2012年10月11日木曜日
11日 木曜日、先負
+ Google Chrome 22.0.1229.94 released
http://googlechromereleases.blogspot.jp/2012/10/stable-channel-update_6105.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5112
+ CESA-2012:1350 Critical CentOS 5 firefox Update
http://lwn.net/Alerts/519147/
+ CESA-2012:1351 Critical CentOS 5 thunderbird Update
http://lwn.net/Alerts/519148/
+ Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa
+ Multiple Vulnerabilities in the Cisco WebEx Recording Format Player
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
+ Multiple Vulnerabilities in Cisco Firewall Services Module
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm
+ SYM12-016: Security Advisories Relating to Symantec Products - Symantec Ghost Solution Suite Memory Corruption
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121010_00
+ Tomcat 5.5.36 Released
http://tomcat.apache.org/tomcat-5.5-doc/changelog.html
+ curl and libcurl 7.28.0 released
http://curl.haxx.se/changes.html#7_28_0
+ Linux kernel 3.2.31 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.31
+ OpenLDAP 2.4.33 released
http://www.openldap.org/software/release/
http://www.openldap.org/software/release/changes.html
+ SA50895 Linux Kernel "uname()" Kernel Memory Disclosure Weakness
http://secunia.com/advisories/50895/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0957
+ Linux Kernel 'uname()' System Call Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0957
+ Symantec Ghost Solutions Suite Backup File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55748
注意喚起:不正プログラムを使用した遠隔操作によるなりすまし犯行予告事件に関する注意喚起
http://www.trendmicro.co.jp/support/news.asp?id=1851
[更新]ウイルス検索エンジン VSAPI 9.700 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1831
プレス発表
制御システムにおけるセキュリティマネジメントシステムの構築に向けた解説書の公開
~IEC62443-2-1の活用のアプローチ~
http://www.ipa.go.jp/about/press/20121010.html
世界のセキュリティ・ラボから
中国ハッカー集団が関与するセキュリティ侵害
http://itpro.nikkeibp.co.jp/article/COLUMN/20121005/428102/?ST=security
JVN#63650108 Smarty におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN63650108/
JVNTA12-283A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-283A/
JVNDB-2012-004789 IBM Lotus Notes Traveler の servlet/traveler におけるアクセス権を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004789.html
JVNDB-2012-004788 IBM Lotus Notes Traveler の servlet/traveler におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004788.html
JVNDB-2012-004787 IBM Lotus Notes Traveler の servlet/traveler におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004787.html
JVNDB-2012-004786 IBM Lotus Notes Traveler の servlet/traveler/ILNT.mobileconfig におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004786.html
JVNDB-2012-004785 IBM Lotus Notes Traveler の servlet/traveler におけるオープンリダイレクトの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004785.html
JVNDB-2012-004784 SpamTitan WebTitan の logs-x.php におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004784.html
JVNDB-2012-004783 SpamTitan WebTitan の tools.php における任意のコマンドを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004783.html
JVNDB-2012-004782 SpamTitan WebTitan における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004782.html
JVNDB-2012-004781 Virtual War の article.php におけるサービス運用妨害 (メモリ消費) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004781.html
JVNDB-2012-004780 Virtual War におけるタイムアウトおよびログアウトアクションを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004780.html
JVNDB-2012-004779 Virtual War の includes/functions_common.php におけるパスワードを検出される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004779.html
JVNDB-2012-004778 Virtual War の popup.php におけるメンバの制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004778.html
JVNDB-2012-004777 Virtual War におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004777.html
JVNDB-2012-004776 Virtual War の article.phpにおける SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004776.html
JVNDB-2012-000094 (JVN#63650108) Smarty におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000094.html
JVNDB-2012-004775 Plume CMS におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004775.html
JVNDB-2012-004774 Perl 用 Proc::ProcessTable モジュールにおける任意のファイルを上書される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004774.html
JVNDB-2012-004767 D-Link DCS-5605 の Camera Stream Client ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004767.html
JVNDB-2012-004766 JBMC Software DirectAdmin におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004766.html
JVNDB-2012-004765 YVS Image Gallery における任意の PHP コード挿入される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004765.html
JVNDB-2012-004764 PostgreSQL JDBC ドライバにおける SQL インジェクション攻撃の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004764.html
JVNDB-2012-004762 Wireshark の LDP 解析機能におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004762.html
JVNDB-2012-004761 Wireshark の PPP 解析機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004761.html
JVNDB-2012-004760 Wireshark の HSRP 解析機能 におけるサービス運用妨害 (無限ループ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004760.html
JVNDB-2012-004756 ez Publish における脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004756.html
JVNDB-2012-004755 YVS Image Gallery におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004755.html
JVNDB-2012-004754 VMware CapacityIQ におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004754.html
JVNDB-2012-004753 VMware vCenter Operations のサーバにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004753.html
JVNDB-2012-004752 VMware Movie Decoder のインストーラにおける権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004752.html
JVNDB-2012-004751 MyStore Xpress Tienda Virtual の art_catalogo.php における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004751.html
JVNDB-2012-004750 Mavili Guestbook における任意のメッセージを編集される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004750.html
JVNDB-2012-004749 Mavili Guestbook におけるデータベースを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004749.html
JVNDB-2012-004748 Mavili Guestbook の edit.asp における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004748.html
JVNDB-2012-004747 Mavili Guestbook におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004747.html
JVNDB-2012-004746 FuseTalk Forums の login.cfm におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004746.html
JVNDB-2012-004745 MyStore Xpress Tienda Virtual の art_detalle.php における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004745.html
JVNDB-2012-004744 Rapid Leech の audl.php におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004744.html
JVNDB-2012-004743 Akiva WebBoard における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004743.html
JVNDB-2012-004742 Akiva WebBoard の WB/Default.asp における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004742.html
JVNDB-2012-004741 Monkey HTTP Daemon における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004741.html
JVNDB-2012-004740 appRain CMF の addons/uploadify/uploadify.php における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004740.html
JVNDB-2012-004738 SAPID CMS における PHP リモートファイルインクルージョンの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004738.html
JVNDB-2012-004737 Atar2b CMS における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004737.html
JVNDB-2012-004736 Posse Softball Director CMS の team.php における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004736.html
JVNDB-2012-004735 EasyWebRealEstate における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004735.html
JVNDB-2012-004734 Plogger における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004734.html
JVNDB-2012-004733 phpMyDirectory の page.php における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004733.html
JVNDB-2012-004732 Monkey HTTP Daemon における任意のファイルを上書きされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004732.html
JVNDB-2012-004731 Monkey HTTP Daemon におけるファイル読み込み制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004731.html
vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00066.html
Omnistar Document Manager v8.0 - Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00065.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00059.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Applian
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00058.html
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format Player
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00060.html
[ MDVSA-2012:162 ] bind
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00057.html
Multiple vulnerabilities in OpenX
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00064.html
Microsoft Office Excel ReadAV Arbitrary Code Execution
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00063.html
VLC Player 2.0.3 <= ReadAV Arbitrary Code Execution (Update)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00062.html
[CVE-2012-4501] CloudStack configuration vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00061.html
[slackware-security] mozilla-firefox (SSA:2012-283-01)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00056.html
US-CERT Alert TA12-283A - Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2012-10/msg00000.html
Privilege Escalation Vulnerability in Microsoft Windows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00047.html
Facebook Scam Spam
http://isc.sans.edu/diary.html?storyid=14281
Cyber Security Awareness Month - Day 10 - Standard Sudo - Part Two
http://isc.sans.edu/diary.html?storyid=14284
Cisco ASA Bugs Let Remote Users Deny Service and Execute Arbitrary Code
http://www.securitytracker.com/id/1027641
Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service
http://www.securitytracker.com/id/1027640
Cisco WebEx Player Buffer Overflows Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027639
Mozilla Thunderbird Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof Information, and Inject Scripting Code
http://www.securitytracker.com/id/1027633
Mozilla Seamonkey Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof Information, and Inject Scripting Code
http://www.securitytracker.com/id/1027632
Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof Information, and Inject Scripting Code
http://www.securitytracker.com/id/1027631
RSA Adaptive Authentication Information Disclosure Flaw Lets Remote Users Gain Full Control
http://www.securitytracker.com/id/1027630
VU#265532 Multi-vendor IP camera web interface authentication bypass
http://www.kb.cert.org/vuls/id/265532
OpenX Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/50877/
Joomla! AceFTP Component Unspecified Vulnerability
http://secunia.com/advisories/50822/
SUSE update for flash-player
http://secunia.com/advisories/50870/
SUSE update for virtualbox
http://secunia.com/advisories/50897/
Joomla! Language Search Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50879/
RSA Adaptive Authentication On-Premise Information Disclosure Vulnerability
http://secunia.com/advisories/50931/
Oracle Solaris libxml2 "xmlXPtrEvalXPtrPart()" Off-By-One Vulnerability
http://secunia.com/advisories/50891/
Oracle Solaris BIND Resource Record Denial of Service Vulnerability
http://secunia.com/advisories/50947/
Oracle Solaris PostgreSQL "xml_parse()" and "xslt_process()" Vulnerabilities
http://secunia.com/advisories/50946/
Oracle Solaris Pidgin Two Denial of Service Weaknesses
http://secunia.com/advisories/50945/
gitolite Directory Traversal Security Issue
http://secunia.com/advisories/50896/
HP Secure Web Server for OpenVMS Multiple Vulnerabilities
http://secunia.com/advisories/50922/
Red Hat update for thunderbird
http://secunia.com/advisories/50889/
Ubuntu update for firefox
http://secunia.com/advisories/50892/
Red Hat update for firefox
http://secunia.com/advisories/50887/
SUSE update for qemu
http://secunia.com/advisories/50913/
Wing FTP Server ZIP Command Processing Denial of Service Vulnerability
http://secunia.com/advisories/50919/
Mozilla Firefox / Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/50936/
Mozilla SeaMonkey Multiple Vulnerabilities
http://secunia.com/advisories/50935/
Mozilla Firefox / Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/50856/
Linux Kernel "uname()" Kernel Memory Disclosure Weakness
http://secunia.com/advisories/50895/
ISC BIND Record Handling Lockup Vulnerability
http://secunia.com/advisories/50878/
REMOTE: InduSoft Web Studio Arbitrary Upload Remote Code Execution
http://www.exploit-db.com/exploits/21837
REMOTE: Avaya WinPMD UniteHostRouter Buffer Overflow
http://www.exploit-db.com/exploits/21838
REMOTE: NTR ActiveX Control StopModule() Remote Code Execution
http://www.exploit-db.com/exploits/21839
REMOTE: MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability
http://www.exploit-db.com/exploits/21840
REMOTE: NTR ActiveX Control Check() Method Buffer Overflow
http://www.exploit-db.com/exploits/21841
REMOTE: HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution
http://www.exploit-db.com/exploits/21842
REMOTE: Oracle Business Transaction Management FlashTunnelService Remote Code Execution
http://www.exploit-db.com/exploits/21846
LOCAL: Windows Escalate UAC Execute RunAs
http://www.exploit-db.com/exploits/21843
LOCAL: MS11-080 AfdJoinLeaf Privilege Escalation
http://www.exploit-db.com/exploits/21844
LOCAL: Windows Escalate UAC Protection Bypass
http://www.exploit-db.com/exploits/21845
LOCAL: Linux udev Netlink Local Privilege Escalation
http://www.exploit-db.com/exploits/21848
FreeBSD kernel SCTP remote NULL pointer dereference
http://cxsecurity.com/issue/WLB-2012080028
AsaanCart Cross Site Scripting / Local File Inclusion
http://cxsecurity.com/issue/WLB-2012030122
iSupport 1.x Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012010176
Typesoft FTP Server 1.1 Denial Of Service
http://cxsecurity.com/issue/WLB-2012030161
Tracker Software pdfSaver ActiveX 3.60 (pdfxctrl.dll) Stack Buffer Overflow (SEH)
http://cxsecurity.com/issue/WLB-2012010242
D-Link DCS series CSRF Change Admin Password
http://cxsecurity.com/issue/WLB-2012100095
Sagem FAST 2604 CSRF Vulnerability (ADSL Router)
http://cxsecurity.com/issue/WLB-2012100094
phpireport v1.0 => Remote Html Code injection
http://cxsecurity.com/issue/WLB-2012100093
D-Link DCS-5605 Network Surveillance DcsCliCtrl.dll Remote Buffer Overflow
http://cxsecurity.com/issue/WLB-2012100092
Posse Softball Director CMS Blind SQL Injection Vulnerability in team.php
http://cxsecurity.com/issue/WLB-2012010024
Ruby 'error.c' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55757
Adobe Flash Player and AIR APSB12-22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/55827
Claws Mail 'strchr()' Function NULL Pointer Denial of Service Vulnerability
http://www.securityfocus.com/bid/55837
Linux Kernel 'uname()' System Call Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55855
ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55852
Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-74 through -87 Multiple Vulnerabilities
http://www.securityfocus.com/bid/55856
ViewGit 'f' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51624
Barracuda Spam & Virus WAF 600 Unspecified Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/51599
Snitz Forums 2000 'TOPIC_ID' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/51596
Tribiq CMS 'index.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/51614
phpireport Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/51609
Bigware Shop 'main_bigware_43.php' SQL Injection Vulnerability
http://www.securityfocus.com/bid/51640
ComponentOne FlexGrid ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51601
WordPress Shortcode Redirect Plugin 'domain' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51626
WordPress WP e-Commerce Plugin Unspecified SQL Injection Vulnerability
http://www.securityfocus.com/bid/51637
PDF-XChange pdfSaver ActiveX Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/51712
at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/52553
Xavi 7968 ADSL Router Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/52098
Preprojects Pre Printing Press 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52539
Tiny Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/52541
Tiki Wiki CMS Groupware 'url' Parameter URI Redirection Vulnerability
http://www.securityfocus.com/bid/52079
Pre Printing Press 'pid' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52551
asaanCart Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/52498
Drupal Video Filter Module Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/51381
RETIRED: DirectAdmin 'CMD_DOMAIN' Cross-Site Scripting Vulnerability
http://www.securityfocus.com/bid/52848
D-Link DCS-5605 PTZ ActiveX Control 'SelectDirectory()' Method Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52769
Drupal Registration Codes Module Security Bypass Vulnerability
http://www.securityfocus.com/bid/51271
appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/51576
ImpressCMS Cross Site Scripting and Local File Include Vulnerabilities
http://www.securityfocus.com/bid/51268
ImpressPages CMS 'actions.php' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/49798
Drupal Lingotek Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/51272
D-Link DSL-2640B 'redpass.cgi' Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/52096
Joomla! Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/35544
WordPress Guest Posting Plugin 'uploadify.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/51638
eZ Publish Unspecified Security Vulnerability
http://www.securityfocus.com/bid/52516
RETIRED: Preprojects Pre Classified Listings 'category' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/52543
TYPSoft FTP Server 'APPE' Command Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52554
MODx Local File Include and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/43577
Drupal Memcache Security Bypass and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/43606
VWar 1.6.1 R2 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/29001
Drupal Views Bulk Operations Security Bypass Vulnerability
http://www.securityfocus.com/bid/43813
BackWPup Plugin for WordPress 'wp_xml_export.php' Local and Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/47058
Oracle Virtual Desktop Infrastructure (VDI) CVE-2011-3571 Remote Vulnerability
http://www.securityfocus.com/bid/51467
Oracle VM VirtualBox CVE-2012-0111 Local Vulnerability
http://www.securityfocus.com/bid/51465
Oracle VM VirtualBox CVE-2012-0105 Local Vulnerability
http://www.securityfocus.com/bid/51461
PostgreSQL 'xml_parse()' Function Arbitrary File Access Vulnerability
http://www.securityfocus.com/bid/55074
PostgreSQL 'xslt_process()' Function Arbitrary File Creation or Overwrite Vulnerability
http://www.securityfocus.com/bid/55072
Google Chrome Prior to 19 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53540
ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522
Pidgin MSN Denial of Service Vulnerability
http://www.securityfocus.com/bid/53400
Pidgin XMPP Protocol File Transfer Request Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/53706
PHP 'com_event_sink()' Function Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/53642
TinyCMS Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/53761
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1956 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55260
Open Realty 'index.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/42546
RETIRED: Open Realty 'select_users_lang' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/55834
Debian 'ssmtp' Package TLS Certificate Security Bypass Vulnerability
http://www.securityfocus.com/bid/55875
Omnistar Document Manager Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/55874
Multiple Vendors IP Camera CVE-2012-3002 Remote Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/55873
Drupal Basic webmail Module Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55871
Drupal ShareThis Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55870
Drupal Feeds Module Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/55869
Drupal Mandrill Module Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55868
Google Chrome Prior to 22.0.1229.94 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55867
Cisco WebEx WRF File Format Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55866
Cisco ASA 5500 Series and Cisco Catalyst 6500 Series SSL VPN Denial of Service Vulnerability
http://www.securityfocus.com/bid/55865
Cisco ASA 5500 Series and Cisco Catalyst 6500 Series CVE-2012-4660 Denial of Service Vulnerability
http://www.securityfocus.com/bid/55864
Multiple Cisco Products CVE-2012-4661 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55863
Multiple Cisco Products Multiple Remote Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55862
Cisco ASA 5500 Series and Cisco Catalyst 6500 Series DHCP Denial of Service Vulnerability
http://www.securityfocus.com/bid/55861
OpenX Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/55860
Joomla! AceFTP Component Unspecified Security Vulnerability
http://www.securityfocus.com/bid/55859
Joomla! 'language search' Component Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55858
Mozilla Firefox/SeaMonkey CVE-2012-3977 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55857
Gitolite CVE-2012-4506 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55853
VLC Media Player Read Access Violation Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/55850
Symantec Ghost Solutions Suite Backup File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55748
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿