2012年9月18日火曜日
18日 火曜日、仏滅
+ RHSA-2012:1283 Important: openjpeg security update
http://rhn.redhat.com/errata/RHSA-2012-1283.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3535
+ RHSA-2012:1284 Moderate: spice-gtk security update
http://rhn.redhat.com/errata/RHSA-2012-1284.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4425
+ CESA-2012:1266 Important CentOS 5 bind97 Update
http://lwn.net/Alerts/516280/
+ CESA-2012:1267 Important CentOS 5 bind Update
http://lwn.net/Alerts/516282/
+ CESA-2012:1268 Important CentOS 6 bind Update
http://lwn.net/Alerts/516283/
+ CESA-2012:1264 Moderate CentOS 5 postgresql Update
http://lwn.net/Alerts/516272/
+ CESA-2012:1263 Moderate CentOS 5 postgresql84 Update
http://lwn.net/Alerts/516274/
+ CESA-2012:1265 Important CentOS 5 libxslt Update
http://lwn.net/Alerts/516275/
+ CESA-2012:1261 Moderate CentOS 6 dbus Update
http://lwn.net/Alerts/516276/
+ CESA-2012:1265 Important CentOS 6 libxslt Update
http://lwn.net/Alerts/516278/
+ CESA-2012:1263 Moderate CentOS 6 postgresql Update
http://lwn.net/Alerts/516279/
+ HPSBMU02813 SSRT100712 rev.1 - HP Operations Orchestration, Remote Execution of Arbitrary Code
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03490339%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ RHSA-2012:1266 Important: bind97 security update
http://rhn.redhat.com/errata/RHSA-2012-1266.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244
+ RHSA-2012:1267 Important: bind security and bug fix update
http://rhn.redhat.com/errata/RHSA-2012-1267.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244
+ Linux kernel 3.5.4, 3.4.11, 3.0.43 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.11
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.43
+ Samba 3.6.8 Available for Download
http://www.samba.org/samba/history/samba-3.6.8.html
+ Sudo 1.8.6p2, 1.7.10p2 released
http://www.sudo.ws/sudo/stable.html#1.8.6p2
http://www.sudo.ws/sudo/stable.html#1.7.10p2
+ VU#480095 Microsoft Internet Explorer 7/8/9 contain a use-after-free vulnerability
http://www.kb.cert.org/vuls/id/480095
+ Microsoft Internet Explorer Image Arrays Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55562
+ Microsoft Windows Phone 7 SSL Certificate 'Common Name' Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/55569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2993
+ GNOME Shell Browser Plugin Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4427
UPDATE: Vulnerability in Citrix Receiver with Online Plug-in for Windows could result in arbitrary code execution
http://support.citrix.com/article/CTX134681
Multiple instances of the Sophos Anti-Virus for Mac OS X version 8.0.6 package are displayed in SUM
http://www.sophos.com/en-us/support/knowledgebase/118285.aspx
JVNVU#471364 InterScan Messaging Security Suite に複数の脆弱性
http://jvn.jp/cert/JVNVU471364/index.html
[Positive Research] Intel SMEP overview and partial bypass on Windows 8 (whitepaper)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00076.html
[waraxe-2012-SA#089] - Multiple Vulnerabilities in TorrentTrader 2.08
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00075.html
Secunia Research: Novell GroupWise iCalendar Date/Time Parsing Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00074.html
[IA38] NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Local Buffer Overflow
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00073.html
[ MDVSA-2012:153 ] dhcp
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00063.html
[SECURITY] [DSA 2549-1] devscripts security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00062.html
[SECURITY] [DSA 2480-4] request-tracker3.8 regression update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00061.html
IPv6 Toolkit v1.2.3 released! (and upcoming IPv6 security trainings)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00072.html
[slackware-security] dhcp (SSA:2012-258-01)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00071.html
[slackware-security] patch (SSA:2012-257-02)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00069.html
[slackware-security] bind (SSA:2012-257-01)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00070.html
[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00068.html
[SECURITY] [DSA 2548-1] tor security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00060.html
NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00067.html
ASTPP VoIP Billing (4cf207a) - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00066.html
ipv6mon v1.0 released! (IPv6 address monitoring daemon)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00065.html
[ MDVSA-2012:152 ] bind
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00059.html
[SECURITY] [DSA 2548-1] Debian Security Team PGP/GPG key change notice
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00064.html
JVNDB-2012-004017 (JVNTA12-240A) Oracle Java SE の Java Runtime Environment (JRE) における AWT の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004017.html
JVNDB-2012-004019 (JVNTA12-240A) Oracle Java SE の Java Runtime Environment (JRE) における Beans の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004019.html
JVNDB-2012-004018 (JVNTA12-240A) Oracle Java SE の Java Runtime Environment (JRE) における Beans の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004018.html
JVNDB-2012-003918 (JVNTA12-240A) Oracle Java 7 に脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003918.html
JVNDB-2012-003802 phpMyAdmin の Database Structure ページにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003802.html
JVNDB-2012-003801 phpMyAdmin の show_config_errors.php における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003801.html
JVNDB-2012-003511 libvirt の virTypedParameterArrayClear 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003511.html
JVNDB-2012-003509 ImageMagick の coders/png.c の Magick_png_malloc 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003509.html
JVNDB-2012-003580 libpng の pngpread.c におけるサービス運用妨害 (out-of-bounds read) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003580.html
JVNDB-2012-003493 Puppet および Puppet Enterprise における重要な設定情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003493.html
JVNDB-2012-003933 Performance Co-Pilot におけるサービス運用妨害 (pmcd ハング) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003933.html
JVNDB-2012-003932 Performance Co-Pilot におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003932.html
JVNDB-2012-003931 Performance Co-Pilot における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003931.html
JVNDB-2012-003706 Wireshark の Ixia IxVeriWave ファイルパーサにおける整数符号エラーの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003706.html
JVNDB-2012-003930 Performance Co-Pilot の libpcp におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003930.html
JVNDB-2012-003705 Wireshark の GSM RLC MAC 解析機能におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003705.html
JVNDB-2012-003704 Wireshark の RTPS2 解析機能におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003704.html
JVNDB-2012-003579 Linux DiskQuota における hosts.deny の TCP Wrapper ルールを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003579.html
JVNDB-2012-003703 Wireshark の ERF 解析機能におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003703.html
JVNDB-2012-003702 Wireshark の ERF 解析機能におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003702.html
JVNDB-2012-003701 Wireshark の EtherCAT Mailbox 解析機能におけるサービス運用妨害 (アプリケーションの終了) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003701.html
JVNDB-2012-003700 Wireshark の STUN 解析機能におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003700.html
JVNDB-2012-003699 Wireshark の CIP 解析機能におけるサービス運用妨害 (メモリ消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003699.html
JVNDB-2012-003698 Wireshark の CTDB 解析機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003698.html
JVNDB-2012-003697 Wireshark の AFP 解析機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003697.html
JVNDB-2012-003696 Wireshark の XTP 解析機能における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003696.html
JVNDB-2012-003695 Wireshark の MongoDB 解析機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003695.html
JVNDB-2012-003694 Wireshark の pcap-ng ファイルパーサにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003694.html
JVNDB-2012-003693 Wireshark の DCP ETSI 解析機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003693.html
JVNDB-2012-003494 Puppet および Puppet Enterprise における巧妙に細工されたエージェント証明書に署名させられる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003694.html
JVNDB-2012-003492 Puppet および Puppet Enterprise におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003692.html
JVNDB-2012-003491 Puppet および Puppet Enterprise における任意のファイルを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003691.html
JVNDB-2012-004314 (JVNTA12-255A) Microsoft Systems Management Server および System Center Configuration Manager におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004314.html
JVNDB-2012-004313 (JVNTA12-255A) Microsoft Visual Studio Team Foundation Server におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004313.html
JVNDB-2012-004327 Cisco ASA-CX Context-Aware Security モジュールおよび Prime Security Manager におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004327.html
JVNDB-2012-004326 Cisco Unified Presence および Jabber Extensible Communications Platform におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004326.html
JVNDB-2012-003578 LibTIFF の tiff2pdf におけるサービス運用妨害 (クラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003578.html
JVNDB-2012-003878 GIMP の GIF 画像形式用プラグインにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003878.html
JVNDB-2012-003873 GIMP の KiSS CEL ファイルフォーマットプラグインにおけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003873.html
JVNDB-2012-003524 Linux Kernel におけるサービス運用妨害 (パニック) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003524.html
JVNDB-2012-003523 Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003523.html
JVNDB-2012-003483 OpenOffice.org および LibreOffice におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003483.html
IE Zero Day is "For Real"
http://isc.sans.edu/diary.html?storyid=14107
What's on your iPad?
http://isc.sans.edu/diary.html?storyid=14110
Analyzing Malicious RTF Files Using OfficeMalScanner's RTFScan
http://isc.sans.edu/diary.html?storyid=14092
Scam Report - Fake Voice Mail Email Notification Redirects to Malicious Site
http://isc.sans.edu/diary.html?storyid=14098
ISC Feature of the Week: Privacy Policy
http://isc.sans.edu/diary.html?storyid=14101
Microsoft Internet Explorer Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027538
Moodle Multiple Bugs Let Remote Authenticated Users Bypass Security Restrictions and Gain Elevated Privileges
http://www.securitytracker.com/id/1027537
Novell GroupWise Internet Agent Integer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027536
MCrypt Stack Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027532
IBM AIX NFSv4 GID Enforcement Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027531
VU#591667 CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent account vulnerability
http://www.kb.cert.org/vuls/id/591667
VU#389795 Windows Phone 7 does not check certificate Common Names when sending or receiving emails over SSL.
http://www.kb.cert.org/vuls/id/389795
LOCAL: NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Buffer Overflow
http://www.exploit-db.com/exploits/21331/
DoS/PoC: Novell Groupwise 8.0.2 HP3 and 2012 Integer Overflow Vulnerability
http://www.exploit-db.com/exploits/21326
Microsoft Internet Explorer execCommand Use-After-Free Exploit
http://cxsecurity.com/issue/WLB-2012090167
Netsweeper WebAdmin Portal CSRF & XSS & SQL Injection
http://cxsecurity.com/issue/WLB-2012090166
FreeWebshop 2.2.9 Cross Site Scripting & SQL Injection
http://cxsecurity.com/issue/WLB-2012090165
TorrentTrader 2.08 Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012090164
Webmin /file/show.cgi Remote Command Execution
http://cxsecurity.com/issue/WLB-2012090163
Joomla <= 1.0.9 Weblinks blind SQL injection / admin credentials
http://cxsecurity.com/issue/WLB-2012090162
SmartSniff DLL Hijacking Exploit (wpcap.dll)
http://cxsecurity.com/issue/WLB-2012090161
SEasyOfficeRecovery DLL Hijacking Exploit (dwmapi.dll)
http://cxsecurity.com/issue/WLB-2012090160
KnFTP 1.0.0 Server Remote Buffer Overflow Exploit USER command
http://cxsecurity.com/issue/WLB-2012090159
KnFTP FTP Server Multiple Commands Remote Buffer Overflow
http://cxsecurity.com/issue/WLB-2012090158
Free MP3 CD Ripper 2.6 (wav) Ruby PoC
http://cxsecurity.com/issue/WLB-2012090157
Free MP3 CD Ripper 2.6 (wav) stack buffer overflow PoC exploit
http://cxsecurity.com/issue/WLB-2012090156
Free MP3 CD Ripper 1.1 (WAV File) Stack Buffer Overflow
http://cxsecurity.com/issue/WLB-2012090155
AbsoluteFTP 1.9.6 - 2.2.10 Remote Buffer Overflow (LIST)
http://cxsecurity.com/issue/WLB-2012090154
Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities
http://cxsecurity.com/issue/WLB-2012090153
Sound Editor Pro v7.5.1 Stack-based Buffer Overflow
http://cxsecurity.com/issue/WLB-2012090152
XRIX SQL Injection Bug
http://cxsecurity.com/issue/WLB-2012090151
LuxCal v2.7.0 Multiple Remote Vulnerabilities
http://cxsecurity.com/issue/WLB-2012090150
libgio CVE-2012-4425 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55555
Microsoft Internet Explorer Image Arrays Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55562
Webmin Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/55446
WordPress Security Bypass And Unspecified Vulnerabilities
http://www.securityfocus.com/bid/55455
libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Variable Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55517
OpenJPEG Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55214
Asterisk 'externalIVR' Application Shell Command Execution Security Bypass Vulnerability
http://www.securityfocus.com/bid/55351
Xen 'physdev_get_free_pirq' CVE-2012-3495 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55406
Xen CVE-2012-3515 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55413
Xen 'set_debugreg' CVE-2012-3494 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55400
Xen 'XENMEM_populate_physmap' CVE-2012-3496 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55412
Xen CVE-2012-4411 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/55442
Xen 'PHYSDEVOP_map_pirq' Index CVE-2012-3498 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55414
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1956 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55260
MoinMoin Virtual Group ACL Evaluation Security Bypass Vulnerability
http://www.securityfocus.com/bid/55391
ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522
Netsweeper Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/54355
Atlassian Confluence Error Page Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55509
Blender Unspecified Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/28936
Expat XML Parsing Multiple Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/52379
Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53946
PHP PDO Memory Access Violation Denial of Service Vulnerability
http://www.securityfocus.com/bid/54777
PHP 'header()' HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/55297
PHP '_php_stream_scandir()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54638
PHP 'main/SAPI.c' CVE-2012-4388 HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/55527
Novell GroupWise Internet Agent CVE-2012-0271 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/55551
ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55530
Multiple Products CVE-2012-3500 Temporary File Handling Security Vulnerability
http://www.securityfocus.com/bid/55358
Oracle Business Transaction Management Server Arbitrary File Write Vulnerability
http://www.securityfocus.com/bid/54839
NCMedia Sound Editor Pro 'MRUList201202.dat' File Local Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55579
minimal Gallery 'index.php' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/55577
Netsweeper 'view_details.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/55576
Novell GroupWise Date/Time Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/55574
SpiceWorks Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55572
GnuPG Short Key ID Security Bypass Vulnerability
http://www.securityfocus.com/bid/55571
CoSoSys Endpoint Protector CVE-2012-2994 Predictable Password Generation Vulnerability
http://www.securityfocus.com/bid/55570
Microsoft Windows Phone 7 SSL Certificate 'Common Name' Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/55569
webERP 'WO' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/55568
FreeWebshop Multiple SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/55567
OptiPNG Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55566
Moodle Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55565
Debian devscripts Multiple Arbitrary File Deletion and Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/55564
IFOBS 'regclientprint.jsp' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55561
Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53950
Oracle Java SE CVE-2012-1718 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53951
Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53952
Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702
Linux Kernel SFC Driver CVE-2012-3412 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54763
Linux Kernel 'madvise_remove()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55151
Linux Kernel Key Management CVE-2012-2745 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54365
IOServer Directory Traversal Vulnerability
http://www.securityfocus.com/bid/55093
Mozilla Firefox CVE-2012-3973 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55308
Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54203
MySQL Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/51925
Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51911
RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52154
Google Chrome Prior to 21.0.1180.89 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55331
libxslt 'generate-id()' Function Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47668
PostgreSQL 'xslt_process()' Function Arbitrary File Creation or Overwrite Vulnerability
http://www.securityfocus.com/bid/55072
libcrypt 'crypt()' Password Encryption Weakness
http://www.securityfocus.com/bid/53729
PostgreSQL 'xml_parse()' Function Arbitrary File Access Vulnerability
http://www.securityfocus.com/bid/55074
PostgreSQL Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52188
PostgreSQL 'SECURITY DEFINER' and 'SET' Attributes Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53812
D-Bus Message Byte Order Denial of Service Vulnerability
http://www.securityfocus.com/bid/48216
Xen CVE-2012-3433 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54942
Xen HVM Guest User Mode MMIO Emulation Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/54691
Xen PyGrub Kernel Decompression Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/53650
Oracle Java SE CVE-2012-0547 Remote Java Runtime Environment Weakness
http://www.securityfocus.com/bid/55339
Oracle Java Runtime Environment CVE-2012-1682 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55336
OpenSLP 'SLPIntersectStringList()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/55540
qdPM Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/54022
udev Netlink Message Validation Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34536
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-3969 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55292
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3968 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55276
Mozilla Firefox/SeaMonkey/Thunderbird Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55311
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3970 Use-After-Free Memory CorruptionVulnerability
http://www.securityfocus.com/bid/55278
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-3972 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55310
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3960 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55325
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3961 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55321
Mozilla Firefox/Thunderbird CVE-2012-3974 Local Code Execution Vulnerability
http://www.securityfocus.com/bid/55312
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3963 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55340
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3962 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55342
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3956 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55320
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3958 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55323
GNU patch Path Name Directory Traversal Vulnerability
http://www.securityfocus.com/bid/46768
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1972 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55314
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3964 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55322
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1973 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55316
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1971 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55264
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1976 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55319
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1974 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55317
Mozilla Firefox CVE-2012-3965 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55256
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1970 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55266
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1975 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55318
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3971 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55304
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3959 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55324
Mozilla Firefox/SeaMonkey CVE-2012-3976 Address Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/55313
Mozilla Firefox CVE-2012-3979 '__android_log_print' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55344
Mozilla Firefox/Thunderbird Web Console CVE-2012-3980 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55257
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3966 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55274
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3957 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55341
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3967 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55277
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3978 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55306
Joomla! and Mambo FCKeditor Module 'Connector' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/55563
McAfee Application Control Automatic File Execution Security Bypass Vulnerability
http://www.securityfocus.com/bid/55558
Mcrypt Multiple Format String Vulnerabilities
http://www.securityfocus.com/bid/55557
GNOME Shell Browser Plugin Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55556
SE46 Application Whitelisting 'PIF' File Automatic File Execution Security Bypass Vulnerability
http://www.securityfocus.com/bid/55554
OpenX 'xajaxargs' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/55553
Vino CVE-2012-4429 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55548
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿