2012年8月9日木曜日

9日 木曜日、先負











+ RHSA-2012:1151 Low: openldap security and bug fix update
http://rhn.redhat.com/errata/RHSA-2012-1151.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668

+ Google Chrome 21.0.1180.75 released
http://googlechromereleases.blogspot.jp/2012/08/stable-channel-update.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2863

+ CESA-2012:1149 Moderate CentOS 5 sudo Update
http://lwn.net/Alerts/510225/

+ PSN-2012-08-690 2012-08: Network and Content Management Security Bulletins Released
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-08-690&viewMode=view

+ PSN-2012-08-689 2012-08 Security Advisory: NSM Products: Multiple Java JDK/JRE Vulnerabilities
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-08-689&viewMode=view
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865

+ PSN-2012-08-688 2012-08 Security Advisory: NSM Products:Linux Kernel TCP Sequence Number Generation Issue
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-08-688&viewMode=view
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3188

+ PSN-2012-08-687 2012-08 Security Advisory: NSM Products: Multiple PostgreSQL Vulnerabilities
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-08-687&viewMode=view
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4015 6.5
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3433 6.0
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1169 8.5
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447 8.5
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1170 6.0

+ PSN-2012-08-686 2012-08 Security Advisory: NSM Products: Multiple OpenSSH Vulnerabilities
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-08-686&viewMode=view
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2798 5.0
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 9.3
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 4.6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0230 5.0
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 7.8

+ HS12-021 Cross-site Scripting Vulnerability in JP1/Integrated Management - Service Support
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-021/index.html

+ HS12-020 Privilege escalation vulnerability in JP1/NETM/DM
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-020/index.html

+ HS12-019 DoS Vulnerability in Hitachi IT Operations Analyzer
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-019/index.html

+ HS12-021 JP1/Integrated Management - Service Supportにおけるクロスサイトスクリプティングの脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-021/index.html

+ UltraMonkey-L7 3.0.4 released
http://sourceforge.jp/projects/ultramonkey-l7/releases/56599/note

+ SA50143 Oracle Database CTXSYS.CONTEXT Index Privilege Escalation Vulnerability
http://secunia.com/advisories/50143/

Trend Micro Control Manager Critical Patch 5.5 (build 1773) 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1819

セキュリティを強化した「Windows 8」、依然残る弱点は
http://itpro.nikkeibp.co.jp/article/COLUMN/20120806/414421/?ST=security

[4]モバイルのパスワードも強化!iPhoneで最も多い4桁は?
http://itpro.nikkeibp.co.jp/article/COLUMN/20120802/413689/?ST=security

富士通、手のひら静脈認証デバイスの体積を1/4に小型化
http://itpro.nikkeibp.co.jp/article/NEWS/20120808/415022/?ST=security

JVN#39519659 Sleipnir Mobile for Android において任意のスクリプトが実行される脆弱性
http://jvn.jp/jp/JVN39519659/index.html

JVN#99730704 Sleipnir Mobile for Android において任意の Java のメソッドが実行される脆弱性
http://jvn.jp/jp/JVN99730704/index.html

Multiple Vulnerabilities in phpList
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00058.html

Multiple vulnerabilities in PBBoard
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00057.html

MobileCartly 1.0 <= Remote Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00056.html

ESA-2012-031: Iomega StorCenter/EMC Lifeline Remote Access Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00055.html

[ MDVSA-2012:127 ] libtiff
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00054.html

[ MDVSA-2012:126 ] libxml2
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-08/msg00053.html

JVNDB-2012-003484 (JVNVU#960468) HP ArcSight アプライアンス製品にクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003484.html

JVNDB-2012-003483 OpenOffice.org および LibreOffice におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003483.html

JVNDB-2012-003482 Opera におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003482.html

JVNDB-2012-003481 Opera における脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003481.html

JVNDB-2012-003480 Opera におけるクロスサイトスクリプティング保護メカニズムを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003480.html

JVNDB-2012-003479 Opera における任意のファイルをダウンロードおよび実行させられる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003479.html

JVNDB-2012-003478 Opera におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003478.html

JVNDB-2012-003476 IBM HMC および SDMC における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003476.html

JVNDB-2012-003475 MIT Kerberos の KDC におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003475.html

JVNDB-2012-003474 MIT Kerberos の KDC におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003474.html

JVNDB-2012-003473 Cisco IOS における重要なクロストークの情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003473.html

JVNDB-2012-003471 Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003471.html

JVNDB-2012-003470 Cisco Wide Area Application Services アプライアンスにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003470.html

JVNDB-2012-003469 Cisco Emergency Responder におけるサービス運用妨害 (CPU 資源の消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003469.html

JVNDB-2012-003468 Cisco IOS におけるサービス運用妨害 (デバイスリロード) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003468.html

JVNDB-2012-003467 Cisco AnyConnect Secure Mobility Client におけるサーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003467.html

JVNDB-2012-003466 Cisco AnyConnect Secure Mobility Client の IPsec の実装におけるサーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003466.html

JVNDB-2012-003465 Cisco AnyConnect Secure Mobility Client におけるサーバになりすまされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003465.html

JVNDB-2012-003464 Cisco IP Communicator における証明書信頼リストを変更される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003464.html

JVNDB-2012-003463 Cisco ASA 5500 シリーズデバイスにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003463.html

JVNDB-2012-003462 Cisco ASA 5500 シリーズデバイスにおけるサービス運用妨害 (CPU 資源の消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003462.html

JVNDB-2012-000076 (JVN#39519659) Sleipnir Mobile for Android において任意のスクリプトが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000076.html

JVNDB-2012-003459 Cisco IOS におけるサービス運用妨害 (デバイスリロード) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003459.html

JVNDB-2012-000075 (JVN#99730704) Sleipnir Mobile for Android において任意の Java のメソッドが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000075.html

JVNDB-2012-003458 Google Chrome の Datepicker におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003458.html

JVNDB-2012-003457 Linux 上で稼働する Google Chrome における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003457.html

JVNDB-2012-003456 Google Chrome の WebP デコーダにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003456.html

JVNDB-2012-003455 Google Chrome の Cascading Style Sheets DOM の実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003455.html

JVNDB-2012-003454 Google Chrome の PDF 機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003454.html

JVNDB-2012-003453 Google Chrome の PDF 機能 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003453.html

JVNDB-2012-003452 Google Chrome におけるポインタ値に関する重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003452.html

JVNDB-2012-003451 Google Chrome の webRequest API におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003451.html

JVNDB-2012-003450 Google Chrome の PDF 機能におけるサービス運用妨害 (解放済みメモリの使用) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003450.html

JVNDB-2012-003449 Google Chrome の PDF 機能における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003449.html

JVNDB-2012-003448 Google Chrome の PDF 機能における脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003448.html

JVNDB-2012-003447 Google Chrome の GIF デコーダにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003447.html

JVNDB-2012-003446 Google Chrome のドラッグ&ドロップにおけるファイルのアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003446.html

JVNDB-2012-003445 Google Chrome におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003445.html

Apache Hadoop Information Disclosure Vulnerability
http://www.securiteam.com/securitynews/5UP2V2A80A.html

JBoss JMX Console Flaw Cross-Site Request Forgery Attacks
http://www.securitytracker.com/id/1027359

Sudo on Red Hat Enterprise Linux %postun Symlink Flaw Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027356

phplist "unconfirmed" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50150/

PBBoard Multiple Vulnerabilities
http://secunia.com/advisories/50153/

SUSE update for bind
http://secunia.com/advisories/50165/

SUSE update for python-django
http://secunia.com/advisories/50167/

SUSE update for krb5
http://secunia.com/advisories/50145/

Baby Gekko URL Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49142/

Inout Webmail Email Receiver Script Insertion Vulnerabilities
http://secunia.com/advisories/50155/

Oracle Database CTXSYS.CONTEXT Index Privilege Escalation Vulnerability
http://secunia.com/advisories/50143/

ConcourseSuite Script Insertion and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/49999/

Red Hat update for sudo
http://secunia.com/advisories/50178/

Sauerbraten Game Engine Map Import Vulnerability
http://secunia.com/advisories/50144/

Hitachi JP1/Integrated Management Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50163/

Sleipnir Mobile for Android Arbitrary Java Method Execution Vulnerability
http://secunia.com/advisories/50094/

REMOTE: Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution
http://www.exploit-db.com/exploits/20321

REMOTE: PHP IRC Bot pbot eval() Remote Code Execution
http://www.exploit-db.com/exploits/20354

REMOTE: Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
http://www.exploit-db.com/exploits/20355

Easewe FTP(EaseWeFtp.ocx) Insecure Method Exploit
http://cxsecurity.com/issue/WLB-2012080078

PHP IRC Bot pbot eval() Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080077

Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
http://cxsecurity.com/issue/WLB-2012080076

ArDown Remote SQL Injection
http://cxsecurity.com/issue/WLB-2012080075

WespaJuris <= 3.0 Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012080074

Openconstructor CMS 3.12.0 Multiple SQL Injection
http://cxsecurity.com/issue/WLB-2012080073

Axigen Mail Server 8.0.1 stored XSS
http://cxsecurity.com/issue/WLB-2012080072

ESCON SupportPortal Pro 3.0 stored XSS
http://cxsecurity.com/issue/WLB-2012080071

MailEnable Enterprise 6.5 Stored XSS
http://cxsecurity.com/issue/WLB-2012080070

AfterLogic Mailsuite Pro (VMware Appliance) 6.3 stored XSS
http://cxsecurity.com/issue/WLB-2012080069

MailTraq 2.17.3.3150 stored XSS
http://cxsecurity.com/issue/WLB-2012080068

OpenLDAP Weak Cipher Encryption Security Weakness
http://www.securityfocus.com/bid/53823

Google Chrome Prior to 17.0.963.78 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52369

Google Chrome Prior to 18.0.1025.168 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53309

Google Chrome Prior to 17.0.963.83 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52674

WebKit Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/54680

WebKit CVE-2012-0672 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53404

Google Chrome Prior to 18.0.1025.151 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52913

Easewe FTP OCX ActiveX Control 'EaseWeFtp.ocx' Multiple Insecure Method Vulnerabilities
http://www.securityfocus.com/bid/48393

RETIRED: SEOgento 'id' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/53927

Scrutinizer Default Password Security Bypass Vulnerability
http://www.securityfocus.com/bid/54731

IBM Lotus Protector for Mail Security Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54486

Joomla En Masse Component 'sortBy' Parameter Remote SQL Injection Vulnerability
http://www.securityfocus.com/bid/54853

Linux Kernel 'fs/eventpoll.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54283

Linux Kernel 'mmap()' Failure Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53668

Hitachi JP1 Multiple Products Unspecified Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54435

Apache Tomcat Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51200

LibTIFF 't2p_read_tiff_init()' Function Heap-based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54601

Mahara Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54776

Todd Miller Sudo Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/54868

Palo Alto Networks Multiple Products 'inputStr' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54607

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-0447 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51757

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49778

MobileCartly 'add.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54917

PBBoard Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54916

JBoss Enterprise Application Platform Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/54915

Drupal Mime Mail Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/54914

Drupal Shibboleth authentication Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/54913

Drupal Shorten URLs Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54911

Drupal Better Revisions Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54910

Wordpress Postie Plugin 'From' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54909

Debian 'libotr2' Package Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54907

AfterLogic Mailsuite Pro 'Body' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54906

WordPress WP SimpleMail Plugin Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54905

Wordpress ThreeWP Email Reflector Plugin 'Subject' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54903

Xeams Email Server 'Body' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54902

SmarterMail 'Body' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54901

MailEnable Enterprise Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54900

Axigen Mail Server 'Body' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54899

Multiple Iomega Network Storage Devices Security Bypass Vulnerability
http://www.securityfocus.com/bid/54898

Google Chrome Prior to 21.0.1180.75 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/54897

EmailArchitect Email Server Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54896

SurgeMail 'Body' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54895

Escon SupportPortal 'Body' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54894

T-dah Webmail Client HTML Injection Vulnerability
http://www.securityfocus.com/bid/54893

Wespa Digital WespaJuris 'webshell.php' SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/54892

AraDown 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/54891

OTRS 'Body' Field HTML Injection Vulnerability
http://www.securityfocus.com/bid/54890

Mailtraq Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54889

WordPress Mini Mail Dashboard Widget Plugin HTML Injection Vulnerability
http://www.securityfocus.com/bid/54888

PHPList 'unconfirmed' Parameter Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/54887

ManageEngine Service Desk Plus Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/54886

Alt-N MDaemon Body HTML Injection Vulnerability
http://www.securityfocus.com/bid/54885

Oracle Database 'CTXSYS.CONTEXT' Index Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54884

Baby Gekko URI Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54883

ConcourseSuite Multiple Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/54881

Sauerbraten 'TEXTCOMMAND()' Macro Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54880

Sleipnir Mobile for Android Arbitrary Code Execution and Arbitrary Script Execution Vulnerabilities
http://www.securityfocus.com/bid/54878

Hitachi JP1/Integrated Management - Service Support Unspecified Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/54877

ラベル: ,

0 件のコメント:

コメントを投稿

登録: コメントの投稿 (Atom)