com/security/advisories/VMSA-2012-0008.html
HS12-013: COBOL GUIオプション開発環境製品におけるセキュリティ問題
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-013/index.html
MySQL 5.1.64 (Not yet released)
http://dev.mysql.com/doc/refman/5.1/en/news-5-1-64.html
「情報セキュリティ人材の育成に関する基礎調査」報告書について
~日本の情報セキュリティ人材不足が明らかに~
http://www.ipa.go.jp/security/fy23/reports/jinzai/index.html
JVNDB-2012-002166 Intuit QuickBooks の intu-help-qb ハンドラにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002166.html
JVNDB-2012-002165 Intuit QuickBooks の intu-help-qb ハンドラにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002165.html
JVNDB-2012-002164 Intuit QuickBooks の intu-help-qb ハンドラにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002164.html
JVNDB-2012-002163 Intuit QuickBooks におけるパス名の情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002163.html
JVNDB-2012-002162 Intuit QuickBooks の intu-help-qb ハンドラにおける絶対パストラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002162.html
JVNDB-2012-002161 Intuit QuickBooks の intu-help-qb ハンドラにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002161.html
JVNDB-2012-002160 Intuit QuickBooks の intu-help-qb ハンドラにおけるサービス運用妨害 (メモリ破損) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002160.html
JVNDB-2012-002159 Intuit QuickBooks の intu-help-qb ハンドラにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002159.html
JVNDB-2005-000867 Perl モジュール Net::SSLeay.pm の entropy ソースの扱いに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000867.html
JVNDB-2012-001258 Apache HTTP Server の protocol.c における HTTPOnly cookies の値を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001258.html
JVNDB-2011-003172 Apache HTTP Server の mod_proxy モジュールにおけるイントラネットサーバにリクエストを送信される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003172.html
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00232.html
NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00231.html
NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalatio
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00230.html
NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00229.html
NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as S
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00228.html
NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management U
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00227.html
NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00226.html
NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00225.html
Pritlog v0.821 CMS - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00224.html
Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00223.html
OWASP 2012 Online Competition with Hacking-Lab
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00222.html
[SECURITY] [DSA 2462-1] imagemagick security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00218.html
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00221.html
Opial CMS v2.0 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00220.html
PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00219.html
[ MDVSA-2012:066 ] mozilla
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00209.html
[ MDVSA-2012:065 ] php
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00217.html
VMSA-2012-0008 VMware ESX updates to ESX Service Console
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00216.html
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00215.html
Car Portal CMS v3.0 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00214.html
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00213.html
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00212.html
[security bulletin] HPSBPV02754 SSRT100803 rev.2 - HP ProCurve 5400 zl Switch, Compact flash car
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00210.html
[SECURITY] [DSA 2461-1] spip security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-04/msg00211.html
An Impromptu Lesson on Passwords ..
http://isc.sans.edu/diary.html?storyid=13084
FCC posts Enquiry Documents on Google Wardriving
http://isc.sans.edu/diary.html?storyid=13087
Patch for Oracle TNS Listener issue released !
http://isc.sans.edu/diary.html?storyid=13093
Who's tracking phone calls that target your computer? Stay Tuned to the ISC
http://isc.sans.edu/diary.html?storyid=13081
Critical Unpatched Oracle Vulnerability
http://isc.sans.edu/diary.html?storyid=13069
ISC Feature of the Week: Handler Created Tools
http://isc.sans.edu/diary.html?storyid=13078
Samba Local Security Authority Bug Lets Remote Authenticated Users Gain Elevated Privileges
http://www.securitytracker.com/id/1026988
HP Systems Insight Manager Multiple Flaws Let Remote Users Gain Access and Local Users Obtain Information
http://www.securitytracker.com/id/1026987
Opial Script Insertion and SQL Injection Vulnerabilities
http://secunia.com/advisories/48982/
Axous "id" SQL Injection Vulnerability
http://secunia.com/advisories/48989/
OpenStack Compute (Nova) iptables Resource Exhaustion Denial of Service Vulnerability
http://secunia.com/advisories/49034/
Debian update for imagemagick
http://secunia.com/advisories/48974/
SKYUC "encode" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49006/
IBM OS/400 HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness
http://secunia.com/advisories/49028/
Ubuntu update for firefox
http://secunia.com/advisories/49047/
SUSE update for MozillaFirefox, MozillaThunderbird, seamonkey, and xulrunner
http://secunia.com/advisories/49055/
eFront "courses_ID" Path Disclosure Weakness
http://secunia.com/advisories/49003/
Car Portal CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/49010/
DiY-CMS Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/49011/
concrete5 "approveImmediately" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48997/
TwonkyManager TwonkyServer Directory Traversal Vulnerability
http://secunia.com/advisories/49016/
TwonkyServer Directory Traversal Vulnerability
http://secunia.com/advisories/49015/
Drupal Ubercart Module Script Insertion and Code Injection Vulnerabilities
http://secunia.com/advisories/48935/
VMware ESX Server Multiple Vulnerabilities
http://secunia.com/advisories/48959/
HP NonStop Server Java Multiple Vulnerabilities
http://secunia.com/advisories/48977/
WordPress Zingiri Web Shop Plugin Cross-Site Scripting and Script Insertion Vulnerabilities
http://secunia.com/advisories/48991/
Debian update for spip
http://secunia.com/advisories/48975/
gpEasy CMS "jsoncallback" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/48994/
Ubuntu update for jetty
http://secunia.com/advisories/48981/
Quest Toad for Data Analysts Insecure Default Directory Permissions
http://secunia.com/advisories/48663/
Joomla! nBill Component "message" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49004/
PHP Volunteer Management Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/48988/
REMOTE: McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution
http://www.exploit-db.com/exploits/18805
LOCAL: CPE17 Autorun Killer <= 1.7.1 Stack Buffer Overflow Exploit
http://www.exploit-db.com/exploits/18792
DoS/PoC: Remote-Anything Player 5.60.15 Denial of Service
http://www.exploit-db.com/exploits/18799
DoS/PoC: Nokia PC Suite Video Manager 7.1.180.64 (.mp4) Denial of Service
http://www.exploit-db.com/exploits/18795
GnuTLS TLS Record Handling Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52667
GNU Libtasn1 ASN1 Length DER Decoding Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52668
GNU glibc 'nargs' Integer Overflow Security Bypass Vulnerability
http://www.securityfocus.com/bid/52201
Red Hat Enterprise Linux NFSv4 Mount Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50798
Samba 'Perl-Based DCE/RPC IDL' Compiler Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52973
Croogo CMS Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53287
Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/50802
OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158
WebCalendar Local File Include and PHP code Injection Vulnerabilities
http://www.securityfocus.com/bid/53207
Google Chrome Prior to 18.0.1025.168 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53309
Oracle Database Server 'TNS Listener' Remote Poisoning Vulnerability
http://www.securityfocus.com/bid/53308
Samba CVE-2012-2111 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/53307
Red Hat Enterprise MRG Messaging Unauthorized Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/53305
McAfee Virtual Technician ActiveX Control 'GetObject()' Insecure Method Vulnerability
http://www.securityfocus.com/bid/53304
Remote-Anything Player '.flm' File Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53303
WordPress WPsc MijnPress Plugin 'rwflush' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53302
VBulletin 'nextitem' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/53300
Soco CMS 'page' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/53299
OpenStack Compute (Nova) CVE-2012-2101 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53297
Nokia PC Suite Video Manager '.mp4' File Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53290
Pritlog Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53293
PHP 'getimagesize()' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53289
Shawn Bradley PHP Volunteer Management 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/53301
RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/52848
Oracle Java SE CVE-2011-3557 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50234
Oracle Java SE CVE-2011-3556 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50231
Oracle Java SE CVE-2011-3547 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50243
Oracle Java SE CVE-2011-3553 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50246
Oracle Java SE CVE-2011-3551 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50224
Mozilla Firefox/SeaMonkey/Thunderbird Site Identity Spoofing Vulnerability
http://www.securityfocus.com/bid/53224
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-0478 Denial of Service Vulnerability
http://www.securityfocus.com/bid/53227
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0473 Out of Bounds Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53231
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0474 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53228
Mozilla Firefox/Thunderbird/SeaMonkey 'cairo-dwrite' CVE-2012-0472 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53218
OpenType Sanitizer Off By One Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53222
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0468 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53221
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0477 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53229
Mozilla Firefox/Thunderbird/SeaMonkey IDBKeyRange Use-After-Free Vulnerability
http://www.securityfocus.com/bid/53220
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-0471 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53219
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0467 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53223
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-0470 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53225
Gajim CVE-2012-2093 Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/53017
Puppet Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52975
Oracle Grid Engine 'qrsh' Remote Code Injection Vulnerability
http://www.securityfocus.com/bid/53123
Apple Safari 'libxml' (CVE-2011-0216) Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/48832
HP ProCurve 5400 zl Switches 'Compact Flash Card' Security Issue
http://www.securityfocus.com/bid/52990
PHP PDORow Object Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51952
PHP CVE-2012-0831 'magic_quotes_gpc' Directive Security Bypass Weakness
http://www.securityfocus.com/bid/51954
PHP 'php_register_variable_ex()' Function Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/51830
Suhosin Extension Transparent Cookie Encryption Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51574
Google Chrome Prior to 16.0.912.75 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51300
Linux Kernel CVE-2011-4348 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/51363
Linux Kernel 'exec()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51947
libxml2 Unspecified Out-of-Bounds Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/51084
Google Chrome Prior to 14.0.835.163 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49658
libxml2 Invalid XPath Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/48056
Linux Kernel 'CIFSFindNext()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/49295
libxml2 'XPATH' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/44779
Oracle Grid Engine 'sge_passwd.c' Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53132
Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52911
MySQLDumper Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53306
BBSXP CMS Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/53298
Uiga Personal Portal SQL Injection Vulnerability
http://www.securityfocus.com/bid/53296
Uiga FanClub 'p' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/53295
XM Forum 'id' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/53292
SKYUC 'encode' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53291
Opial Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/53288
CPE17 Autorun Killer Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53286
Axous 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/53285
DoceboLMS 'index.php' Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53284
SilverStripe 'install.php' PHP Code Injection Vulnerability
http://www.securityfocus.com/bid/53282
WordPress Anti-CSRF Token Security Bypass Weakness
http://www.securityfocus.com/bid/53280
WordPress Zingiri Web Shop Plugin HTML Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53278
Joomla! 'Host' HTTP Header Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53277
Toad for Data Analysts Insecure Directory Permissions Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/53276
Joomla! nBill Component Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53275
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿