2012年5月22日火曜日
22日 火曜日、大安
+ RHSA-2012:0683 Important: bind-dyndb-ldap security update
http://rhn.redhat.com/errata/RHSA-2012-0683.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2134
+ RHSA-2012:0678 Moderate: postgresql and postgresql84 security update
http://rhn.redhat.com/errata/RHSA-2012-0678.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868
+ RHSA-2012:0677 Moderate: postgresql security update
http://rhn.redhat.com/errata/RHSA-2012-0677.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0868
+ BIND 9.6-ESV-R7, 9.7.6, 9.8.3, 9.9.1 released
https://deepthought.isc.org/article/AA-00671
https://kb.isc.org/article/AA-00672
https://kb.isc.org/article/AA-00670
https://deepthought.isc.org/article/AA-00674
+ Linux kernel 3.0.32, 3.2.18, 3.3.7 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.32
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.18
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.7
+ Postfix 2.6.16, 2.7.10, 2.8.11, 2.9.3 released
http://mirror.postfix.jp/postfix-release/official/postfix-2.6.16.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.7.10.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.8.11.HISTORY
http://mirror.postfix.jp/postfix-release/official/postfix-2.9.3.HISTORY
+ SA49187 Linux Kernel mmap_sem Denial of Service Vulnerability
http://secunia.com/advisories/49187/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2373
+ SA49149 Linux Kernel NFSv4 Denial of Service Vulnerability
http://secunia.com/advisories/49149/
一部の弊社製品において、製品/サービスが利用できない現象について
http://www.trendmicro.co.jp/support/news.asp?id=1785
JVN#86044443 iLunascape for Android における WebView クラスに関する脆弱性
http://jvn.jp/jp/JVN86044443/index.html
JVNDB-2012-002342 Adobe Photoshop におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002342.html
JVNDB-2012-002336 Adobe Illustrator における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002336.html
JVNDB-2012-001936 RealNetworks RealPlayer および RealPlayer SP におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001936.html
JVNDB-2012-000044 iLunascape for Android における WebView クラスに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000044.html
JVNDB-2011-005032 Samba の RPC コードジェネレータにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005032.html
JVNDB-2010-003150 Python の asyncore モジュールにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003150.html
JVNDB-2011-004732 D-Bus の configure スクリプトにおける任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004732.html
JVNDB-2011-002125 Linux Kernel の dbus-marshal-header.c 内にある _dbus_header_byteswap 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002125.html
JVNDB-2011-001951 Apple iOS などの製品で使用される FreeType における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001951.html
DNS ANY Request Cannon - Need More Packets
http://isc.sans.edu/diary.html?storyid=13261
VU#464683 Xelex Technologies MobileTrack multiple vulnerabilities
http://www.kb.cert.org/vuls/id/464683
PE Explorer Resources Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/49239/
activeCollab Chat Module Code Execution Vulnerability
http://secunia.com/advisories/49246/
Moodle Multiple Vulnerabilities
http://secunia.com/advisories/49233/
Pro-Server EX Information Disclosure and Denial of Service Vulnerabilities
http://secunia.com/advisories/49172/
Pligg CMS Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/45431/
Joomla! JCE Component Cross-Site Scripting and Security Bypass Vulnerabilities
http://secunia.com/advisories/46365/
Elgg Cross-Site Scripting and Security Bypass Vulnerabilities
http://secunia.com/advisories/49129/
Vanilla Forums LatestComment Plugin Discussion Title Script Insertion Vulnerability
http://secunia.com/advisories/49249/
Vanilla Forums AboutMe Plugin Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/49207/
Linux Kernel mmap_sem Denial of Service Vulnerability
http://secunia.com/advisories/49187/
Resource Hacker Resources String Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/49217/
Gentoo update for chromium and v8
http://secunia.com/advisories/49240/
Serendipity Unspecified SQL Injection Vulnerability
http://secunia.com/advisories/49234/
iLunascape for Android WebView Class Security Bypass Security Issue
http://secunia.com/advisories/49253/
OpenVZ update for kernel
http://secunia.com/advisories/49262/
Debian update for pidgin-otr
http://secunia.com/advisories/49241/
Debian update for sympa
http://secunia.com/advisories/49237/
Linux Kernel NFSv4 Denial of Service Vulnerability
http://secunia.com/advisories/49149/
REMOTE: HP StorageWorks P4000 Virtual SAN Appliance Command Execution
http://www.exploit-db.com/exploits/18901
LOCAL: Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
http://www.exploit-db.com/exploits/18905
DoS/PoC: PHP <= 5.4.3 (com_event_sink) Denial of Service
http://www.exploit-db.com/exploits/18910
DoS/PoC: PHP <= 5.4.3 wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce
http://www.exploit-db.com/exploits/18909
DoS/PoC: Real-DRAW PRO 5.2.4 Import File Crash
http://www.exploit-db.com/exploits/18902
DoS/PoC: DVD-Lab Studio 1.25 DAL File Open Crash
http://www.exploit-db.com/exploits/18903
Google Chrome Prior to 19 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53540
PHP Address Book Multiple SQL Injection and Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/52396
Linux Kernel CVE-2012-1090 CIFS 'umount' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52197
Linux Kernel 'Clone()' Function 'CLONE_IO' Flag Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52152
Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274
Foxit Reader PDF Handling Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/34035
RubyGems mail Directory Traversal and Command Injection Vulnerabilities
http://www.securityfocus.com/bid/53257
WordPress Login With Ajax Plugin Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53423
KVM CVE-2012-2121 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53162
Linux Kernel KVM 'kvm_apic_accept_pic_intr()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53488
Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/53612
Bind DynDB LDAP 'bind-dyndb-ldap' Package Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53236
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52188
Apache POI CVE-2012-0213 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53487
Oracle Java SE CVE-2011-3560 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/50236
Todd Miller Sudo Host_List Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/53569
Sympa Archive Management Permissions Security Bypass Vulnerability
http://www.securityfocus.com/bid/53503
pidgin-otr 'log_message_cb()' Function Format String Vulnerability
http://www.securityfocus.com/bid/53557
Oracle Java SE CVE-2012-0505 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/52017
Scalable Vector Graphics (SVG) Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/53552
Vanilla Forums FirstLastNames Plugin Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53637
Real-DRAW PRO Multiple Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/53636
MediaChance DVD-Lab Studio '.dal' File Denial of Service Vulnerability
http://www.securityfocus.com/bid/53635
Xelex MobileTrack Information Disclosure and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/53634
Vanilla Forums LatestComment Plugin Discussion Title HTML Injection Vulnerability
http://www.securityfocus.com/bid/53633
Moodle Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53632
Vanilla Forums AboutMe Plugin HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53631
Joomla JCE Component Security Bypass and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53630
Moodle Multiple Information Disclosure and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/53629
Moodle SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53627
Moodle CVE-2012-2367 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53626
Pligg CMS Multiple SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53625
activeCollab Chat Module Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/53624
Elgg Cross Site Scripting and Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/53623
Yandex.Server 'text' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/53622
iLunascape for Android 'WebView' Class Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53619
Acuity CMS Directory Traversal and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/53616
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿