2012年8月22日水曜日
22日 水曜日、大安
+ Google Chrome 21.0.1180.81 released
http://googlechromereleases.blogspot.jp/2012/08/stable-channel-update_21.html
+ nginx 1.3.5 development version released
http://nginx.org/en/download.html
+ APSB12-19 Security updates available for Adobe Flash Player
http://www.adobe.com/support/security/bulletins/apsb12-19.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4168
+ CESA-2012:1180 Moderate CentOS 6 gimp Update
http://lwn.net/Alerts/512724/
+ CVE-2012-1820 Denial of Service (DoS) vulnerability in Quagga
https://blogs.oracle.com/sunsecurity/entry/cve_2012_1820_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1820
+ Multiple vulnerabilities in Pidgin
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_pidgin
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2318
+ CVE-2012-0841 Denial of Service (DoS) vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0841_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841
+ CVE-2011-3102 Numeric Errors vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2011_3102_numeric_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102
+ CVE-2010-4008 Denial of Service (DoS) vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2010_4008_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
+ Multiple Denial of Service (DoS) vulnerabilities in libxml2
https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos3
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
+ CVE-2011-0216 Denial of Service (DoS) vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2011_0216_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216
+ Multiple Denial of Service (DoS) vulnerabilities in libxml2
https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
+ CVE-2012-2370 Denial of Service (DoS) vulnerability in GTK+
https://blogs.oracle.com/sunsecurity/entry/cve_2012_2370_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2370
+ Multiple Denial of Service (DoS) vulnerabilities in ISC DHCP
https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos4
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954
+ CVE-2012-3817 Denial of Service (DoS) vulnerability in Bind
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3817_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817
+ Multiple vulnerabilities in Foomatic
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_foomatic
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964
+ Multiple Vulnerabilities in Quagga
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_quagga
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0250
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0255
+ CVE-2012-2088 Denial of Service (DoS) vulnerability in libtiff
https://blogs.oracle.com/sunsecurity/entry/cve_2012_2088_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2088
+ CVE-2012-2113 Denial of Service (DoS) vulnerability in libtiff
https://blogs.oracle.com/sunsecurity/entry/cve_2012_2113_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2113
+ RHSA-2012:1174 Low: kernel security and bug fix update
http://rhn.redhat.com/errata/RHSA-2012-1174.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313
+ SA50340 Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/50340/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4307
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319
+ Google Chrome OS CVE-2012-2864 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2864
+ Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3502
+ Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/55120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2749
[ MDVSA-2012:141 ] openslp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00134.html
アプリに実装できるセキュリティを知る
http://itpro.nikkeibp.co.jp/article/COLUMN/20120810/415585/?ST=security
次世代ファイアウォール対応のログ解析ソフト、日立ソリューションズが発売
http://itpro.nikkeibp.co.jp/article/NEWS/20120821/416970/?ST=security
Apache Tomcat Hash Collision Denial Of Service Vulnerability UPDATED
http://www.securiteam.com/securitynews/5NP3G0080E.html
YYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
http://isc.sans.edu/diary.html?storyid=13942
RuggedCom fails key management 101 on Rugged Operating System (ROS)
http://isc.sans.edu/diary.html?storyid=13948
Apache Web Server Bugs Permit Cross-Site Scripting and Information Disclosure Attacks
http://www.securitytracker.com/id/1027421
Sielco Sistemi Winlog <= 2.07.16 Integer Overflow
http://cxsecurity.com/issue/WLB-2012080179
KDE Calligra and KOffice Input Validation Failure
http://cxsecurity.com/issue/WLB-2012080178
Internet Explorer 8 (ieframe.dll) null pointer dereference
http://cxsecurity.com/issue/WLB-2012080177
ocPoral CMS 8.x Session Hijacking Vulnerability
http://cxsecurity.com/issue/WLB-2012080176
ClipBucket 2.5 Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012080175
JPM Article Blog Script 6 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012080174
ocPortal CMS 8.x Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012080173
Cube7 CMS SQL Injection
http://cxsecurity.com/issue/WLB-2012080172
Moodle CMS 2.2.1 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012080171
SysAid Helpdesk Pro 8.5.04 Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012080170
SysAid Helpdesk Pro 8.5.04 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012080169
ICAL 1.0 SQL Injection
http://cxsecurity.com/issue/WLB-2012080168
PG Portal Pro Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/50315/
SaltOS URL PHPExcel Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50312/
OCaml Xml-Light Library Hash Collision Denial of Service Vulnerability
http://secunia.com/advisories/50311/
Hivemail Email Body Script Insertion Vulnerability
http://secunia.com/advisories/50317/
Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/50340/
FishEye / Crucible Anonymous Signup and Access Security Bypass Security Issue
http://secunia.com/advisories/50335/
Hupa Email Subject and Body Script Insertion Vulnerabilities
http://secunia.com/advisories/50303/
SAP NetWeaver SAPHostControl Service Command Injection Vulnerability
http://secunia.com/advisories/50309/
Red Hat update for gimp
http://secunia.com/advisories/50358/
Apple Remote Desktop Information Disclosure Security Issue
http://secunia.com/advisories/50352/
Red Hat update for gimp
http://secunia.com/advisories/50324/
YourArcadeScript "id" SQL Injection Vulnerability
http://secunia.com/advisories/50319/
IOServer Web Interface Directory Traversal Vulnerability
http://secunia.com/advisories/50297/
Ubuntu update for libconfig-inifiles-perl
http://secunia.com/advisories/50336/
Ubuntu update for postgresql
http://secunia.com/advisories/50338/
SUSE update for dhcp
http://secunia.com/advisories/50357/
SAP BusinessObjects Financial Consolidation CtAppReg.dll Buffer Overflow
http://secunia.com/advisories/50306/
SAP Crystal Reports ebus-3-3-2-7.dll Buffer Overflow Vulnerability
http://secunia.com/advisories/50300/
ManageEngine OpUtils SNMP Contact and Location Script Insertion Vulnerabilities
http://secunia.com/advisories/50333/
Ruby on Rails Active Record CVE-2012-2695 SQL Injection Vulnerability
http://www.securityfocus.com/bid/53970
Ruby on Rails CVE-2012-2660 SQL Injection Vulnerability
http://www.securityfocus.com/bid/53754
Ruby on Rails CVE-2012-2694 Unsafe SQL Query Generation Vulnerability
http://www.securityfocus.com/bid/53976
GNU glibc Formatted Printing Functionality Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54374
Symantec Web Gateway Password Change Security Bypass Vulnerability
http://www.securityfocus.com/bid/54430
Linux Kernel dl2k Network Driver IOCTL Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53965
Ruby on Rails Active Record SQL Injection Vulnerability
http://www.securityfocus.com/bid/53753
Microsoft .NET Framework Parameter Validation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52921
GIMP Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55101
Linux Kernel 'tpm_read()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/50764
Linux Kernel 'hfs_mac2asc()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/50750
Linux Kernel HFS Plus Filesystem Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53401
Linux Kernel 915 GEM IOCTL Local Memory Overwrite Vulnerability
http://www.securityfocus.com/bid/44067
Linux Kernel EXT4 'ext4_fill_flex_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53414
Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
http://www.securityfocus.com/bid/46767
Sielco Sistemi Winlog Pro Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54212
keepalived Insecure PID Files Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/47859
GRBoard Multiple SQL Injection and Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55110
SAP NetWeaver Remote Code Execution and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/53424
Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/43677
Lattice Diamond Programmer Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54149
Mozilla Firefox/SeaMonkey/Thunderbird NSS Parsing Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/53798
Splunk Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52320
Microsoft Excel 'MergeCells' Record Heap Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53376
IBM Rational ClearQuest Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/54222
Citrix Provisioning Services Server Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53330
OpenSLP Extension Parser Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/46772
Oracle Outside In Technology CVE-2012-3108 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54550
Oracle Outside In Technology CVE-2012-1770 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54541
Oracle Outside In Technology CVE-2012-3107 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54504
Oracle Outside In Technology CVE-2012-1768 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54536
Oracle Outside In Technology CVE-2012-1769 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54500
Oracle Outside In Technology CVE-2012-1766 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54531
Oracle Outside In Technology CVE-2012-1767 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54511
Oracle Outside In Technology CVE-2012-3106 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54546
Oracle Outside In Technology CVE-2012-3109 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54554
Oracle Outside In Technology CVE-2012-1771 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54543
Oracle Outside In Technology CVE-2012-1772 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54497
Oracle Outside In Technology CVE-2012-1773 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54548
Oracle Outside In Technology CVE-2012-3110 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54506
Joomla! JCE Component 'file.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/51002
Sielco Sistemi Winlog Lite Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53811
GIMP GIF Image Parsing 'LZWReadByte()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/49148
GIMP PSD Image Parsing Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37040
Perl Config::IniFiles Module Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/53361
PostgreSQL 'xslt_process()' Function Arbitrary File Creation or Overwrite Vulnerability
http://www.securityfocus.com/bid/55072
PostgreSQL 'xml_parse()' Function Arbitrary File Access Vulnerability
http://www.securityfocus.com/bid/55074
ClipBucket 'file_results.php' Directory Traversal Vulnerability
http://www.securityfocus.com/bid/55139
Adobe Flash Player and AIR APSB12-19 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/55136
Google Chrome OS CVE-2012-2864 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55135
HP SAN/iQ Multiple Remote Command Injection Vulnerabilities
http://www.securityfocus.com/bid/55133
Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55131
Tor Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55128
XODA Arbitrary File Upload and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55127
GeSHi Multiple Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/55124
Rugged Operating System Private Key Disclosure Vulnerability
http://www.securityfocus.com/bid/55123
Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/55120
JPM Article Blog Script 6 'tid' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55112
Atlassian JIRA FishEye and Crucible Plugins 'Third Party Frameworks' Security Bypass Vulnerability
http://www.securityfocus.com/bid/55108
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿