2012年7月6日金曜日

6日 金曜日、先負


+ HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access Manager Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03243374%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4162

+ MySQL 5.5.25a released
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-25a.html

+ マイクロソフト セキュリティ情報の事前通知 - 2012 年 7 月
http://technet.microsoft.com/ja-jp/security/bulletin/ms12-jul

+ Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3375

Endpoint Connect (EPC) DLL hijacking vulnerability
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk76480&src=securityAlerts

Trend Micro Portable Security バージョン 1.1 Patch 1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1807

IEの脆弱性を悪用する攻撃が拡大
http://itpro.nikkeibp.co.jp/article/COLUMN/20120705/407529/?ST=security

[対策3]ポイントは出口対策、入り口やデータ保護対策も大事
http://itpro.nikkeibp.co.jp/article/COLUMN/20120617/403227/?ST=security

脅威増す政府機関へのサイバー攻撃、省庁横断で対応
http://itpro.nikkeibp.co.jp/article/Interview/20120705/407584/?ST=security

海外拠点ウェブサイトの49%に危険な脆弱性、NRIセキュア調査
http://itpro.nikkeibp.co.jp/article/NEWS/20120705/407596/?ST=security

UPDATE: JVNTA12-174A Microsoft XML コアサービスに脆弱性
http://jvn.jp/cert/JVNTA12-174A/index.html

UPDATE: JVNVU#458153 複数のビデオドライバが ASLR 機能をサポートしていない問題
http://jvn.jp/cert/JVNVU458153/index.html

[security bulletin] HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access Mana
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00039.html

IPv6 security tools released
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00040.html

ClubHack2012 CFP Open Now
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00038.html

CLscript CMS v3.0 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-07/msg00038.html

New OS X trojan backdoor MaControl variant reported
http://isc.sans.edu/diary.html?storyid=13612

Microsoft advanced notification for July 2012 patch Tuesday
http://isc.sans.edu/diary.html?storyid=13618

Linux Kernel fs/eventpoll.c local Denial of Service
http://cxsecurity.com/issue/WLB-2012070045

Tiki Wiki CMS Groupware <= 8.3 unserialize() PHP Code Execution
http://cxsecurity.com/issue/WLB-2012070044

Wordpress (wp-insert Plugin) Arbitrary File Upload Vulnerability
http://cxsecurity.com/issue/WLB-2012070043

Arasism SQL Injection
http://cxsecurity.com/issue/WLB-2012070042

7sepehr SQL Injection
http://cxsecurity.com/issue/WLB-2012070041

Forum Oxalis 0.1.2 <= SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012070040

WordPress MoodThingy Widget 0.9.7 SQL Injection
http://cxsecurity.com/issue/WLB-2012070039

Event Script PHP CMS 1.1 SQL Injection
http://cxsecurity.com/issue/WLB-2012070038

CLscript CMS 3.0 SQL Injection / Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012070037

WordPress Plugin Quick Post Widget Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/49798/

RSA Access Manager Security Bypass Vulnerability
http://secunia.com/advisories/49757/

GuestBook Script Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/49806/

Debian update for openjdk-6
http://secunia.com/advisories/49745/

SUSE update for puppet
http://secunia.com/advisories/49815/

REMOTE: IBM Rational ClearQuest CQOle Remote Code Execution
http://www.exploit-db.com/exploits/19576

DoS/PoC: Linux Kernel fs/eventpoll.c Local Denial of Service
http://www.exploit-db.com/exploits/19605

DoS/PoC: .Net Framework Tilde Character DoS
http://www.exploit-db.com/exploits/19575

HP Device Access Manager for HP ProtectTools Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/50895

Microsoft XML Core Services CVE-2012-1889 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53934

Oracle Java SE CVE-2012-1716 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53947

LibTIFF 'tiff2pdf' Utility Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/54076

libTIFF TIFF Image CVE-2012-2088 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54270

Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166

GuestBook Script PHP Multiple SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54300

PHP 'php-cgi' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53388

libcrypt 'crypt()' Password Encryption Weakness
http://www.securityfocus.com/bid/53729

PHP 'phar/tar.c' Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47545

Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54283

Linux Kernel NFS Client 'decode_getacl()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/50655

Asterisk Voice Mail Denial Of Service Vulnerability
http://www.securityfocus.com/bid/54317

Quick Post Widget Plugin Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/54311

Solar FTP Server Denial of Service Vulnerability
http://www.securityfocus.com/bid/54306

ラベル:

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)