2012年5月11日金曜日
11日 金曜日、大安
+ Opera 11.64 released
http://www.opera.com/docs/changelogs/windows/1164/
+ OS X Lion v10.7.4 and Security Update 2012-002
http://support.apple.com/kb/HT5281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0649
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3328
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0657
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0675
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895
+ About the security content of Safari 5.1.7
http://support.apple.com/kb/HT5282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0676
+ Sudo 1.8.5rc5 released
http://www.sudo.ws/sudo/devel.html#1.8.5rc5
+ OpenSSL Security Advisory [10 May 2012]: Invalid TLS/DTLS record attack (CVE-2012-2333)
http://www.openssl.org/news/secadv_20120510.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
+ OpenSSL 1.0.1c released
http://www.openssl.org/news/
オレンジソフト、会社を中継してGmailを使うためのセキュリティ設定サービスを開始
http://itpro.nikkeibp.co.jp/article/NEWS/20120510/395842/?ST=security
「Twitterからは誰の情報も流出していない」、Twitter日本法人が流出報道を否定
http://itpro.nikkeibp.co.jp/article/NEWS/20120510/395786/?ST=security
SCSK、標的型攻撃対策ゲートウエイ「FireEye」の運用代行サービスを開始
http://itpro.nikkeibp.co.jp/article/NEWS/20120509/395621/?ST=security
JVNVU#241779 Apple Safari における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU241779/index.html
JVNVU#692779 Apple Mac OS X における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNVU692779/index.html
[SECURITY] [DSA 2422-2] file regression fix
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00047.html
[SECURITY] [DSA 2467-1] mahara security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00046.html
[SECURITY] [DSA 2466-1] rails security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00044.html
[SECURITY] [DSA 2465-1] php5 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00043.html
[security bulletin] HPSBMU02775 SSRT100853 rev.2 - HP Performance Insight for Networks Running o
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00039.html
[ MDVSA-2012:068-1 ] php
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00053.html
Drupal 7.14 <= Full Path Disclosure Vulnerability (Update)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00052.html
Drupal 7.14 <= Full Path Disclosure Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00051.html
APPLE-SA-2012-05-09-2 Safari 5.1.7
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00050.html
APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00049.html
[SECURITY] [DSA 2468-1] libjakarta-poi-java security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00048.html
Adobe Shockwave Player Remote Code Execution (CVE-2012-2031)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00042.html
Adobe Shockwave Player Remote Code Execution (CVE-2012-2030)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00041.html
Adobe Shockwave Player Remote Code Execution (CVE-2012-2029)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00040.html
Safari 5.1.7 - an interesting feature
http://isc.sans.edu/diary.html?storyid=13189
Mac OS X Bugs Let Remote Users Execute Arbitrary Code and Obtain Potentially Sensitive Information and Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027054
Apple Safari WebKit Flaw Lets Remote Users Fill Out Form Inputs on a Target Web Page for a Target User
http://www.securitytracker.com/id/1027053
Adobe Shockwave Player .dir Memory Corruption
http://cxsecurity.com/issue/WLB-2012050078
Windows Kernel ReadLayoutFile Heap Overflow
http://cxsecurity.com/issue/WLB-2012050077
DecisionTools SharpGrid Active-X Code Execution
http://cxsecurity.com/issue/WLB-2012050076
Chevreto Upload Script Cross Site Scripting / User Enumeration
http://cxsecurity.com/issue/WLB-2012050075
Serendipity 1.6 Cross Site Scripting / SQL Injection
http://cxsecurity.com/issue/WLB-2012050074
X7 Chat 2.0.5.1 Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012050073
Drupal Take Control 6.x Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012050072
Drupal Glossary 6.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050071
Debian update for libjakarta-poi-java
http://secunia.com/advisories/49040/
Schneider Electric Kerwin Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/49041/
Drupal Take Control Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/49060/
Drupal Glossary Module Taxonomy Information Script Insertion Vulnerability
http://secunia.com/advisories/49074/
Apple Safari Multiple Vulnerabilities
http://secunia.com/advisories/47292/
WordPress User Photo Plugin URL Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49100/
SUSE update for java-1_6_0-ibm
http://secunia.com/advisories/49124/
SUSE update for java-1_5_0-ibm
http://secunia.com/advisories/49076/
Debian update for rails
http://secunia.com/advisories/49046/
Debian update for php5
http://secunia.com/advisories/49053/
Apple Safari WebKit Remote Code Execution and Cross Site Scripting
http://www.vupen.com/english/ADV-2012-0252.php
Apple Mac OS X Multiple Remote Code Execution and Security Bypass
http://www.vupen.com/english/ADV-2012-0251.php
REMOTE: Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability
http://www.exploit-db.com/exploits/18847
DoS/PoC: SAP Netweaver Dispatcher Multiple Vulnerabilities
http://www.exploit-db.com/exploits/18853
DoS/PoC: Guitar Pro 6.1.1 r10791 (.gpx) Crash POC
http://www.exploit-db.com/exploits/18851
DecisionTools SharpGrid ActiveX Control RCE
http://www.exploit-db.com/exploits/18852
PHP 'exif_process_IFD_TAG()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/50907
PHP Web Form Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51193
PHP 'php-cgi' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53388
PHP 'ZipArchive::addGlob' and 'ZipArchive::addPattern' Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/49252
PHP CVE-2011-2202 Security Bypass Vulnerability
http://www.securityfocus.com/bid/48259
PHP 'socket_connect()' Function Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47950
OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158
PHP CVE-2012-0831 'magic_quotes_gpc' Directive Security Bypass Weakness
http://www.securityfocus.com/bid/51954
PHP 'php_register_variable_ex()' Function Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/51830
Suhosin Extension Transparent Cookie Encryption Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51574
PHP PDORow Object Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51952
PHP CVE-2012-1172 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/53403
PHP Versions Prior to 5.3.7 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49241
PHP 'is_a()' Function Remote File Include Vulnerability
http://www.securityfocus.com/bid/49754
PHP Prior to 5.3.7 Multiple NULL Pointer Dereference Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/49249
PHP 'substr_replace()' Use After Free Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/46843
RoundCube Webmail Denial of Service Vulnerability
http://www.securityfocus.com/bid/50402
RoundCube Webmail '_mbox' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/49229
RoundCube Webmail Remote Mail Relay Vulnerability
http://www.securityfocus.com/bid/47247
Drupal Take Control Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/53452
Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013
PrivaWall Antivirus Office XML Format Evasion Security Bypass Vulnerability
http://www.securityfocus.com/bid/52454
Kerio WinRoute Firewall Web Server Remote Source Code Disclosure Vulnerability
http://www.securityfocus.com/bid/53460
Apple Mac OS X CVE-2012-0652 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53457
Drupal Core Path Disclosure Vulnerability
http://www.securityfocus.com/bid/53454
phpMyFAQ Default Password Security Bypass Vulnerability
http://www.securityfocus.com/bid/53450
WordPress User Photo '$_SERVER['REQUEST_URI']' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53449
Chevereto Image Upload Script Cross Site Scripting and Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53448
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿