2012年10月24日水曜日
24日 水曜日、赤口
+ APSB12-23: Security update available for Adobe Shockwave Player
http://www.adobe.com/support/security/bulletins/apsb12-23.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4176
+ PDFCreater 1.5.1 released
http://download.pdfforge.org/download/pdfcreator/PDFCreator-stable
+ Wireshark is 1.8.3 released
http://www.wireshark.org/docs/relnotes/wireshark-1.8.3.html
+ Microsoft Security Advisory (2755801) Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
http://technet.microsoft.com/en-us/security/advisory/2755801
+ JVN#42676559 Safari においてリモートからローカルファイルを読み取り可能な脆弱性
http://jvn.jp/jp/JVN42676559/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3713
+ SA51081 HP Multiple Products Unspecified Information Disclosure Vulnerabilities
http://secunia.com/advisories/51081/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3268
キングソフト、「遠隔操作型への4重防御」機構を備えたWindows 8対応ウイルス対策ソフト新版
http://itpro.nikkeibp.co.jp/article/NEWS/20121023/432012/?ST=security
WebブラウザーSafariに深刻な脆弱性、JVNは「Windows版の使用停止」を推奨
http://itpro.nikkeibp.co.jp/article/NEWS/20121023/432003/?ST=security
NEC、ソフトトークンによる端末認証サービス「NEC Cloud Authentication」を開始
http://itpro.nikkeibp.co.jp/article/NEWS/20121023/431902/?ST=security
JVNVU#841851 Mutiny にコマンドインジェクションの脆弱性
http://jvn.jp/cert/JVNVU841851/
JVNDB-2012-005004 (JVNVU#603276) OTRS にクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005004.html
JVNDB-2012-004939 (JVNVU#332412) ZENworks Asset Management に情報漏えいの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004939.html
JVNDB-2012-004958 Oracle Java SE の Java Runtime Environment における Deployment の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004958.html
JVNDB-2012-004451 libdbus における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004451.html
JVNDB-2012-004379 ISC DHCP におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004379.html
JVNDB-2012-004457 International Color Consortium Format library における整数アンダーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004457.html
JVNDB-2012-000088 (JVN#42676559) (JVNVU#503755) Safari においてリモートからローカルファイルを読み取り可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000088.html
JVNDB-2012-005083 (JVNVU#841851) Mutiny にコマンドインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005083.html
JVNDB-2012-005082 IBM XIV Storage System Gen3 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005082.html
JVNDB-2012-005080 IBM DB2 におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005080.html
JVNDB-2012-005079 Windows 上で稼働する CA ARCserve Backup におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005079.html
JVNDB-2012-005078 Windows 上で稼働する CA ARCserve Backup のサーバにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005078.html
JVNDB-2012-003475 MIT Kerberos の KDC におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003475.html
JVNDB-2012-003474 MIT Kerberos の KDC におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003474.html
JVNDB-2012-003918 Oracle Java 7 に脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003918.html
JVNDB-2012-004019 Oracle Java SE の Java Runtime Environment (JRE) における Beans の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004019.html
JVNDB-2012-002755 Oracle Java SE の Java Runtime Environment (JRE) におけるライブラリの処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002755.html
JVNDB-2012-002754 Oracle Java SE の Java Runtime Environment (JRE) における Hotspot の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002754.html
JVNDB-2012-002751 Oracle Java SE の Java Runtime Environment (JRE) における Deployment の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002751.html
JVNDB-2012-002750 Oracle Java SE の Java Runtime Environment (JRE) における Deployment の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002750.html
JVNDB-2012-002748 Oracle Java SE の Java Runtime Environment (JRE) における CORBA の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002748.html
JVNDB-2012-002747 Oracle Java SE の Java Runtime Environment (JRE) における Security の処理に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002747.html
Cyber Security Awareness Month - Day 23: Character Encoding Standards - ASCII and Successors
http://isc.sans.edu/diary.html?storyid=14362
VU#160027 Broadcom BCM4325 and BCM4329 wireless chipset denial-of-service vulnerability
http://www.kb.cert.org/vuls/id/160027
VU#872545 Adobe Shockwave 11.6.7.637 contains multiple exploitable vulnerabilities
http://www.kb.cert.org/vuls/id/872545
Adobe Shockwave Player Buffer Overflows and Array Error Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027692
HP/H3C and Huawei SNMP Weak Access to Critical Data
http://cxsecurity.com/issue/WLB-2012100207
Linksys WRT54GX (ADSL Router) Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012100206
Apple QuickTime 7.7.2(1680.56) Division By Zero
http://cxsecurity.com/issue/WLB-2012100205
phpMyFAQ <= 2.6.8 XSS
http://cxsecurity.com/issue/WLB-2012100204
HP Intelligent Management Center UAM sprintf Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080293
HP OO RSScheduler Service JDBC Connector Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080295
HP SiteScope SOAP Call getSiteScopeConfiguration Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080288
HP SiteScope UploadFilesHandler Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080288
HP SiteScope SOAP Call getFileInternal Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080289
HP SiteScope SOAP Call create Remote Code Execution
http://cxsecurity.com/issue/WLB-2012080290
Adobe Flash Player "Matrix3D" Integer Overflow Code Execution
http://cxsecurity.com/issue/WLB-2012090118
phpMyAdmin 3.5.2.2 server_sync.php backdoor
http://cxsecurity.com/issue/WLB-2012090231
IBM Lotus Notes Traveler 8.5.3 XSS & CSRF & Brute Force
http://cxsecurity.com/issue/WLB-2012100020
OTRS 3.1 Stored XSS Vulnerability
http://cxsecurity.com/issue/WLB-2012100157
HP Multiple Products Unspecified Information Disclosure Vulnerabilities
http://secunia.com/advisories/51081/
ViewVC Diff View Script Insertion Vulnerability
http://secunia.com/advisories/51041/
Bitrix Site Manager JW Player Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51021/
WordPress UnGallery Plugin "search" Arbitrary Command Execution Vulnerability
http://secunia.com/advisories/50875/
ManageEngine Security Manager Plus File Disclosure and SQL Injection Vulnerabilities
http://secunia.com/advisories/51069/
WordPress Zingiri Form Builder Plugin "error" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50983/
WordPress Thank You Counter Button Plugin "paged" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50977/
WordPress Zingiri Bookings Plugin "error" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50975/
F5 FirePass SQL Injection and Redirection Vulnerabilities
http://secunia.com/advisories/51045/
Dolibarr ERP/CRM Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/51058/
Magento Unirgy uStoreLocator Extension SQL Injection Vulnerability
http://secunia.com/advisories/50917/
Avaya Aura Presence Services Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/51077/
Apache OFBiz Unspecified Vulnerability
http://secunia.com/advisories/51052/
Palo Alto Networks GlobalProtect Certificate Verification Security Issue
http://secunia.com/advisories/51036/
REMOTE: Turbo FTP Server 1.30.823 PORT Overflow
http://www.exploit-db.com/exploits/22161
DoS/PoC: Adobe Reader 10.1.4 Crash PoC
http://www.exploit-db.com/exploits/22155
DoS/PoC: RealPlayer 15.0.6.14 .3gp Crash PoC
http://www.exploit-db.com/exploits/22154
Korenix Jetport 5600 Series Default Credentials Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/55196
Linux Kernel 'mmap()' Failure Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53668
Linux Kernel 'inet->opt ip_options' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55359
Linux Kernel 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54702
Linux Kernel dl2k Network Driver IOCTL Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53965
Linux Kernel 'i915_gem_execbuffer.c' Multiple Integer Overflow Vulnerabilities
http://www.securityfocus.com/bid/53971
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4179 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56129
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3990 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56131
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4186 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56135
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4180 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56126
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4188 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56123
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3991 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55930
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3982 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55924
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4182 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56121
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3986 Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55922
Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56071
ViewVC 'cvsdb.py' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47928
ViewVC 'svn_ra.py' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54199
ViewVC CVE-2012-4533 HTML Injection Vulnerability
http://www.securityfocus.com/bid/56161
ViewVC 'svn_ra.py' Authorization Security Bypass Vulnerability
http://www.securityfocus.com/bid/54197
Adobe Shockwave Player APSB12-23 Multiple Code Execution Vulnerabilities
http://www.securityfocus.com/bid/56181
Oracle Java SE CVE-2012-5088 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56057
Oracle Java SE CVE-2012-5071 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56061
Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56059
Oracle Java SE CVE-2012-5087 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56043
Oracle Java SE CVE-2012-5084 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56063
Oracle Java SE CVE-2012-5077 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56058
Oracle Java SE CVE-2012-5079 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56082
Oracle Java SE CVE-2012-5085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56067
Oracle Java SE CVE-2012-5086 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56039
Oracle Java SE CVE-2012-5083 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56025
Oracle Java SE CVE-2012-5076 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56054
Oracle Java SE CVE-2012-5073 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56080
Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56081
Oracle Java SE CVE-2012-5074 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56056
Oracle Java SE CVE-2012-5070 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56079
Oracle Java SE CVE-2012-5072 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56083
Oracle Java SE CVE-2012-5069 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56065
Oracle Java SE CVE-2012-5068 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56076
Oracle Java Virtual Machine (JVM) CVE-2012-4416 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55501
Oracle Java SE CVE-2012-3216 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56075
Oracle Java SE CVE-2012-5067 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56070
Oracle Java SE CVE-2012-1531 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56033
Oracle Java SE CVE-2012-3143 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56055
Oracle Java SE CVE-2012-3159 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56072
Oracle Java SE CVE-2012-1532 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56051
Oracle Java SE CVE-2012-1533 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56046
ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55852
cups-pk-helper 'cupsGetFile()' and 'cupsPutFile()' Local Security Vulnerabilities
http://www.securityfocus.com/bid/55911
Tinyproxy Header Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55099
Oracle April 2007 Security Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/23532
Oracle January 2007 Security Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/22083
Oracle October Security Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/15134
Oracle January 2008 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/27229
BreakPoint Software Hex Workshop '.hex' File Handling Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/33932
Ots Labs OtsTurntables M3U Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/25514
Oracle January Security Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/16287
Sun Solaris 'CODE_GET_VERSION IOCTL' Local Denial Of Service Vulnerability
http://www.securityfocus.com/bid/38016
FirePass SSL VPN 'refreshURL' Parameter URI Redirection Vulnerability
http://www.securityfocus.com/bid/56156
Cerulean Studios Trillian Multiple Remote Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/29330
ManageEngine Security Manager Plus Advanced Search SQL Injection Vulnerability
http://www.securityfocus.com/bid/56138
Linux Kernel Unix Sockets Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/45037
Linux Kernel Unix Socket Backlog Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/46637
Linux Kernel 'ethtool.c' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/45972
Drupal Arbitrary PHP Code Execution and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56103
Django 'HttpRequest.get_host()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56146
FreeRADIUS Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55483
JW Player 'logo.link' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55199
JW Player 'playerready' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54739
JW Player Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/48214
JW Player HTML Injection And Content Spoofing Vulnerability
http://www.securityfocus.com/bid/53876
Ruby CVE-2012-4522 Local File Creation Vulnerability
http://www.securityfocus.com/bid/56115
Ruby '#to_s' Method Incomplete Fix Security Bypass Vulnerability
http://www.securityfocus.com/bid/55813
Ruby 'error.c' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55757
GNU glibc Multiple Local Stack Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54982
Real Networks RealPlayer Write Access Violation Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/56113
OpenJPEG Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55214
HAProxy Trash Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53647
Broadcom BCM4325 and BCM4329 Wireless Chipset Out of Bound Read Denial of Service Vulnerability
http://www.securityfocus.com/bid/56184
Multiple HP Products CVE-2012-3268 Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56183
WordPress UnGallery Plugin 'search' Parameter Remote Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/56182
WordPress Thank You Counter Button Plugin 'paged' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56180
WordPress Zingiri Form Builder Plugin Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56179
WordPress Bookings Plugin 'error' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56177
F5 FirePass Remote SQL Injection Vulnerability
http://www.securityfocus.com/bid/56175
Joomla! 'com_sqlreport' Component Password Disclosure Vulnerability
http://www.securityfocus.com/bid/56172
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿