2012年10月25日木曜日
25日 木曜日、先勝
+ CVE-2008-6536 Unspecified vulnerability in 7-zip
https://blogs.oracle.com/sunsecurity/entry/cve_2008_6536_unspecified_vulnerability
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6536
+ CVE-2012-5166 Denial of Service vulnerability in ISC BIND
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5166_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
クラウドプレフィルタ 緊急サーバメンテナンスのお知らせ(2012年10月28日)
http://www.trendmicro.co.jp/support/news.asp?id=1856
Advisory: SafeGuard Configuration Protection - a tool to avoid potential issues after upgrading clients running Sophos Anti-Virus has now been released
http://www.sophos.com/en-us/support/knowledgebase/118461.aspx
Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
[waraxe-2012-SA#094] - Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery P
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00126.html
[SECURITY] [DSA 2565-1] iceweasel security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00121.html
HP/H3C and Huawei SNMP Weak Access to Critical Data
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00122.html
[SECURITY] [DSA 2564-1] tinyproxy security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00125.html
[SECURITY] [DSA 2563-1] viewvc security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00123.html
[SECURITY] [DSA 2562-1] cups-pk-helper security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00124.html
VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00120.html
VUPEN Security Research - Oracle Java Font Processing "maxPointCount" Heap Overflow Vulnerabilit
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00119.html
VUPEN Security Research - Microsoft Internet Explorer "scrollIntoView" Use-After-Free Vu
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00118.html
VUPEN Security Research - Microsoft Internet Explorer "OnMove" Use-After-Free Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00117.html
[security bulletin] HPSBUX02824 SSRT100970 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00116.html
[security bulletin] HPSBHF02819 SSRT100920 rev.1 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00115.html
DC4420 - London DEFCON - October meet - tomorrow, Tuesday 23rd October.
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00114.html
[ MDVSA-2012:168 ] hostapd
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00113.html
[SECURITY] [DSA 2561-1] tiff security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00110.html
VaM Shop Cross-Site Scripting and Blind SQL Injection Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00112.html
[SECURITY] [DSA 2560-1] bind9 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00109.html
F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00108.html
XSS Vulnerabilities in ClipBucket
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00107.html
XSS Vulnerabilities in CMSMini
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00106.html
XSS Vulnerabilities in TaskFreak
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00105.html
世界のセキュリティ・ラボから
「87654321」というパスワードは強力?
http://itpro.nikkeibp.co.jp/article/COLUMN/20121021/431302/?ST=security
JVNVU#160027 複数の Broadcom 製無線チップセットにサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU160027/
JVNVU#872545 Adobe Shockwave Player に複数の脆弱性
http://jvn.jp/cert/JVNVU872545/
Apple Itunes Memory Corruption and Application Crash Remote Vulnerability
http://www.securiteam.com/securitynews/6V0360075O.html
Endpoint Protector Multiple Web Vulnerabilities
http://www.securiteam.com/securitynews/6V03K155PO.html
Cyber Security Awareness Month - Day 24 - A Standard for Information Security Incident Management - ISO 27035
http://isc.sans.edu/diary.html?storyid=14371
3Com, HP, and H3C Switches SNMP Configuration Lets Remote Users Take Administrative Actions
http://www.securitytracker.com/id/1027694
VU#225404 HP/H3C and Huawei networking equipment h3c-user snmp vulnerability
http://www.kb.cert.org/vuls/id/225404
VU#268267 DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust
http://www.kb.cert.org/vuls/id/268267
SUSE update for kernel
http://secunia.com/advisories/51099/
Joomla! Commedia Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/51076/
Ubuntu update for python3.2
http://secunia.com/advisories/51089/
Winmail Server Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/50631/
WordPress Cimy User Manager Plugin "cimy_um_filename" Arbitrary File Disclosure Vulnerability
http://secunia.com/advisories/50834/
WordPress Spider Calendar Plugin "many_sp_calendar" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/50981/
TIBCO Formvine Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/51092/
OpenAthens SP for Java SAML Assertion Signature Validation Vulnerability
http://secunia.com/advisories/51084/
Oracle Solaris BIND Record Handling Lockup Vulnerability
http://secunia.com/advisories/51078/
Debian update for tinyproxy
http://secunia.com/advisories/51074/
Oracle Solaris 7-zip Unspecified Vulnerability
http://secunia.com/advisories/50926/
Liferay Portal Multiple Vulnerabilities
http://secunia.com/advisories/51095/
Debian update for viewvc
http://secunia.com/advisories/51072/
Debian update for iceweasel
http://secunia.com/advisories/50970/
Adobe Shockwave Player Multiple Vulnerabilities
http://secunia.com/advisories/51090/
HP-UX update for BIND
http://secunia.com/advisories/51096/
JetPort 5600 Hardcoded Credentials Security Issue
http://secunia.com/advisories/51083/
IBM AIX BIND Record Handling Lockup Vulnerability
http://secunia.com/advisories/51106/
Microsoft Office Word 2010 Stack Exhaustion
http://cxsecurity.com/issue/WLB-2012100208
Inout Article Base Ultimate 2 Blind SQLi & CSRF
http://cxsecurity.com/issue/WLB-2012100211
ENGINE 3.0 <= SQL Injection
http://cxsecurity.com/issue/WLB-2012100210
zomorrod Web Design SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012100209
REMOTE: Turbo FTP Server 1.30.823 PORT Overflow
http://www.exploit-db.com/exploits/22161
DoS/PoC: Apple QuickTime Player 7.7.2 Crash PoC
http://www.exploit-db.com/exploits/22214
DoS/PoC: Microsoft Office Word 2010 Crash PoC
http://www.exploit-db.com/exploits/22215
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3968 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55276
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-3969 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55292
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3970 Use-After-Free Memory CorruptionVulnerability
http://www.securityfocus.com/bid/55278
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3962 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55342
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3960 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55325
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3963 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55340
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3964 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55322
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3967 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55277
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1970 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55266
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1974 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55317
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1975 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55318
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1972 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55314
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3959 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55324
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3958 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55323
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3966 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55274
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1976 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55319
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3978 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55306
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3957 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55341
Mozilla Firefox/SeaMonkey CVE-2012-3976 Address Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/55313
Mozilla Firefox/Thunderbird Web Console CVE-2012-3980 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55257
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3956 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55320
Linux Kernel dl2k Network Driver IOCTL Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53965
python 'distutils' Component '~/.pypirc' File Local Race Condition Vulnerability
http://www.securityfocus.com/bid/52732
Python SimpleXMLRPCServer Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51996
Python Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51239
Python 'audioop' Module Memory Corruption Vulnerability
http://www.securityfocus.com/bid/40863
Python 'PySys_SetArgv' Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/40862
Python 'audioop' Module Integer Overflow Vulnerability
http://www.securityfocus.com/bid/40370
Fedora 'Dracut' Package Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55713
Microsoft Internet Explorer Image Arrays Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55562
Multiple HP Products CVE-2012-3268 Multiple Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56183
Linux Kernel CVE-2011-4110 NULL Pointer Dereference Denial of Service Vulnerability
http://www.securityfocus.com/bid/50755
Linux Kernel 'ib_uverbs_poll_cq()' Function Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/46488
Microsoft Internet Explorer OnMove Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55641
Eduserv OpenAthens SP for Java CVE-2012-5353 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55899
ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522
RETIRED: Adobe Flash Player and AIR APSB12-22 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/55827
RETIRED: Adobe Flash Player and AIR APSB12-19 Multiple Remote Vulnerabilities
http://www.securityfocus.com/bid/55136
RETIRED: Adobe Shockwave Player APSB12-23 Multiple Code Execution Vulnerabilities
http://www.securityfocus.com/bid/56181
ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55852
ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
http://www.securityfocus.com/bid/54658
ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53772
7-Zip Unspecified Archive Handling Vulnerability
http://www.securityfocus.com/bid/28285
Linux Kernel IPv6 'nf_ct_frag6_reasm()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54367
Linux Kernel 'sock_alloc_send_pskb()' Function Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53721
Linux Kernel iptables '--syn' Rules Security Bypass Vulnerability
http://www.securityfocus.com/bid/53733
Linux Kernel 'taskstats' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55144
Icecast 'error.log' Security Bypass Vulnerability
http://www.securityfocus.com/bid/56176
OpenStack Dashboard (Horizon) CVE-2012-3540 Redirect Module Open Redirection Vulnerability
http://www.securityfocus.com/bid/55329
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4179 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56129
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4186 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56135
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4180 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56126
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3982 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55924
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3990 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56131
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3991 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55930
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4188 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56123
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4182 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56121
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3986 Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55922
Tinyproxy Header Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55099
ViewVC CVE-2012-4533 HTML Injection Vulnerability
http://www.securityfocus.com/bid/56161
ViewVC 'svn_ra.py' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54199
ViewVC 'svn_ra.py' Authorization Security Bypass Vulnerability
http://www.securityfocus.com/bid/54197
ViewVC 'cvsdb.py' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/47928
cups-pk-helper 'cupsGetFile()' and 'cupsPutFile()' Local Security Vulnerabilities
http://www.securityfocus.com/bid/55911
Drupal MailChimp Module Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/56234
Drupal Time Spent Module Multiple Unspecified Input Validation Vulnerabilities
http://www.securityfocus.com/bid/56233
VAM Shop Multiple Cross Site Scripting and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/56232
Winmail Server Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56231
WordPress Spider Calendar Plugin 'many_sp_calendar' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56228
DomainKeys Identified Mail (DKIM) Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56227
Liferay Portal Security Bypass and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56226
Grandstream GXP1405 Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56186
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿