2012年11月2日金曜日
2日 金曜日、先負
+ Safari 6.0.2 released
http://support.apple.com/kb/HT5568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5112
+ Chrome for Android 18.0.1025464 for ARM
18.0.1026320 for x86 released
http://googlechromereleases.blogspot.jp/2012/11/chrome-for-android-update.html
+ UPDATE: SNMP Version 3 Authentication Vulnerabilities
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080610-snmpv3
+ HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase
Remote Denial of Service (DoS) and Loss of Data
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03555488-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3270
+ HS12-023: Cosminexusにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-023/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5089
+ HS12-02: JP1/File Transmission Server/FTPにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-022/index.html
+ Perl 5.16.2 released
http://www.perl.org/get.html
+ Apple iOS 6.0.1 CVE-2012-3750 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/56363
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3750
+ Apple iOS 6.0.1 CVE-2012-3749 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3749
[ MDVSA-2012:169 ] java-1.6.0-openjdk
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00010.html
[SECURITY] [DSA 2570-1] openoffice.org security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00008.html
Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00007.html
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00006.html
みずほ銀行のネットバンキングでも「偽の入力画面」が出現
http://itpro.nikkeibp.co.jp/article/NEWS/20121101/434444/?ST=security
2012年11月の呼びかけ
「 濡れ衣を着せられないよう自己防衛を! 」
~ 踏み台として悪用されないために ~
http://www.ipa.go.jp/security/txt/2012/11outline.html
JVNVU#268267 複数の DomainKeys Identified Mail (DKIM) 実装に問題
http://jvn.jp/cert/JVNVU268267/
JVNVU#203844 Orion IPAM にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU203844/
JVNVU#586556 Axigen Free Mail Server にディレクトリトラバーサルの脆弱性
http://jvn.jp/cert/JVNVU586556/
JVNDB-2011-003057 RealNetworks RealPlayer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003057.html
JVNDB-2011-003054 RealNetworks RealPlayer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003054.html
JVNDB-2011-003052 RealNetworks RealPlayer および Mac RealPlayer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003052.html
JVNDB-2011-003048 RealNetworks RealPlayer の RV10 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003048.html
JVNDB-2011-003046 RealNetworks RealPlayer の ATRC コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003046.html
JVNDB-2011-003045 RealNetworks RealPlayer の RV30 コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003045.html
JVNDB-2011-003043 RealNetworks RealPlayer における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003043.html
JVNDB-2011-003042 RealNetworks RealPlayer の AAC コーデックにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003042.html
JVNDB-2011-003041 RealNetworks RealPlayer の RealVideo レンダラにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003041.html
JVNDB-2012-005167 TomatoCart の PayPal Express Checkout モジュールに検証不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005167.html
JVNDB-2012-003007 Simple Certificate Enrollment Protocol (SCEP) の実装に問題
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003007.html
JVNDB-2012-005170 Invision Power Board の admin/sources/base/core.php における脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005170.html
JVNDB-2012-005169 EMC Avamar Client for VMware における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005169.html
JVNDB-2012-005168 AWStats の awredir.pl における脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005168.html
JVNDB-2011-005191 VideoLAN VLC media player の modules/demux/ty.c におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005191.html
Patched your Java yet?
http://isc.sans.edu/diary.html?storyid=14428
phpMyAdmin Multiple HTML Injection Vulnerabilities
http://www.securiteam.com/securitynews/6B0310A60A.html
Apple iOS Bugs Let Remote Users Execute Arbitrary Code, Local Users Bypass the Screen Lock, and Applications Obtain Kernel Address Information
http://www.securitytracker.com/id/1027716
Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities
http://cxsecurity.com/issue/WLB-2012110005
Cisco Unified MeetingPlace Web Conferencing SQL Injection and Denial of Service Vulnerabilities
http://secunia.com/advisories/51103/
Hitachi JP1/File Transmission Server/FTP Security Bypass and Buffer Overflow Vulnerabilities
http://secunia.com/advisories/51148/
Cisco Prime Data Center Network Manager JBoss Application Server Security Issue
http://secunia.com/advisories/51129/
Hitachi Cosminexus Java Multiple Vulnerabilities
http://secunia.com/advisories/51141/
SUSE update for dbus-1
http://secunia.com/advisories/51170/
Joomla! Spider Catalog Component "product_id" SQL Injection Vulnerability
http://secunia.com/advisories/51140/
SUSE update for MozillaFirefox
http://secunia.com/advisories/51165/
SUSE update for java-1_6_0-openjdk
http://secunia.com/advisories/51166/
SUSE update for cgit
http://secunia.com/advisories/51167/
SUSE update for java-1_7_0-openjdk
http://secunia.com/advisories/51168/
Avaya Aura Session Manager Kernel epoll Denial of Service Vulnerability
http://secunia.com/advisories/51164/
Google Chrome Prior to 22.0.1229.94 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55867
Apple iPhone/iPad/iPod touch Prior to iOS 6.0.1 CVE-2012-3750 Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/56363
WebKit CVE-2012-3748 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56362
Apple iPhone/iPad/iPod touch Prior to iOS 6.0.1 CVE-2012-3749 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56361
Drupal Hotblocks Module HTML Injection and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/55038
Cisco Unified MeetingPlace SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53431
Cisco Unified MeetingPlace Web Conferencing Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56349
Invision Power Board 'core.php' PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/56288
Debian 'ssmtp' Package TLS Certificate Security Bypass Vulnerability
http://www.securityfocus.com/bid/55875
SafeNet Privilege 'PrivAgent.ocx' ActiveX Controls Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/56297
KDE Konqueror Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55879
C3-ilex EOScada Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56364
Hitachi JP1/File Transmission Server/FTP Security Bypass and Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/56358
Achievo Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/56355
UMPlayer 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/56354
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿