2012年9月24日月曜日
24日 月曜日、仏滅
+ UPDATE: Microsoft Security Advisory (2757760) Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://technet.microsoft.com/en-us/security/advisory/2757760
+ UPDATE: Microsoft Security Advisory (2755801) Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
http://technet.microsoft.com/en-us/security/advisory/2755801
+ UPDATE: マイクロソフト セキュリティ アドバイザリ (2757760) Internet Explorer の脆弱性により、リモートでコードが実行される
http://technet.microsoft.com/ja-jp/security/advisory/2757760
+ マイクロソフト セキュリティ アドバイザリ (2755801) Internet Explorer 10 における Adobe Flash Player の脆弱性に関する更新プログラム
http://technet.microsoft.com/ja-jp/security/advisory/2755801
+ Microsoft Internet Explorer cloneNode Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55647
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2557
+ Microsoft Internet Explorer Layout Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55646
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2548
+ Microsoft Internet Explorer Event Listener Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2546
+ Microsoft Internet Explorer OnMove Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55641
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1529
緊急サーバメンテナンスのお知らせ(2012年9月23日)
http://www.trendmicro.co.jp/support/news.asp?id=1841
Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
尖閣諸島関連改ざん被害の裁判所Webサイト、1週間ぶりに復旧
http://itpro.nikkeibp.co.jp/article/NEWS/20120921/424403/?ST=security
セキュアブレイン、社内のマルウエア感染状況を可視化するSaaSを開始
http://itpro.nikkeibp.co.jp/article/NEWS/20120921/424324/?ST=security
JVNDB-2012-001793 JP1/Cm2/Network Node Manager i におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001793.html
JVNDB-2012-004397 (JVNVU#480095) (JVNTA12-262A) Internet Explorer に任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004397.html
JVNDB-2012-004519 KnowledgeTree の config/dmsDefaults.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004519.html
JVNDB-2012-004518 Caminova DjVu Browser Plug-in におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004518.html
JVNDB-2012-004517 VR GPub の admin/admin_options.php におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004517.html
JVNDB-2012-004516 Parallels H-Sphere におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004516.html
JVNDB-2012-004515 NoMachine NX Web Companion の nxapplet.jar における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004515.html
JVNDB-2012-004514 Social Book Facebook Clone におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004514.html
JVNDB-2012-004513 e107 用 jbShop プラグインの jbshop.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004513.html
JVNDB-2012-004512 Online Subtitles Workshop におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004512.html
JVNDB-2012-004511 HP Network Node Manager i におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004511.html
JVNDB-2012-004510 OrderSys における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004510.html
JVNDB-2012-004509 WordPress 用 ClickDesk Live Support - Live Chat におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004509.html
JVNDB-2012-004508 WordPress 用 ZooEffect プラグインにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004508.html
JVNDB-2012-004507 WordPress 用 Skysa App Bar Integration プラグインにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004507.html
JVNDB-2012-004506 eSyndiCat Pro の admin/controller.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004506.html
Update for CVE-2012-3132
http://isc.sans.edu/diary.html?storyid=14164
iOS 6 Security Roundup
http://isc.sans.edu/diary.html?storyid=14152
IE Cumulative Updates MS12-063 - KB2744842
http://isc.sans.edu/diary.html?storyid=14155
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)
http://isc.sans.edu/diary.html?storyid=14158
Storing your Collection of Malware Samples with Malwarehouse
http://isc.sans.edu/diary.html?storyid=14161
Microsoft Internet Explorer Multiple Use-After-Free Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027555
Apache CXF Lets Remote Authenticated Users Execute Unauthorized SOAP Actions
http://www.securitytracker.com/id/1027554
Zend Framework Input Validation Flaws Permit Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027553
ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
http://cxsecurity.com/issue/WLB-2012090213
FlatOut Malformed .bed file Buffer Overflow
http://cxsecurity.com/issue/WLB-2012090212
infobigs CMS LFI Vulnerability
http://cxsecurity.com/issue/WLB-2012090211
tapinllc Cms SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012090210
2xl Cms SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012090209
WEBBISH SQL Injection
http://cxsecurity.com/issue/WLB-2012090208
Gazine2 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012090207
Toshiba ConfigFree CF7 File Remote Command Execution
http://cxsecurity.com/issue/WLB-2012090206
Toshiba ConfigFree CF7 File Stack Buffer Overflow (Comment Field)
http://cxsecurity.com/issue/WLB-2012090205
Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName)
http://cxsecurity.com/issue/WLB-2012090204
Thomson Wireless VoIP Cable Modem Auth Bypass
http://cxsecurity.com/issue/WLB-2012090203
libdbus DBUS_SYSTEM_BUS_ADDRESS trivial non-dbus root exploit
http://cxsecurity.com/issue/WLB-2012090202
Apache CXF SOAP Action Spoofing Attacks
http://cxsecurity.com/issue/WLB-2012090201
AShop 5.3.4 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012090200
cgCraft llc SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012090199
Jessica Rhaye Design <= Cross Site Scripting Vulnerabilities
http://cxsecurity.com/issue/WLB-2012090198
Tariq Rauf SQL Injection
http://cxsecurity.com/issue/WLB-2012090197
Rocket Web Consulting SQL Injection
http://cxsecurity.com/issue/WLB-2012090196
NW7Design SQL Injection
http://cxsecurity.com/issue/WLB-2012090195
Zen Load Balancer Two Information Disclosure Security Issues
http://secunia.com/advisories/50690/
Fortinet FortiOS (FortiGate) Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50638/
Manhali "f" Arbitrary File Disclosure Vulnerability
http://secunia.com/advisories/50570/
Zend Framework Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50682/
Avaya Aura Session Manager OpenSSL Two Vulnerabilities
http://secunia.com/advisories/50678/
Avaya Application Enablement Services Two Vulnerabilities
http://secunia.com/advisories/50712/
Avaya Aura Communication Manager Multiple Vulnerabilities
http://secunia.com/advisories/50684/
Avaya Voice Portal Multiple Vulnerabilities
http://secunia.com/advisories/50614/
Avaya Aura System Manager X.Org xserver File Locking Weakness
http://secunia.com/advisories/50675/
iFOBS Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/50603/
Ubuntu update for dbus
http://secunia.com/advisories/50710/
Red Hat update for Red Hat Enterprise MRG
http://secunia.com/advisories/50697/
Cumin Multiple Vulnerabilities
http://secunia.com/advisories/50660/
eSyndiCat Pro Multiple Cross Site Scripting Vulnerabilities
2012-09-22
http://www.securityfocus.com/bid/50822
Linux Kernel SFC Driver CVE-2012-3412 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54763
Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702
HP SiteScope UploadFilesHandler Directory Traversal Vulnerability
http://www.securityfocus.com/bid/55273
KVM CVE-2012-2121 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53162
Linux Kernel 'madvise_remove()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55151
Adobe Flash Player and AIR APSB12-19 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/55136
Adobe Flash Player and AIR CVE-2012-4171 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55365
Adobe Flash Player CVE-2012-1535 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55009
Drupal Password Policy Module Cross Site Request Forgery and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/51385
Drupal Search Autocomplete Module Database API SQL Injection Vulnerability
http://www.securityfocus.com/bid/51667
Drupal Admin:hover Module Cross Site Request Forgery Vulnerabilities
http://www.securityfocus.com/bid/51388
Drupal Taxotouch Module Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51384
Drupal Taxonomy Navigator Module Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51387
FlashFXP Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/52259
Hitachi JP1/Cm2/Network Node Manager i Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/52205
deV!L`z Clanportal Witze Addon 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52286
Mercury MR804 Router Multiple HTTP Header Fields Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52106
starCMS 'q' Parameter URI Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52262
Ricoh Company DC Software DL-10 'USER' Command Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52235
Caminova DjVu Browser Plug-in 'npdjvu.dll' File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51675
RivetTracker Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/52283
AneCMS 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/52272
Drupal Fill PDF Module Security Bypass and Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/51288
Microsoft Internet Explorer Image Arrays Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55562
NX Web Companion Applet Handling Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/51676
Drupal Support Timer Module Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50873
Drupal Supercron Module Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51383
Drupal Webform Validation Module Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50872
e107 CMS jbShop Plugin 'item_id' SQL Injection Vulnerability
http://www.securityfocus.com/bid/50438
Infoblox NetMRI Admin Login Page Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50646
OrderSys 'where_clause' Parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/50550
Online Subtitles Workshop 'video_comments.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/50382
HP Network Node Manager i Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50806
WordPress 1-jquery-photo-gallery-slideshow-flash Plugin Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50860
WordPress Skysa App Bar Plugin 'idnews' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50824
WordPress Lanoba Social Plugin 'action' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50746
WordPress ClickDesk Live Support Plugin 'cdwidget' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/50778
Drupal Support Ticketing System Module Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50871
Drupal Vote up/down Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/51376
Drupal Date Module SQL Injection Vulnerability
http://www.securityfocus.com/bid/51378
Timesheet Next Gen Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/52270
KnowledgeTree Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/51373
Drupal Submenu Tree Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52226
Social Book Facebook Clone 2010 Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/50840
Drupal Hierarchical Select Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52228
Drupal Taxonomy Views Integrator Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/52227
Drupal Managesite Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51669
Cumin Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/55618
Linux Kernel FSGEOMETRY_V1 IOCTL Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46417
Condor Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55632
X.Org X11 File Enumeration Information Disclosure Vulnerability
http://www.securityfocus.com/bid/50193
Linux Kernel Request Handling 'cm.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/46839
Linux Kernel 'inet_diag_bc_audit()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/48333
Linux Kernel Bluetooth 'l2cap_sock.c' and 'rfcomm/sock.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/48441
Linux Kernel EFI Partition Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47796
Red Hat Linux Kernel VLAN Packets Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/48907
Xen Instruction Emulation During VM Exits Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/48610
Linux Kernel 'agp_ioctl()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/47534
Linux Kernel 'agp_ioctl()' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/47843
Linux Kernel 'agp_allocate_memory/agp_create_user_memory' Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/47535
Linux Kernel 'ib_uverbs_poll_cq()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46488
Linux Kernel 'next_pidmap()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47497
Linux Kernel SCTP INIT/INIT-ACK Chunk Length Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47308
Linux Kernel Signal Code Spoofing Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/47003
Linux Kernel 'ib_uverbs_poll_cq()' Integer Overflow Vulnerability
http://www.securityfocus.com/bid/46073
Microsoft Internet Explorer cloneNode Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55647
Microsoft Internet Explorer Layout Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55646
Microsoft Internet Explorer Event Listener Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55645
Toshiba ConfigFree 'CF7' File Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55644
Toshiba ConfigFree 'CF7' File Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/55643
Microsoft Internet Explorer OnMove Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55641
Monkey HTTP Daemon Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55639
ZEN Load Balancer Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55638
Zend Framework Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/55636
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿