:: IT Security Neophyte Investigator's MEMO ::: 27日水曜日、赤口

2012年6月27日水曜日

27日水曜日、赤口

+ Google Chrome 20 (20.0.1132.43) released
http://googlechromereleases.blogspot.jp/2012/06/stable-channel-update_26.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2816
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807

+ nginx-1.3.2 development version released
http://nginx.org/en/CHANGES

+ CentOS alert CESA-2012:1036 (postgresql)
http://lwn.net/Alerts/503582/

+ CentOS alert CESA-2012:1037 (postgresql, postgresql84)
http://lwn.net/Alerts/503583/

+ Multiple vulnerabilities in Wireshark
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1593
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1596

+ Denial of Service (DoS) vulnerability in librsvg
https://blogs.oracle.com/sunsecurity/entry/cve_2011_3146_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3146

+ Numeric Errors vulnerability in LibTIFF
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1173_numeric_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173

+ Multiple vulnerabilities in OpenSSL
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131

+ Memory corruption vulnerability in Ogg Vorbis
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0444_memory_corruption
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444

+ Multiple vulnerabilities in Thunderbird
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird4
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0464

+ Multiple vulnerabilities in Firefox web browser
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_firefox_web
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0464

+ Multiple Denial of Service (DoS) vulnerabilities in FreeType
https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144

+ Access Controls vulnerability in Samba
https://blogs.oracle.com/sunsecurity/entry/cve_2012_2111_access_controls
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2111

+ Multiple vulnerabilities in Foomatic
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_foomatic
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964

+ TList 6 ActiveX control remote code execution vulnerability in Hyperion Financial Management
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1714_tlist_6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1714

+ Path Traversal Vulnerability in Sun GlassFish Web Space Server
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1712_path_traversal
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1712

+ Symantec Message Filter Security Issues
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120626_00
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0301
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0302
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0303

+ OpenSSH 'ssh_gssapi_parse_ename()' Function Denial Of Service Vulnerability
http://www.securityfocus.com/bid/54114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000

UPDATE: APSB12-12 Security bulletin for Adobe Flash Professional
http://www.adobe.com/support/security/bulletins/apsb12-12.html

エントラストジャパンが電子証明書販売の日本語サイトを公開
http://itpro.nikkeibp.co.jp/article/NEWS/20120626/405423/?ST=security

[security bulletin] HPSBMU02792 SSRT100820 rev.2 - HP Business Service Management (BSM), Remote
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00167.html

SEC Consult SA-20120626-0 :: Zend Framework - Local file disclosure via XXE injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00166.html

[CVE-2012-0694] SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00165.html

OpenLimit Reader for Windows contains completely outdated, superfluous and VULNERABLE system compone
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00163.html

[slackware-security] freetype (SSA:2012-176-01)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00154.html

[ MDVSA-2012:100 ] rsyslog
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00153.html

[SE-2012-01] Security weakness in Apple QuickTime Java extensions (details released)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00159.html

hashdays 2012 - Call for Papers (#days CFP)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00152.html

[SECURITY] [DSA 2502-1] python-crypto security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00151.html

[SECURITY] [DSA 2498-1] dhcpcd security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00158.html

CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00157.html

CVE-2012-2381: Apache Roller Cross-Site-Scripting (XSS) vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00156.html

[SECURITY] [DSA 2501-1] xen security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00150.html

[SECURITY] [DSA 2500-1] mantis security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-06/msg00149.html

Run, Forest! (Update)
http://isc.sans.edu/diary.html?storyid=13561

Apache Roller Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/49049/

Apache Roller Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/49593/

Horde IMP SVG Attachment Script Insertion Vulnerability
http://secunia.com/advisories/49643/

WaveMaker Security Bypass Vulnerability
http://secunia.com/advisories/49675/

Squiz Matrix Cross-Site Scripting and Information Disclosure Vulnerabilities
http://secunia.com/advisories/49617/

SoftPerfect Bandwidth Manager Password Disclosure Vulnerability
http://secunia.com/advisories/49685/

FCKeditor "print_textinputs_var()" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/49606/

Support Tickets MyTickets "MyTickets_language" SQL Injection Vulnerability
http://secunia.com/advisories/49557/

Gentoo update for logrotate
http://secunia.com/advisories/49697/

Gentoo update for sendmail
http://secunia.com/advisories/49712/

Gentoo update for mount-cifs
http://secunia.com/advisories/49713/

Gentoo update for texlive-core
http://secunia.com/advisories/49714/

Red Hat update for postgresql and postgresql84
http://secunia.com/advisories/49717/

Red Hat update for postgresql
http://secunia.com/advisories/49718/

Slackware update for freetype
http://secunia.com/advisories/49721/

UmaPresence Arbitrary File Upload Vulnerability
http://secunia.com/advisories/49699/

Zend Framework "Zend_XmlRpc" XML Entity References Information Disclosure Vulnerability
http://secunia.com/advisories/49665/

SUSE update for linux
http://secunia.com/advisories/49722/

Gentoo update for nbd
http://secunia.com/advisories/49700/

Gentoo update for msmtp
http://secunia.com/advisories/49704/

Gentoo update for postfix
http://secunia.com/advisories/49706/

Gentoo update for links
http://secunia.com/advisories/49707/

Gentoo update for pam
http://secunia.com/advisories/49711/

FCKEditor <= 2.6.7 reflected XSS vulnerability
http://cxsecurity.com/issue/WLB-2012060309

Apache Roller 4.x / 5.x Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012060308

Apache Roller 4.x / 5.x Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012060307

SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution
http://cxsecurity.com/issue/WLB-2012060306

Kingview Touchview 6.53 Heap Overflows
http://cxsecurity.com/issue/WLB-2012060305

Slim PDF Reader 1.0 Memory Corruption
http://cxsecurity.com/issue/WLB-2012060304

Qutecom 2.2.1 Heap Overflow
http://cxsecurity.com/issue/WLB-2012060303

Kingview Touchview 6.53 EIP Overwrite
http://cxsecurity.com/issue/WLB-2012060302

Drupal Drag And Drop 6.x-1.5 Shell Upload
http://cxsecurity.com/issue/WLB-2012060301

Western Digital TV (WD-TV) Live Remote Code Execution
http://cxsecurity.com/issue/WLB-2012060300

Able2Doc / Able2Doc Professional 6.0 Memory Corruption
http://cxsecurity.com/issue/WLB-2012060299

Parodia 6.8 SQL Injection
http://cxsecurity.com/issue/WLB-2012060298

Able2Extract 6.0 Memory Corruption
http://cxsecurity.com/issue/WLB-2012060297

Umapresence 2.6.0 Shell Upload / File Deletion
http://cxsecurity.com/issue/WLB-2012060296

Autopagina CMS 2.8 SQL Injection
http://cxsecurity.com/issue/WLB-2012060295

REMOTE: Root Exploit Western Digital's WD TV Live SMP/Hub
http://www.exploit-db.com/exploits/19402

LOCAL: quicktime.util.QTByteObject Initialization Security Checks Bypass
http://www.exploit-db.com/exploits/19401

NCompress Decompress Buffer Underflow Vulnerability
http://www.securityfocus.com/bid/19455

BusyBox 'udhcpc' Shell Characters in Response Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/48879

RSyslog Function Imfile Module Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51171

Linux Kernel KVM 'kvm_set_irq()' Function Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54063

MacVTap Device Driver Local Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53165

Linux Kernel NFS Client 'decode_getacl()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50655

MantisBT SOAP API Security Bypass Vulnerability
http://www.securityfocus.com/bid/53907

MantisBT Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/52313

MantisBT 'delete_attachments_threshold()' Function Security Bypass Vulnerability
http://www.securityfocus.com/bid/53921

Mozilla Firefox/Thunderbird/SeaMonkey '.lnk' Files Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53799

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1938 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53796

Mozilla Firefox/Thunderbird/SeaMonkey Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53792

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1937 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53800

Multiple Browsers WebGL Implementation Linux NVIDIA Driver 'glBufferData()' Security Vulnerability
http://www.securityfocus.com/bid/53808

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1941 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53793

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1939 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53797

Mozilla Firefox/Thunderbird/SeaMonkey CSP's Inline-Script Blocking Feature Security Bypass Weakness
http://www.securityfocus.com/bid/53801

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1940 Use After Free Vulnerability
http://www.securityfocus.com/bid/53794

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1947 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53791

Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
http://www.securityfocus.com/bid/53911

Qt SSL Certificate IP Address Wildcard Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/42833

Google Chrome Prior to 16.0.912.75 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51300

Linux Kernel Reliable Datagram Sockets (RDS) CVE-2012-2372 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54062

KVM CVE-2012-2121 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53162

Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166

Linux Kernel DRM 'drivers/gpu/drm/crm_crtc.c' IOCTL Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/51371

Linux Kernel '__split_huge_page()' Race Condition Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52533

Linux Kernel 'sock_alloc_send_pskb()' Function Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53721

Linux Kernel CVE-2012-2373 Race Condition Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53614

Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/52931

OpenSSH 'ssh_gssapi_parse_ename()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/54114

Linux Kernel epoll Subsystem 'eventpoll.c' Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/46630

OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158

389 Directory Server Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/54153

OpenOffice Prior to 3.4 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/53570

Linux Kernel Regsets CVE-2012-1097 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/52274

Linux Kernel XFS Filesystem 'fs/xfs/xfs_acl.c' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/51380

Linux Kernel CVE-2011-4347 Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/50811

Python SimpleXMLRPCServer Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51996

Python Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51239

RETIRED: MyBB 'announcements.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/54130

Python SimpleHTTPServer 'list_directory()' Function Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54083

python 'distutils' Component '~/.pypirc' File Local Race Condition Vulnerability
http://www.securityfocus.com/bid/52732

OpenLDAP LDAP Search Request Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/52404

Roundcube Webmail Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53453

Red Hat Sos CVE-2012-2664 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54116

Links SSL Certificate Verification Security Weakness
http://www.securityfocus.com/bid/33108

HP Business Service Management CVE-2012-2561 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53556

PostgreSQL 'SECURITY DEFINER' and 'SET' Attributes Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53812

PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52188

libcrypt 'crypt()' Password Encryption Weakness
http://www.securityfocus.com/bid/53729

OpenStack Compute (Nova) Security Bypass Vulnerability
http://www.securityfocus.com/bid/53875

Asterisk CVE-2012-3553 SCCP Skinny Channel Driver Denial of Service Vulnerability
http://www.securityfocus.com/bid/54017

RoundCube Webmail Remote Mail Relay Vulnerability
http://www.securityfocus.com/bid/47247

MyTickets 'define.php' Script SQL Injection Vulnerability
http://www.securityfocus.com/bid/54064

Cactusoft Parodia 'ag_id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/48458

Mosh Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53646

Intel CPU Hardware Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/53856

lighttpd 'http_auth.c' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50851

SlimPDF Reader Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/49923

Linux Kernel 'mmap()' Failure Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53668

Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54203

WordPress Website FAQ 'website-faq-widget.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/54200

ViewVC 'svn_ra.py' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54199

ViewVC 'svn_ra.py' Authorization Security Bypass Vulnerability
http://www.securityfocus.com/bid/54197

WaveMaker Security Bypass Vulnerability
http://www.securityfocus.com/bid/54196

Horde Project IMP SVG Attachment HTML Injection Vulnerability
http://www.securityfocus.com/bid/54195

Zend Framework 'Zend_XmlRpc' Class Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54192

Symantec Message Filter CVE-2012-0300 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54136

Symantec Message Filter CVE-2012-0301 Session Fixation Vulnerability
http://www.securityfocus.com/bid/54135

Symantec Message Filter CVE-2012-0302 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54134

Symantec Message Filter CVE-2012-0303 Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/54133

:: IT Security Neophyte Investigator's MEMO ::

2012年6月27日水曜日

27日水曜日、赤口

0 件のコメント:

コメントを投稿

2012年6月27日水曜日

27日 水曜日、赤口

0 件のコメント:

コメントを投稿

27日水曜日、赤口