:: IT Security Neophyte Investigator's MEMO ::: 20日木曜日、赤口

2012年9月20日木曜日

20日木曜日、赤口

+ RHSA-2012:1269 Moderate: qpid security, bug fix, and enhancement update
http://rhn.redhat.com/errata/RHSA-2012-1269.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2145

+ About the security content of Safari 6.0.1
http://support.apple.com/kb/HT5502

+ About the security content of OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004
http://support.apple.com/kb/HT5501

+ About the security content of iOS 6
http://support.apple.com/kb/HT5503

+ CESA-2012:1288 Moderate CentOS 5 libxml2 Update
http://lwn.net/Alerts/516912/

+ UPDATE: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac

+ UPDATE: HPSBMU02815 SSRT100715 rev.2 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03489683%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ UPDATE: HPSBUX02729 SSRT100687 rev.4 - HP-UX Running BIND, Remote Denial of Service (DoS)
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?javax.portlet.tpst=ba847bafb2a2d782fcbb0710b053ce01&javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalState%3DdocId%25253Demr_na-c03105548%25257CdocLocale%25253Dja_JP&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ Multiple vulnerabilities in Wireshark
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049

+ Multiple vulnerabilities in Wireshark
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2394

+ CVE-2011-2524 Directory traversal vulnerability in libsoup
https://blogs.oracle.com/sunsecurity/entry/cve_2011_2524_directory_traversal
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2524

+ CVE-2012-2763 Buffer overflow vulnerability in Gimp
https://blogs.oracle.com/sunsecurity/entry/cve_2012_2763_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2763

+ CVE-2012-3236 Buffer overflow vulnerability in Gimp
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3236_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3236

+ Multiple vulnerabilities in Oracle Java Web Console
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4312
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022

+ Multiple vulnerabilities in Oracle Java Web Console
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_oracle_java
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0022

+ Multiple vulnerabilities in Pidgin
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_pidgin1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4602
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4603
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1178

+ Multiple vulnerabilities in Firefox web browser
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_firefox_web1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0479

+ Linux kernel 3.2.30 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.30

+ Cisco Secure Desktop CVE-2012-4655 Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4655

+ Cisco IOS SSLVPN Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55604
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3923
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3924

+ Cisco Identity Services Engine CVE-2012-3908 Multiple Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/55602
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3908

Check Point response to "Check Point GO Vulnerabilities report"
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk79500&src=securityAlerts

Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx

US-CERT Alert TA12-262A - Microsoft Security Advisory for Internet Explorer Exploit
http://www.derkeiler.com/Mailing-Lists/Cert/2012-09/msg00002.html

Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00090.html

[SECURITY] [DSA 2550-1] asterisk security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-09/msg00089.html

プレス発表
官民の情報セキュリティコンテンツを集約したポータルサイト「ここからセキュリティ！」を公開
～被害への対処、対策方法など、情報セキュリティの知りたい情報はここから入手可能～
http://www.ipa.go.jp/about/press/20120919.html

シマンテックがセキュリティソフトの新版、マルチOS対応製品も用意
1製品にWindows/Mac/Android用ソフトを同こん、Windows 8にも対応
http://itpro.nikkeibp.co.jp/article/NEWS/20120920/423762/?ST=security

情報セキュリティと国家のセキュリティは不可分、サイバー戦争に日本政府が打つ手は？
http://itpro.nikkeibp.co.jp/article/Watcher/20120918/423301/?ST=security

Javaゼロデイ脆弱性とBlackhole攻撃ツール
http://itpro.nikkeibp.co.jp/article/COLUMN/20120919/423492/?ST=security

ウイルス新時代に備える
［対策編］脆弱性解消と心構えが重要
http://itpro.nikkeibp.co.jp/article/COLUMN/20120912/422365/?ST=security

JVNVU#459446 PayPal Website Payments Standard を使用している osCommerce Online Merchant に検証不備の脆弱性
http://jvn.jp/cert/JVNVU459446/

JVNVU#480095 Internet Explorer に任意のコードが実行される脆弱性
http://jvn.jp/cert/JVNVU480095/

JVNTA12-262A Internet Explorer への攻撃に関する Microsoft Security Advisory (2757760) 公開
http://jvn.jp/cert/JVNTA12-262A/

Script kiddie scavenging with Shellbot.S
http://isc.sans.edu/diary.html?storyid=14116

Volatility: 2.2 is Coming Soon
http://isc.sans.edu/diary.html?storyid=14125

Sophos detecting itself as SHH/Updater-B
http://isc.sans.edu/diary.html?storyid=14131

HP SiteScope Bugs in SiteScope SOAP Feature Let Remote Users Obtain Information and Execute Arbitrary Code
http://www.securitytracker.com/id/1027547

Trend Micro InterScan Messaging Security Flaws Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks
http://www.securitytracker.com/id/1027544

OpenJPEG Heap Overflow in j2k_read_cox() Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027542

Cisco IOS SSLVPN Denial of Service Vulnerability
http://secunia.com/advisories/50676/

WordPress Answer My Question Plugin "user_name" and "subject" Script Insertion Vulnerabilities
http://secunia.com/advisories/50655/

osCommerce Website Payments Standard Module Merchant Email Address Security Bypass
http://secunia.com/advisories/50640/

WordPress Purity Theme Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50627/

Cisco Nexus 7000 Series NX-OS ARP Packet Handling Denial of Service
http://secunia.com/advisories/50671/

Cisco Identity Services Engine Cross-Site Request Forgery
http://secunia.com/advisories/50680/

LuxCal Web Calendar Multiple Vulnerabilities
http://secunia.com/advisories/50597/

Ubuntu update for isc-dhcp and dhcp3
http://secunia.com/advisories/49084/

SUSE update for otrs
http://secunia.com/advisories/50615/

SUSE update for chromium
http://secunia.com/advisories/50667/

Red Hat update for java-1.7.0-ibm
http://secunia.com/advisories/50629/

Red Hat update for libxml2
http://secunia.com/advisories/50658/

Novo Knowledge Base Enterprise Edition SQL Injection Vulnerability
http://secunia.com/advisories/50575/

Debian update for asterisk
http://secunia.com/advisories/50687/

Ubuntu update for gnupg and gnupg2
http://secunia.com/advisories/50639/

TorrentTrader Multiple Vulnerabilities
http://secunia.com/advisories/50657/

SUSE update for java-1_5_0-ibm
http://secunia.com/advisories/50585/

Ubuntu update for kernel
http://secunia.com/advisories/50677/

SUSE update for kvm
http://secunia.com/advisories/50689/

SumatraPDF Document Processing Two Vulnerabilities
http://secunia.com/advisories/50656/

Google SketchUp SKP File Processing Vulnerability
http://secunia.com/advisories/50663/

WinTR Unspecified Directory Traversal Vulnerability
http://secunia.com/advisories/50668/

MF Gig Calendar Wordpress Plugin Cross-Site Scripting
http://cxsecurity.com/issue/WLB-2012090190

Microcart 1.0 _Admin Cross-Site Scripting Security Vulnerability
http://cxsecurity.com/issue/WLB-2012090189

SmarterMail Free 9.2 stored XSS
http://cxsecurity.com/issue/WLB-2012090188

FreeSWITCH remote denial of service vulnerability
http://cxsecurity.com/issue/WLB-2012090187

LFSQ CMS Easy Login Vulnerability
http://cxsecurity.com/issue/WLB-2012090186

Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
http://cxsecurity.com/issue/WLB-2012090185

Symantec Messaging Gateway 9.5.3-3 Unauthorized SSH Access
http://cxsecurity.com/issue/WLB-2012090184

Symantec Messaging Gateway 9.5.3-3 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012090183

Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012090182

Symantec Messaging Gateway 9.5.3-3 Disclosure
http://cxsecurity.com/issue/WLB-2012090181

Oracle Hyperion SFC 12.x Remote Heap Overflow poc
http://cxsecurity.com/issue/WLB-2012090180

poweradmin Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012090179

Wordpress Admin name Information Disclosure
http://cxsecurity.com/issue/WLB-2012090178

InforpolNET SQL Injection
http://cxsecurity.com/issue/WLB-2012090177

avcmedia Cms SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012090176

firstlink Cms Cross-Site Scripting Vulnerability
http://cxsecurity.com/issue/WLB-2012090175

Google Chrome Prior to 17.0.963.56 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52031

Google Chrome Prior to 16.0.912.75 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51300

Google Chrome Prior to 15.0.874.102 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/50360

Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702

Linux Kernel SFC Driver CVE-2012-3412 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54763

Korenix Jetport 5600 Series Default Credentials Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/55196

Google Chrome Prior to 17.0.963.65 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52271

Google Chrome Prior to 14.0.835.163 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49658

Apple Safari CVE-2012-0680 Security Bypass Vulnerability
http://www.securityfocus.com/bid/54688

Apple Mac OS X CVE-2011-3457 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/51808

Google Chrome Prior to 13.0.782.215 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/49279

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/52049

libxml2 Invalid XPath Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/48056

International Components for Unicode '_canonicalize( )' Memory Corruption Vulnerability
http://www.securityfocus.com/bid/51006

libTIFF CVE-2012-1173 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/52891

libTIFF ThunderCode Decoder Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/46951

libpng 'png_set_text_2()' Function Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52830

libpng Malformed cHRM Divide-By-Zero Denial of Service Vulnerability
http://www.securityfocus.com/bid/49744

FreeType Versions Prior to 2.4.9 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/52318

ICCLIB CVE-2012-4405 Out-of-Bounds Memory Write Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55494

Linux Kernel Key Management CVE-2012-2745 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54365

Linux Kernel 'madvise_remove()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55151

WebKit SVG Images CVE-2012-3650 Uninitialized Memory Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54703

WebKit Multiple Unspecified Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55534

WebKit International CVE-2012-3693 Domain Name URI Spoofing Vulnerability
http://www.securityfocus.com/bid/54693

WebKit CVE-2012-3691 Cross Origin Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54687

WebKit WebSockets CVE-2012-3696 HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/54700

WebKit CVE-2012-3695 Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/54695

Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54203

Google Chrome Prior to 19.0.1084.52 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53679

WebKit Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/54680

Google Chrome Prior to 17.0.963.83 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52674

Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51911

Google Chrome Prior to 16.0.912.77 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51641

Google Chrome Prior to 18.0.1025.168 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53309

Google Chrome Prior to 18.0.1025.142 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52762

Google Chrome Prior to 16.0.912.63 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51041

Google Chrome Prior to 18.0.1025.151 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/52913

Google Chrome Prior to 19 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53540

Siemens SIMATIC S7-1200 SSL Private Key Reuse Spoofing Vulnerability
http://www.securityfocus.com/bid/55559

Apache QPID NullAuthenticator Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/54954

Mcrypt Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55425

Joomla! Language Switcher ModuleMultiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54259

Oracle Java SE CVE-2012-1725 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53954

Oracle Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55213

Microsoft Internet Explorer Image Arrays Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55562

Oracle Java Runtime Environment CVE-2012-3136 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55337

Oracle Java SE CVE-2012-1721 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53959

Oracle Java SE CVE-2012-1717 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53952

Oracle Java SE CVE-2012-1719 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53950

Oracle Java SE CVE-2012-1713 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53946

Oracle Java SE CVE-2012-1716 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53947

Oracle Java SE CVE-2012-1722 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53953

Oracle Java SE CVE-2012-1726 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/53948

Oracle GlassFish Server Multiple Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/53136

Oracle Java Runtime Environment CVE-2012-1682 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55336

Oracle Java SE CVE-2012-0547 Remote Java Runtime Environment Weakness
http://www.securityfocus.com/bid/55339

libxml2 Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52107

libxml2 Unspecified Out-of-Bounds Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/51084

Drupal Fonecta Verify Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55614

Drupal Spambot Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55613

Apple iPhone/iPad/iPod touch Prior to iOS 6 Multiple Vulnerabilities
http://www.securityfocus.com/bid/55612

Drupal PRH Search Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55611

Drupal Imagemenu Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55610

Apache Qpid (qpidd) Denial of Service Vulnerability
http://www.securityfocus.com/bid/55608

iFOBS 'regclientmain.jsp' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55607

Cisco Secure Desktop CVE-2012-4655 Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55606

Cisco IOS SSLVPN Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55604

WordPress WP-TopBar Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/55603

Cisco Identity Services Engine CVE-2012-3908 Multiple Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/55602

WordPress Answer My Question Plugin Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55601

Cisco Nexus 7000 Series Switches NX-OS CVE-2012-3051 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55600

FreeSWITCH Route Header Value Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55599

:: IT Security Neophyte Investigator's MEMO ::

2012年9月20日木曜日

20日木曜日、赤口

0 件のコメント:

コメントを投稿

2012年9月20日木曜日

20日 木曜日、赤口

0 件のコメント:

コメントを投稿

20日木曜日、赤口