:: IT Security Neophyte Investigator's MEMO ::: 4日火曜日、赤口

2012年9月4日火曜日

4日火曜日、赤口

+ RHSA-2012:1223 Important: java-1.7.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2012-1223.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681

+ RHSA-2012:1221 Critical: java-1.6.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2012-1221.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1682

+ RHSA-2012:1222 Important: java-1.6.0-openjdk security update
http://rhn.redhat.com/errata/RHSA-2012-1222.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1682

Trend Micro ビジネスセキュリティ 5.0または5.1をご利用のお客様へ-サポート終了のお知らせ-
http://www.trendmicro.co.jp/support/news.asp?id=1835

ウイルスバスタークラウドプログラムアップデートのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1834

PostgreSQL Conference Europe 2012 Publishes Schedule - Joe Celko to deliver opening keynote
http://www.postgresql.org/about/news/1413/

今週のSecurity Check
ブラウザーへの実装進むプライバシー保護
Do Not TrackとPrivacy by Design
http://itpro.nikkeibp.co.jp/article/COLUMN/20120903/419801/?ST=security

日経コンピュータReport
CCCがIE用ツールバーを配布中止
「利用履歴収集」リスクが顕在化
http://itpro.nikkeibp.co.jp/article/COLUMN/20120827/418364/?ST=security

JVNDB-2011-005141 Windows 上で稼働する Blue Coat Reporter におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005141.html

JVNDB-2011-005140 Blue Coat ProxySG における重要な認証情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005140.html

JVNDB-2011-005139 Blue Coat Director におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005139.html

JVNDB-2011-005138 Blue Coat で使用される BCAAA コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005138.html

JVNDB-2010-004294 Blue Coat ProxySG の Java 管理コンソールにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004294.html

JVNDB-2010-004293 Blue Coat ProxyAV アプライアンスにおけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004293.html

JVNDB-2010-004292 Blue Coat ProxySG のアクティブコンテンツの変換機能における JavaScript の検出を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004292.html

JVNDB-2010-004291 Blue Coat ProxySG における任意の CLI コマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-004291.html

JVNDB-2012-003918 (JVNTA12-240A) Oracle Java 7 に脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003918.html

JVNDB-2012-004021 (JVNVU#511404) Open Technology Real Services にクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004021.html

JVNDB-2012-004020 複数の Asterisk 製品の main/manager.c における任意のコマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004020.html

JVNDB-2012-004019 (JVNTA12-240A) Oracle Java SE の Java Runtime Environment (JRE) における Beans の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004019.html

JVNDB-2012-004018 (JVNTA12-240A) Oracle Java SE の Java Runtime Environment (JRE) における Beans の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004018.html

JVNDB-2012-004017 (JVNTA12-240A) Oracle Java SE の Java Runtime Environment (JRE) における AWT の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004017.html

JVNDB-2012-004016 Wireshark の epan/dissectors/packet-drda.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004016.html

JVNDB-2012-004015 IBM WebSphere Application Server における管理者のアクセス権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004015.html

JVNDB-2012-004014 EPractize Labs Subscription Manager における任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004014.html

JVNDB-2012-004013 DoceboLMS の iotask モジュールにおける SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004013.html

JVNDB-2012-004012 Joomla! 用 JCE コンポーネントにおける任意の PHP コードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004012.html

JVNDB-2012-004011 XChat におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004011.html

Demonstrating the value of your Intrusion Detection Program and Analysts
http://isc.sans.edu/diary.html?storyid=14023

CyberLink PowerProducer Insecure Library Loading Vulnerability
http://secunia.com/advisories/49295/

CyberLink KoanBox ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/49311/

CyberLink StreamAuthor Insecure Library Loading Vulnerability
http://secunia.com/advisories/49290/

CyberLink LabelPrint Insecure Library Loading and Buffer Overflow Vulnerabilities
http://secunia.com/advisories/49281/

Sitecom MD-253 / MD-254 Directory Traversal Vulnerability
http://secunia.com/advisories/50402/

SUSE update for gimp
http://secunia.com/advisories/50458/

Conceptronic CH3ENAS Directory Traversal Vulnerability
http://secunia.com/advisories/50396/

Joomla! iCagenda Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/50499/

AV Arcade Free "id" SQL Injection Vulnerability
http://secunia.com/advisories/50491/

Admidio Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/50483/

FFmpeg Multiple Vulnerabilities
http://secunia.com/advisories/50468/

IBM Lotus Domino XSS and IL vulnerabilities
http://cxsecurity.com/issue/WLB-2012090012

Oracle Java SE CVE-2012-0547 Remote Java Runtime Environment Weakness
http://www.securityfocus.com/bid/55339

Oracle Java Runtime Environment CVE-2012-1682 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55336

Adobe Photoshop CVE-2012-0275 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55372

Mozilla Firefox/SeaMonkey CVE-2012-3976 Address Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/55313

OpenStack Keystone Token Expiration Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/54709

Mozilla Firefox/Thunderbird CVE-2012-3974 Local Code Execution Vulnerability
http://www.securityfocus.com/bid/55312

Mozilla Firefox CVE-2012-3979 '__android_log_print' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55344

Mozilla Firefox CVE-2012-3965 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55256

Mozilla Firefox CVE-2012-3973 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55308

OpenStack Keystone CVE-2012-3542 Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/55326

Mozilla Firefox/Thunderbird Web Console CVE-2012-3980 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55257

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1970 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55266

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1971 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55264

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3968 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55276

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3966 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55274

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3970 Use-After-Free Memory CorruptionVulnerability
http://www.securityfocus.com/bid/55278

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1972 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55314

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-3969 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55292

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3967 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55277

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-3972 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55310

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3978 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55306

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3971 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55304

Mozilla Firefox/SeaMonkey/Thunderbird Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55311

GNU Gatekeeper CVE-2012-3534 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55198

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1973 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55316

Oracle Java Runtime Environment Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55213

Oracle Java Runtime Environment CVE-2012-3136 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55337

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1956 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55260

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3961 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55321

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3964 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55322

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3958 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55323

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3959 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55324

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1975 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55318

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3960 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55325

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3956 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55320

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1976 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55319

Alligra Calligra Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54816

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3963 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55340

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3962 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55342

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3957 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55341

Condor CVE-2012-3416 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55032

RoundCube Webmail Larry Skin HTML injection Vulnerability
http://www.securityfocus.com/bid/55067

jabberd XMPP Server Dialback Protection Bypass Component Security Bypass Vulnerability
http://www.securityfocus.com/bid/55167

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1974 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55317

Linux Kernel Netlink Message Handling Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55152

OCaml xml-light Library Hash Collision Denial of Service Vulnerability
http://www.securityfocus.com/bid/55114

ZABBIX 'itemid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/54661

GIMP Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55101

Drupal Chaos Tool Suite Module Local File Include Vulnerability
http://www.securityfocus.com/bid/54918

phpMyAdmin CVE-2012-4219 'show_config_errors.php' Full Path Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55057

phpMyAdmin Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/55068

GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982

Wireshark Versions Prior to 1.8.2 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55035

ImageMagick 'Magick_png_malloc()' Function Denial of Service Vulnerability
http://www.securityfocus.com/bid/54714

Bacula MySQL Password Information Disclosure Vulnerability
http://www.securityfocus.com/bid/26156

Bacula CVE-2008-5373 Symlink Attack Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54740

Xfig 'u_bound.c' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/55197

Xfig and Transfig '.fig' File Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/37193

OpenTTD 'Water Clearing' Feature Denial Of Service Vulnerability
http://www.securityfocus.com/bid/54720

PostgreSQL 'xml_parse()' Function Arbitrary File Access Vulnerability
http://www.securityfocus.com/bid/55074

PostgreSQL 'xslt_process()' Function Arbitrary File Creation or Overwrite Vulnerability
http://www.securityfocus.com/bid/55072

GIMP 'fit' File Format Denial of Service Vulnerability
http://www.securityfocus.com/bid/54246

GIMP CVE-2012-2763 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53741

Debian 'libotr2' Package Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54907

Adobe Photoshop CVE-2012-4170 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55333

Secure Locate Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/21989

Fetchmail NTLM Authentication Debug Mode Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54987

Barracuda SSL VPN 680 Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/54593

Opera Web Browser Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49388

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
http://www.securityfocus.com/bid/49778

CyberLink PowerProducer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/55380

CyberLink KoanBox ActiveX Control 'koanbox.dll' ActiveX Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55379

CyberLink StreamAuthor Insecure Library Loading Multiple Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/55378

CyberLink LabelPrint Multiple '.lpp' File Remote Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55377

CyberLink LabelPrint Multiple Insecure Library Loading Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/55376

ArticleSetup Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/55373

Sitecom Home Storage Center Directory Traversal Vulnerability
http://www.securityfocus.com/bid/55371

Multiple Conceptronic Products Directory Traversal Vulnerability
http://www.securityfocus.com/bid/55369

Admidio SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/55363

:: IT Security Neophyte Investigator's MEMO ::

2012年9月4日火曜日

4日火曜日、赤口

0 件のコメント:

コメントを投稿

2012年9月4日火曜日

4日 火曜日、赤口

0 件のコメント:

コメントを投稿

4日火曜日、赤口