:: IT Security Neophyte Investigator's MEMO ::: 21日水曜日、大安

2012年11月21日水曜日

21日水曜日、大安

+ RHSA-2012:1482 Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2012-1482.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4201
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5842

+ RHSA-2012:1483 Critical: thunderbird security update
http://rhn.redhat.com/errata/RHSA-2012-1483.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4201
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5842

+ Mozilla Firefox 17.0 released
http://www.mozilla.jp/firefox/download/all/

+ Mozilla Thunderbird 17.0 released
http://www.mozilla.org/en-US/thunderbird/17.0/releasenotes/

+ MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer
http://www.mozilla.org/security/announce/2012/mfsa2012-106.html

+ MFSA 2012-105 Use-after-free and buffer overflow issues found using Address Sanitizer
http://www.mozilla.org/security/announce/2012/mfsa2012-105.html

+ MFSA 2012-104 CSS and HTML injection through Style Inspector
http://www.mozilla.org/security/announce/2012/mfsa2012-104.html

+ MFSA 2012-103 Frames can shadow top.location
http://www.mozilla.org/security/announce/2012/mfsa2012-103.html

+ MFSA 2012-102 Script entered into Developer Toolbar runs with chrome privileges
http://www.mozilla.org/security/announce/2012/mfsa2012-102.html

+ MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset
http://www.mozilla.org/security/announce/2012/mfsa2012-101.html

+ MFSA 2012-100 Improper security filtering for cross-origin wrappers
http://www.mozilla.org/security/announce/2012/mfsa2012-100.html

+ MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment
http://www.mozilla.org/security/announce/2012/mfsa2012-99.html

+ MFSA 2012-98 Firefox installer DLL hijacking
http://www.mozilla.org/security/announce/2012/mfsa2012-98.html

+ MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox
http://www.mozilla.org/security/announce/2012/mfsa2012-97.html

+ MFSA 2012-96 Memory corruption in str_unescape
http://www.mozilla.org/security/announce/2012/mfsa2012-96.html

+ MFSA 2012-95 Javascript: URLs run in privileged context on New Tab page
http://www.mozilla.org/security/announce/2012/mfsa2012-95.html

+ MFSA 2012-94 Crash when combining SVG text on path with CSS
http://www.mozilla.org/security/announce/2012/mfsa2012-94.html

+ MFSA 2012-93 evalInSanbox location context incorrectly applied
http://www.mozilla.org/security/announce/2012/mfsa2012-93.html

+ MFSA 2012-92 Buffer overflow while rendering GIF images
http://www.mozilla.org/security/announce/2012/mfsa2012-92.html

+ MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)
http://www.mozilla.org/security/announce/2012/mfsa2012-91.html

+ Opera 12.11 released
http://www.opera.com/docs/changelogs/unified/1211/

+ CVE-2012-0698 Denial of Service (DoS) vulnerability in tcsd
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0698_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0698

+ Multiple vulnerabilities in Wireshark
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4297
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4298

+ CVE-2012-4244 Denial of Service vulnerability in ISC BIND
https://blogs.oracle.com/sunsecurity/entry/cve_2012_4244_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244

+ CVE-2012-5166 Denial of Service vulnerability in ISC BIND
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5166_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166

+ CVE-2012-3955 Denial of Service (DoS) vulnerability in ISC DHCP
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3955_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955

+ CVE-2011-4339 Access Controls vulnerability in ipmitool
https://blogs.oracle.com/sunsecurity/entry/cve_2011_4339_access_controls
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4339

+ CVE-2008-3529 Buffer overflow vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2008_3529_buffer_overflow
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529

+ CVE-2011-0216 Denial of Service (DoS) vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2011_0216_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216

+ CVE-2011-3102 Numeric Errors vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2011_3102_numeric_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102

+ CVE-2012-0841 Denial of Service (DoS) vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2012_0841_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841

+ Multiple Denial of Service (DoS) vulnerabilities in libxml2
https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos3
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919

+ Multiple Denial of Service (DoS) vulnerabilities in libxml2
https://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834

+ CVE-2011-1944 Denial of Service (DoS) vulnerability in libxml2
https://blogs.oracle.com/sunsecurity/entry/cve_2011_1944_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944

+ Multiple vulnerabilities in Foomatic
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_foomatic
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2964

+ CVE-2012-4245 Arbitrary code execution vulnerability in Gimp
https://blogs.oracle.com/sunsecurity/entry/cve_2012_4245_arbitrary_code
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4245

+ CVE-2012-3401 Denial of Service vulnerability in libtiff
https://blogs.oracle.com/sunsecurity/entry/cve_2012_3401_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401

+ SYM12-018 Security Advisories Relating to Symantec Products - Symantec Updates HP Autonomy Keyview Filter Issues Affecting Multiple Vendors
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121120_00

+ Struts 2.3.7 General Availability Release
http://struts.apache.org/2.x/docs/version-notes-237.html

+ curl and libcurl 7.28.1 released
http://curl.haxx.se/changes.html#7_28_1

+ Apple QuickTime CVE-2012-3755 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3755

+ Opera Web Browser Buffer Overflow and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56594

ウイルスバスターコーポレートエディション 10.6 Service Pack 1 適用済み版リパック版公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1866

InterScan Messaging Security Suite 7.1 Linux版 Patch 3 build 13920 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1865

Advisory: Tavis Ormandy finds vulnerabilities in Sophos Anti-Virus products
http://www.sophos.com/en-us/support/knowledgebase/118424.aspx

GSX、次世代FW「Dell SonicWALL」の監視・運用サービスを開始
http://itpro.nikkeibp.co.jp/article/NEWS/20121120/438801/?ST=security

ソフォス、推奨ユーザー10人のUTM最下位モデルを販売
http://itpro.nikkeibp.co.jp/article/NEWS/20121120/438727/?ST=security

OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00073.html

FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |=
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00074.html

Wordpress Facebook Survey v1 - SQL Injection Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00075.html

SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00071.html

[security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00070.html

Behind the Random NTP Bizarreness of Incorrect Year Being Set
http://isc.sans.edu/diary.html?storyid=14548

HP integrated Lights Out (iLO) Unspecified Bug Lets Remote Users Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1027790

IBM Business Process Manager Input Validation Flaw Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027789

Sophos UTM (Astaro Security Gateway) Input Validation Flaws Permit Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027788

Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027787

Novell File Reporter 'NFRAgent.exe' Bugs Let Remote Users Upload and Download Arbitrary Files and Execute Arbitrary Code
http://www.securitytracker.com/id/1027786

VU#849841 Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers
http://www.kb.cert.org/vuls/id/849841

Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability
http://cxsecurity.com/issue/WLB-2012110140

Apple QuickTime 7.7.2 targa image Buffer Overflow
http://cxsecurity.com/issue/WLB-2012110139

SonicWALL CDP 5040 6.x Multiple Web Vulnerabilities
http://cxsecurity.com/issue/WLB-2012110138

LAN.FS Messenger 2.4 Command Execution Vulnerability
http://cxsecurity.com/issue/WLB-2012110137

FormatFactory 3.0.1 Profile File Handling Buffer Overflow
http://cxsecurity.com/issue/WLB-2012110136

Wordpress Facebook Survey v1 SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012110135

Instagram for iOS Plaintext Media Information Disclosure Security Issue
http://secunia.com/advisories/51270/

Omni Secure Two Information Disclosure Security Issues
http://secunia.com/advisories/51303/

dotDefender "<%IP%>" Template Tag Format String Vulnerability
http://secunia.com/advisories/51293/

openSIS "modname" Local File Inclusion Vulnerability
http://secunia.com/advisories/51282/

ATutor "tool_file" Local File Inclusion Vulnerability
http://secunia.com/advisories/51286/

IBM WebSphere Portal Theme Component Unspecified Vulnerability
http://secunia.com/advisories/51281/

IBM Intelligent Operations Center Administrative Access Security Bypass Vulnerability
http://secunia.com/advisories/51306/

Opera Buffer Overflow and Local File Detection
http://secunia.com/advisories/51331/

IBM InfoSphere Discovery IEHS Redirection Weakness and Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51302/

IBM Tivoli Access Manager for e-business GSKIT Vulnerabilities
http://secunia.com/advisories/51279/

SUSE update for plib
http://secunia.com/advisories/51340/

Adobe ColdFusion Denial of Service Vulnerability
http://secunia.com/advisories/51335/

SUSE update for libvirt
http://secunia.com/advisories/51352/

REMOTE: LAN.FS Messenger v2.4 Command Execution Vulnerability
http://www.exploit-db.com/exploits/22854

LOCAL: FormatFactory v3.0.1 Profile File Handling Buffer Overflow
http://www.exploit-db.com/exploits/22851

DoS/PoC: Apple QuickTime 7.7.2 Targa image Buffer Overflow
http://www.exploit-db.com/exploits/22855

Linux Kernel dl2k Network Driver IOCTL Handling Local Denial of Service Vulnerability
2012-11-21
http://www.securityfocus.com/bid/53965

SINAPSI eSolar Light Photovoltaic System Monitor Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55872

Python keyring 'CryptedFileKeyring' component Password Encryption Weakness
http://www.securityfocus.com/bid/55815

IBM Eclipse Help System Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53884

Apple QuickTime CVE-2012-3755 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56551

IBM Multiple Products Global Security Toolkit Security Vulnerabilities
http://www.securityfocus.com/bid/54743

IBM WebSphere Application Server Administrative Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/55309

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4186 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56135

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4185 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56127

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4188 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56123

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4182 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56121

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4184 Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/56120

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4187 Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56125

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4183 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56140

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3995 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56136

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4181 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56130

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4180 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56126

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4179 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56129

Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-3994 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56118

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3993 Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/56119

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3992 Security Vulnerability
http://www.securityfocus.com/bid/56128

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3990 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56131

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3991 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55930

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3988 Use After Free Denial of Service Vulnerability
http://www.securityfocus.com/bid/55931

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3986 Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/55922

Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3982 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55924

Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1956 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55260

ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/55522

WeeChat 'hook_process()' Function Remote Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/56584

Linux Kernel UDF Filesystem Local Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54279

PLIB 'ssgParser.cxx' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55839

PLIB 'ulSetError()' Function Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/51152

Linux Kernel ASLR Security Bypass Weakness
http://www.securityfocus.com/bid/52687

Microsoft .NET Framework CVE-2012-4777 Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56464

Microsoft .NET Framework CVE-2012-4776 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56463

Microsoft .NET Framework CVE-2012-1895 Security Bypass Vulnerability
http://www.securityfocus.com/bid/56455

Microsoft .NET Framework CVE-2012-2519 DLL Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/56462

Microsoft .NET Framework CVE-2012-1896 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56456

Google Chrome Prior to 21.0.1180.89 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55331

Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54203

libxslt 'generate-id()' Function Information Disclosure Vulnerability
http://www.securityfocus.com/bid/47668

Google Chrome Prior to 17.0.963.46 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/51911

Linux Kernel 'madvise_remove()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/55151

Microsoft IIS CVE-2012-2531 Password Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56439

Microsoft IIS FTP Service CVE-2012-2532 Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/56440

Linux Kernel Hugepages CVE-2012-2133 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53233

Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56422

Microsoft Internet Explorer CTreePos Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56421

Microsoft Internet Explorer CFormElement Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56420

Microsoft Windows Briefcase CVE-2012-1527 Integer Underflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56424

Microsoft Windows Briefcase CVE-2012-1528 Integer Overflow Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56442

Microsoft Windows Kernel 'Win32k.sys' CVE-2012-2530 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56447

Microsoft Windows Kernel 'Win32k.sys' CVE-2012-2553 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56448

Microsoft Windows Kernel 'Win32k.sys' TrueType Font Parsing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56457

libssh Multiple Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56604

Instagram For iOS Man in the Middle Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56603

TP-LINK TL-WR841N Router Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56602

openSIS 'modname' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/56598

Lan.FS 'Computername' Parameter Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/56596

WordPress Fb Survey Pro Plugin 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56595

Opera Web Browser Buffer Overflow and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56594

:: IT Security Neophyte Investigator's MEMO ::

2012年11月21日水曜日

21日水曜日、大安

0 件のコメント:

コメントを投稿

2012年11月21日水曜日

21日 水曜日、大安

0 件のコメント:

コメントを投稿

21日水曜日、大安