2012年11月26日月曜日
26日 月曜日、仏滅
+ CESA-2012:1482 Critical CentOS 5 firefox Update
http://lwn.net/Alerts/526436/
+ CESA-2012:1482 Critical CentOS 6 firefox Update
http://lwn.net/Alerts/526439/
+ CESA-2012:1483 Critical CentOS 5 thunderbird Update
http://lwn.net/Alerts/526440/
+ CESA-2012:1483 Critical CentOS 6 thunderbird Update
http://lwn.net/Alerts/526441/
+ PDFCreator 1.6.0 released
http://www.pdfforge.org/
+ Tomcat 7.0.33 Released
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
+ FreeBSD-SA-12:08.linux Linux compatibility layer input validation error
http://www.freebsd.org/security/advisories/FreeBSD-SA-12:08.linux.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4576
+ FreeBSD-SA-12:07.hostapd Insufficient message length validation for EAP-TLS messages
http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445
+ FreeBSD-SA-12:06.bind Multiple Denial of Service vulnerabilities with named(8)
http://www.freebsd.org/security/advisories/FreeBSD-SA-12:06.bind.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
+ PHP 5.4.9 and PHP 5.3.19 released!
http://www.php.net/archive/2012.php#id2012-11-22-1
http://www.php.net/ChangeLog-5.php
Advisory: Delay in new kernel support for Linux endpoints
http://www.sophos.com/en-us/support/knowledgebase/118578.aspx
Advisory: Shh/Updater-B False positives
http://www.sophos.com/en-us/support/knowledgebase/118311.aspx
「暗証番号や合い言葉を同時に要求」、みずほ銀行をかたるフィッシング
http://itpro.nikkeibp.co.jp/article/NEWS/20121126/439521/?ST=security
情報窃盗マルウエア「PASSTEAL」、HTTPSでも油断禁物
http://itpro.nikkeibp.co.jp/article/COLUMN/20121121/438941/?ST=security
[SECURITY] [DSA 2576-1] trousers security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00090.html
FreeBSD Security Advisory FreeBSD-SA-12:08.linux
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00087.html
FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00086.html
FreeBSD Security Advisory FreeBSD-SA-12:06.bind
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00085.html
[ MDVSA-2012:174 ] libtiff
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00084.html
[slackware-security] mozilla-thunderbird (SSA:2012-326-03)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00083.html
[slackware-security] mozilla-firefox (SSA:2012-326-02)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00081.html
[slackware-security] seamonkey (SSA:2012-326-01)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-11/msg00082.html
JVNDB-2012-005486 JP1/Automatic Job Management System 3 および JP1/Automatic Job Management System 2 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005486.html
JVNDB-2012-005485 Hitachi Device Manager Software 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005485.html
JVNDB-2012-005484 Moodle における全てのケイパビリティデータを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005484.html
JVNDB-2012-005483 Moodle における他の参加者のエントリの閲覧制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005483.html
JVNDB-2012-005482 Moodle の Portfolio プラグインにおけるファイルをアップロードされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005482.html
JVNDB-2012-005481 Moodle における異なるグループユーザの活動エントリを読まれる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005481.html
JVNDB-2012-005480 Moodle の lib/formslib.php におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005480.html
JVNDB-2012-005479 Moodle の Dropbox Repository File Picker における異なるユーザの Dropbox にアクセスされる脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005479.html
JVNDB-2012-005478 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005478.html
JVNDB-2012-005477 複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005477.html
JVNDB-2012-005476 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005476.html
JVNDB-2012-005475 複数の Mozilla 製品の nsTextEditorState::PrepareEditor 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005475.html
JVNDB-2012-005474 複数の Mozilla 製品におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005474.html
JVNDB-2012-005473 複数の Mozilla 製品の WebGL サブシステムにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005473.html
JVNDB-2012-005472 Mozilla Firefox の Web 開発ツールバーにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005472.html
JVNDB-2012-005471 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005471.html
JVNDB-2012-005470 複数の Mozilla 製品の WebGL サブシステムにおける整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005470.html
JVNDB-2012-005469 複数の Mozilla 製品の WebGL サブシステムにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005469.html
JVNDB-2012-005468 Mac OS X 上で稼働する複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005468.html
JVNDB-2012-005467 複数の Mozilla 製品の nsWindow::OnExposeEvent 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005467.html
JVNDB-2012-005466 複数の Mozilla 製品の BuildTextRunsScanner::BreakSink::SetBreaks 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005466.html
JVNDB-2012-005465 複数の Mozilla 製品の nsViewManager::ProcessPendingUpdates 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005465.html
JVNDB-2012-005464 複数の Mozilla 製品の gfxFont::GetFontEntry 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005464.html
JVNDB-2012-005463 複数の Mozilla 製品の nsPlaintextEditor::FireClipboardEvent 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005463.html
JVNDB-2012-005462 複数の Mozilla 製品の nsTextEditorState::PrepareEditor 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005462.html
JVNDB-2012-005461 複数の Mozilla 製品の nsEditor::FindNextLeafNode 関数における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005461.html
JVNDB-2012-005460 複数の Mozilla 製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005460.html
JVNDB-2012-005459 Mozilla Firefox および Firefox ESR における任意の JavaScript を実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005459.html
JVNDB-2012-005458 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005458.html
JVNDB-2012-005457 複数の Mozilla 製品の XrayWrapper の実装におけるクローム専用の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005457.html
JVNDB-2012-005456 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005456.html
JVNDB-2012-005455 Mozilla Firefox のインストーラにおける権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005455.html
JVNDB-2012-005454 複数の Mozilla 製品におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005454.html
JVNDB-2012-005453 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005453.html
JVNDB-2012-005452 Mozilla Firefox の新しいタブページにおける任意のプログラムを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005452.html
JVNDB-2012-005451 複数の Mozilla 製品の image::RasterImage::DrawFrameTo 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005451.html
JVNDB-2012-005450 複数の Mozilla 製品の evalInSandbox の実装におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005450.html
Risk Assessment Reloaded (thanks PCI ! )
http://isc.sans.edu/diary.html?storyid=14560
What's in Your Change Control Form?
http://isc.sans.edu/diary.html?storyid=14563
Greek National Arrested on Suspicion of Theft of 9M Records on Fellow Greeks
http://isc.sans.edu/diary.html?storyid=14557
FreeBSD Input Validation Flaw in Linux Compatibility Layer Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027809
FreeBSD hostapd Validation Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027808
lighttpd Connection Header Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1027802
Autonomy KeyView IDOL File Parsing Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027798
IBM WebSphere DataPower XC10 Appliance Bugs Let Remote Authenticated Users Gain Elevated Privileges and Remote Users Deny Service
http://www.securitytracker.com/id/1027798
Linux Kernel Dlink dl2k IOCTL Permissions Let Local Users Deny Service
http://www.securitytracker.com/id/1027796
ownCloud Cross-Site Scripting and File Upload Vulnerabilities
http://secunia.com/advisories/51357/
SUSE update for lighttpd
http://secunia.com/advisories/51298/
Debian update for trousers
http://secunia.com/advisories/51295/
BugTracker.NET "msg" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51292/
XiVO Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/51361/
Red Hat update for java-1.4.2-ibm
http://secunia.com/advisories/51393/
Jenkins Three Vulnerabilities
http://secunia.com/advisories/51392/
Radiant CMS upload_manager Plugin swfupload Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51391/
SUSE update for icedtea-web
http://secunia.com/advisories/51374/
Liferay Portal swfupload Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51387/
IBM Tivoli Endpoint Manager Remote Control Broker Denial of Service Vulnerability
http://secunia.com/advisories/51386/
Call of Duty Modern Warfare 3 Denial of Service Vulnerability
http://secunia.com/advisories/51280/
TinyMCE Archiv Plugin swfupload Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51389/
Ubuntu update for thunderbird
http://secunia.com/advisories/51370/
Ubuntu update for firefox
http://secunia.com/advisories/51369/
Feng Office Cross-Site Scripting and Security Bypass Vulnerabilities
http://secunia.com/advisories/51356/
SUSE update for java-1_7_0-ibm
http://secunia.com/advisories/51390/
Avaya CMS Oracle Solaris SCTP Denial of Service Vulnerability
http://secunia.com/advisories/51388/
dotProject Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/51380/
dotProject "date" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51332/
Ubuntu update for tomcat6
http://secunia.com/advisories/51371/
Incomedia WebSite X5 Evolution <= 9.0.4.1748 XSS & Auth bypass
http://cxsecurity.com/issue/WLB-2012110183
Apple QuickTime 7.7.2 TeXML font-table Field Stack Buffer Overflow
http://cxsecurity.com/issue/WLB-2012110182
TYPO3 CMS, TinyMCE, Liferay Portal, Drupal swfupload XSS
http://cxsecurity.com/issue/WLB-2012110181
Wordpress dailyedition-mouss Theme SQL injection
http://cxsecurity.com/issue/WLB-2012110180
ES CmS 0.1 Sql Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012110179
vBulletin 5.0.0 Beta 19 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012110178
Cisco WAG120N Command Execution
http://cxsecurity.com/issue/WLB-2012110177
Designlab SQL Injection
http://cxsecurity.com/issue/WLB-2012110176
Gianni Messina CMS 2.0 2010 SQL Injection
http://cxsecurity.com/issue/WLB-2012110175
Twitter 5.0 Eavesdropping Proof Of Concept
http://cxsecurity.com/issue/WLB-2012110174
WordPress Zarzadzanie Kontem Shell Upload
http://cxsecurity.com/issue/WLB-2012110173
WordPress Simple Slider 1.0 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012110172
WordPress Plg Novana SQL Injection
http://cxsecurity.com/issue/WLB-2012110171
WordPress Zingiri Web Shop 2.5.0 Shell Upload
http://cxsecurity.com/issue/WLB-2012110170
Beat Websites Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012110169
TrouSerS Denial Of Service Vulnerability
http://cxsecurity.com/issue/WLB-2012110168
Ezylog Photovoltaic Management SQL Injection and Command Injection
http://cxsecurity.com/issue/WLB-2012090124
GIMP 2.8.2 XWD files memory corruption
http://cxsecurity.com/issue/WLB-2012110167
Wordpress malmonation theme SQL Injection
http://cxsecurity.com/issue/WLB-2012110166
FORMEDIA id parameter SQL Injection
http://cxsecurity.com/issue/WLB-2012110165
Egroupware 1.8.002 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012040057
Greenstone Digital Library Software Multiple Vulns
http://cxsecurity.com/issue/WLB-2012110164
Wordpress magazine-basic-plugin/ Theme SQL Injection
http://cxsecurity.com/issue/WLB-2012110163
Wordpress plg_novana plugin Sql Injection
http://cxsecurity.com/issue/WLB-2012110162
lighttpd 1.4.31 DOS POC
http://cxsecurity.com/issue/WLB-2012110161
swfupload_f8.swf Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012110160
Wordpress hd-webplayer Theme SQL Injection
http://cxsecurity.com/issue/WLB-2012110158
Wordpress webplayer-plugin Theme SQL Injection
http://cxsecurity.com/issue/WLB-2012110159
Wordpress fs-real-estate-plugin Theme SQL Injection
http://cxsecurity.com/issue/WLB-2012110157
PicoPublisher 2.0 SQL Injection
http://cxsecurity.com/issue/WLB-2012030252
SnackAmp 3.1.3 Denial Of Service
http://cxsecurity.com/issue/WLB-2012040023
ManageEngine ServiceDesk 8.0 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012110156
NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution
http://cxsecurity.com/issue/WLB-2012110155
dotProject 2.1.6 Cross Site Scripting & SQL Injection
http://cxsecurity.com/issue/WLB-2012110154
Feng Office 2.0 Beta 3 XSS & Privilege Escalation
http://cxsecurity.com/issue/WLB-2012110153
PHP Server Monitor Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012110152
REMOTE: Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
http://www.exploit-db.com/exploits/22905
REMOTE: NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution
http://www.exploit-db.com/exploits/22903
DoS/PoC: TrouSerS Denial Of Service Vulnerability
http://www.exploit-db.com/exploits/22904
DoS/PoC: lighttpd 1.4.31 Denial of Service PoC
http://www.exploit-db.com/exploits/22902
Multiple Horde Products Multiple Unspecified HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56541
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5838 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56644
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5833 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56642
OpenSSL DTLS CVE-2012-2333 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53476
OpenSSL Encoded ASN.1 Data Integer Truncation Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53158
libsocialweb CVE-2012-4511 Non-SSL Connection Man in The Middle Vulnerability
http://www.securityfocus.com/bid/56167
cgit 'syntax-highlighting.sh' Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/56315
AWStats 'awredir.pl' Unspecified Security Vulnerability
http://www.securityfocus.com/bid/56280
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5830 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56641
GNU libiberty '_objalloc_alloc()' Function CVE-2012-3509 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/55281
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5835 Integer Overflow Vulnerability
http://www.securityfocus.com/bid/56643
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4217 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56639
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4218 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56640
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5839 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56637
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4213 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56638
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5829 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56636
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4202 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56614
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4204 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56613
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4216 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56634
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5840 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56635
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4215 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56633
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5843 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/56612
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5842 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/56611
Mozilla Firefox, SeaMonkey, and Thunderbird HZ-GB-2312 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56632
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4214 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56628
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4205 Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/56621
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4209 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56629
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-5841 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56631
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4212 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56630
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5836 Denial of Service Vulnerability
http://www.securityfocus.com/bid/56616
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-4201 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56618
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4208 Security Bypass Vulnerability
http://www.securityfocus.com/bid/56627
Ruby CVE-2012-5371 Hash Collision Denial of Service Vulnerability
http://www.securityfocus.com/bid/56484
OpenSSL Multiple Vulnerabilities
http://www.securityfocus.com/bid/51281
OpenSSL CMS PKCS #7 Decryption CVE-2012-0884 Security Bypass Vulnerability
http://www.securityfocus.com/bid/52428
OpenSSL Internal Certificate Verification Routine Security Bypass Vulnerability
http://www.securityfocus.com/bid/49469
OpenSSL S/MIME Header Processing Null Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52764
hostapd CVE-2012-4445 Message Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55826
MantisBT Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/52313
MantisBT 'delete_attachments_threshold()' Function Security Bypass Vulnerability
http://www.securityfocus.com/bid/53921
MantisBT Prior To 1.2.12 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56520
Xen Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56498
Perl CGI.pm 'Set-Cookie' and 'P3P' Headers HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/56562
ViewVC CVE-2012-4533 HTML Injection Vulnerability
http://www.securityfocus.com/bid/56161
ModSecurity POST Parameters Security Bypass Vulnerability
http://www.securityfocus.com/bid/56096
SWFUpload 'movieName' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54245
Drupal Chaos Tool Suite Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56538
Drupal User Read-Only Module Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/56548
Drupal RESTful Web Services Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/56536
Multiple Drupal Modules HTML Injection Vulnerability
http://www.securityfocus.com/bid/56540
Drupal Webform CiviCRM Integration Module Access Bypass Vulnerability
http://www.securityfocus.com/bid/56444
Drupal Password Policy Module Password Hash Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56350
Drupal OM Maximenu Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/56441
Drupal MailChimp Module Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/56234
Drupal Search API Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/56099
Drupal Mandrill Module Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55868
Drupal Twitter Pull Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55768
Drupal Feeds Module Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/55869
Drupal Commerce Extra Panes Module Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/55776
Drupal Hostip Module Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/55772
Drupal Organic Groups SA-CONTRIB-2012-148 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55702
Drupal FileField Sources Module HTML Injection Vulnerability
http://www.securityfocus.com/bid/55615
Drupal Simplenews Scheduler Module Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/55616
Drupal Time Spent Module Multiple Unspecified Input Validation Vulnerabilities
http://www.securityfocus.com/bid/56233
Mozilla Firefox CVE-2012-4210 Style Inspector Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56646
Mozilla Firefox CVE-2012-4206 Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/56625
Mozilla Firefox CVE-2012-4203 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56623
Mozilla Firefox CVE-2012-5837 Developer Toolbar Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56645
Linux Kernel KVM CVE-2012-4461 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56414
TrouSerS CVE-2012-0698 Denial Of Service Vulnerability
http://www.securityfocus.com/bid/55459
lighttpd 'http_request_split_value()' Function Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56619
Greenstone Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56662
ownCloud Multiple Cross Site Scripting and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/56658
Performance Co-Pilot CVE-2012-5530 Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/56656
Debian 'android-tools' Package Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/56653
Jenkins Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56651
Oracle Java SE CVE-2012-5073 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56080
Drupal Printer, email and PDF versions Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52896
Oracle Java SE CVE-2012-5079 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56082
Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56071
Oracle Java SE CVE-2012-3216 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56075
Oracle Java SE CVE-2012-5084 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56063
Oracle Java SE CVE-2012-5083 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56025
Oracle Java SE CVE-2012-1531 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56033
IBM Java Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/55495
RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-91 through -106 Multiple Vulnerabilities
http://www.securityfocus.com/bid/56607
LibTIFF TIFF Image Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55673
LibTIFF 'TIFFScanlineSize()' Function Heap-based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56372
OpenStack Glance CVE-2012-4573 Arbitrary File Deletion Vulnerability
http://www.securityfocus.com/bid/56437
Oracle Java SE CVE-2012-5077 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56058
Oracle Java SE CVE-2012-5087 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56043
Oracle Java SE CVE-2012-5086 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56039
Oracle Java SE CVE-2012-5069 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56065
Oracle Java SE CVE-2012-5088 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56057
Oracle Java SE CVE-2012-5071 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56061
Oracle Java SE CVE-2012-3143 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56055
Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56059
Oracle Java SE CVE-2012-5070 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56079
Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56081
Oracle Java SE CVE-2012-5072 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56083
Oracle Java SE CVE-2012-5074 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56056
Oracle Java SE CVE-2012-5076 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56054
Oracle Java SE CVE-2012-1532 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56051
Oracle Java SE CVE-2012-5067 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56070
Oracle Java SE CVE-2012-1533 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56046
Oracle Java SE CVE-2012-3159 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56072
Oracle Solaris CVE-2012-3165 Local Security Vulnerability
http://www.securityfocus.com/bid/56016
Autonomy Keyview IDOL Multiple Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/56610
Debian 'libotr2' Package Multiple Heap Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54907
Oracle Solaris CVE-2012-1692 Local Vulnerability
http://www.securityfocus.com/bid/53125
NetIQ Privileged User Manager 'ldapagnt_eval()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56539
WordPress FireStorm Professional Real Estate Plugin 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56278
WordPress Magazine Basic Theme 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56664
WordPress Zarzadzonie Kontem Plugin 'ajaxfilemanager.php' Script Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/56663
WordPress Plg Novana Plugin 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56661
WordPress Webplayer Plugin 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56660
WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/56659
FreeBSD Linux Compatibility Layer Local Privilege Escalation Vulnerabiity
http://www.securityfocus.com/bid/56654
Ubuntu 'unity-firefox-extension' Package Denial of Service Vulnerability
http://www.securityfocus.com/bid/56650
Cisco WAG120N Multiple Remote Command Execution Vulnerabilities
http://www.securityfocus.com/bid/56648
GIMP XWD File Handling Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56647
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿