+ RHSA-2012:1416 Critical: kdelibs security update
http://rhn.redhat.com/errata/RHSA-2012-1416.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4513
+ CESA-2012:1413 Important CentOS 6 thunderbird Update
http://lwn.net/Alerts/522061/
+ CESA-2012:1413 Important CentOS 5 thunderbird Update
http://lwn.net/Alerts/522062/
+ UPDATE: HPSBUX02824 SSRT100970 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03533078-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ Multiple vulnerabilities in Adobe Flashplayer
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer5
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0773
nginx-1.3.8 development version released
http://nginx.org/en/download.html
Check Point response to PASTEBIN claim that Check Point Firewalls are vulnerable to simple SYN flooding
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk86721&src=securityAlerts
InterScan Messaging Security製品用クロスサイトリクエストフォージェリ(CSRF)の脆弱性対応Critical Patchリリースのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1849
ウイルスバスター2012 クラウド プログラムアップデートのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1846
Samba 4.0.0rc4 Available for Download
https://download.samba.org/pub/samba/rc/WHATSNEW-4-0-0rc4.txt
IPA テクニカルウォッチ
フリーメールからの送信が増加傾向に:最近の標的型攻撃メールの傾向と事例分析
~添付ファイルの詐称には手間をかけず、あえてexeファイルのままの例も~
http://www.ipa.go.jp/about/technicalwatch/20121030.html
世界のセキュリティ・ラボから
脆弱なパスワードにつけ込む「PE_MUSTAN.A」マルウエア
http://itpro.nikkeibp.co.jp/article/COLUMN/20121029/433143/?ST=security
チェックしておきたい脆弱性情報<2012.10.30>
http://itpro.nikkeibp.co.jp/article/COLUMN/20121029/433141/?ST=security
大手3銀行のネットバンクで偽の情報入力画面、原因はウイルス
正規サイトへのログイン後に表示、暗証番号などを盗むことが目的
http://itpro.nikkeibp.co.jp/article/NEWS/20121030/433523/?ST=security
[security bulletin] HPSBUX02825 SSRT100974 rev.1 - HP-UX Running Java, Remote Indirect Vulne
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00142.html
[SECURITY] [DSA 2569-1] icedove security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-10/msg00141.html
Cyber Security Awareness Month - Day 30 - DSD 35 mitigating controls
http://isc.sans.edu/diary.html?storyid=14419
Hurricane Sandy Update
http://isc.sans.edu/diary.html?storyid=14410
VU#408099 CA ARCserve Backup authentication service denial-of-service vulnerability
http://www.kb.cert.org/vuls/id/408099
VU#936363 CA ARCserve Backup opcode 0x7a RWSList remote code execution vulnerability
http://www.kb.cert.org/vuls/id/936363
VU#207540 TomatoCart with PayPal Express Checkout design flaw vulnerability
http://www.kb.cert.org/vuls/id/207540
WordPress Slideshow Plugin Multiple Script Insertion Vulnerabilities
http://secunia.com/advisories/51135/
CorePlayer "callback" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51108/
D-Link Wireless N300 Cloud Router CAPTCHA Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/51075/
Debian update for icedove
http://secunia.com/advisories/51105/
Ubuntu update for thunderbird
http://secunia.com/advisories/51121/
Red Hat update for thunderbird
http://secunia.com/advisories/51123/
TYPO3 Formhandler Extension Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/51116/
EMC Avamar Client for VMware "root" Password Disclosure Security Issue
http://secunia.com/advisories/51130/
SUSE update for MozillaFirefox, MozillaThunderbird, xulrunner, and seamonkey
http://secunia.com/advisories/51127/
Wordpress FoxyPress Plugin Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2012100257
appRain CMF 0.1.5 Cross Site Scripting / SQL Injection
http://cxsecurity.com/issue/WLB-2011120002
mPDF 5.3 File Disclosure
http://cxsecurity.com/issue/WLB-2011120011
DotA OpenStats 1.3.9 SQL Injection
http://cxsecurity.com/issue/WLB-2011120001
DATA Estudio SQL Injection & Cross-Site Scripting Vulnerabilities
http://cxsecurity.com/issue/WLB-2012100256
Art Creative CMS SQL Injection
http://cxsecurity.com/issue/WLB-2012100255
TP-LINK TL-WR841N Local File Inclusion
http://cxsecurity.com/issue/WLB-2012100254
REMOTE: HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow
http://www.exploit-db.com/exploits/22305
REMOTE: HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow
http://www.exploit-db.com/exploits/22306
REMOTE: Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF
http://www.exploit-db.com/exploits/22301
DoS/PoC: hMailServer 5.3.3 IMAP Remote Crash PoC
http://www.exploit-db.com/exploits/22302
DoS/PoC: Microsoft Windows Help program (WinHlp32.exe) Crash PoC
http://www.exploit-db.com/exploits/22303
DoS/PoC: Microsoft Office Publisher 2010 Crash PoC
http://www.exploit-db.com/exploits/22310
Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56059
Mozilla Firefox/Thunderbird/SeaMonkey 'defaultValue()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/56155
KDE Konqueror Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55879
Computer Associates ARCserve Backup Remote Code Execution and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56116
Drupal Core Arbitrary PHP Code Execution and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56103
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4194 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56301
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4196 Cross-Origin Security Bypass Vulnerability
http://www.securityfocus.com/bid/56306
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-4195 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56302
RETIRED: Microsoft Windows Help Viewer Memory Corruption Denial of Service Vulnerability
http://www.securityfocus.com/bid/56303
Invision Power Board 'core.php' Unspecified Security Vulnerability
http://www.securityfocus.com/bid/56288
Dokuwiki 'index.php' Path Disclosure Vulnerability
http://www.securityfocus.com/bid/56328
Citrix XenServer CVE-2012-4606 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55432
DokuWiki 'ns' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54439
Django 'HttpRequest.get_host()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56146
Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56285
MapServer Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/48720
MapServer Map File Double Free Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/49374
Oracle Java SE CVE-2012-5074 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56056
Oracle Java SE CVE-2012-3143 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56055
Wordpress Slideshow Plugin Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56335
TomatoCart PayPal Express Checkout Module Security Bypass Vulnerability
http://www.securityfocus.com/bid/56333
WordPress Foxypress Plugin Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56332
Real Networks RealPlayer '.3g2' File Write Access Violation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56329
0 件のコメント:
コメントを投稿