+ CESA-2012:1551 Important CentOS 6 mysql Update
http://lwn.net/Alerts/528444/
+ CESA-2012:1549 Important CentOS 6 bind Update
http://lwn.net/Alerts/528408/
定期サーバメンテナンスのお知らせ(2012年12月14日)
http://www.trendmicro.co.jp/support/news.asp?id=1867
リスク評価の優先順位付けのカギは製品統合とGRC
http://itpro.nikkeibp.co.jp/article/Interview/20121206/442561/?ST=security
Multiple SQL Injection vulnerabilities in ClipBucket
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00062.html
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00063.html
Multiple vulnerabilities in Achievo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00061.html
Multiple vulnerabilities in Achievo
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00056.html
Multiple SQL Injection vulnerabilities in ClipBucket
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00055.html
TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00053.html
[SECURITY] [DSA 2582-1] xen security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00054.html
CanSecWest13 CFP Open Until December 14 2012, Conf March 7-9 2013, Vancouver
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00058.html
Update on CVE assigned for Wordpress Plugin Simple Gmail Login
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00060.html
Update on CVE assigned for Video Lead Form Plugin Cross-Site
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00059.html
[slackware-security] ruby (SSA:2012-341-04)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00051.html
[slackware-security] libxml2 (SSA:2012-341-03)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00052.html
JVNVU#90216056 ManageEngine AssetExplorer にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU90216056/
JVNDB-2012-005678 (JVNVU#90216056) ManageEngine AssetExplorer にクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005678.html
JVNDB-2012-005276 Adobe Flash Player におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005276.html
JVNDB-2012-005275 Adobe Flash Player における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005275.html
JVNDB-2012-005274 Adobe Flash Player におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005274.html
JVNDB-2012-005273 Adobe Flash Player におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005273.html
JVNDB-2012-005272 Adobe Flash Player におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005272.html
JVNDB-2012-005271 Adobe Flash Player におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005271.html
JVNDB-2012-005270 Adobe Flash Player におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005270.html
JVNDB-2012-005316 ppm2tiff におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005316.html
JVNDB-2012-005312 IcedTea-Web の IcedTeaScriptablePluginObject.cc における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005312.html
JVNDB-2012-005677 HP Network Node Manager i における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005677.html
JVNDB-2012-005676 HP Intelligent Management Center におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005676.html
JVNDB-2012-005675 HP LaserJet Pro および LaserJet における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005675.html
JVNDB-2012-005674 HP Color LaserJet および LaserJet におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005674.html
JVNDB-2012-005317 複数の OpenStack 製品の v1 API における保護されていないイメージを削除される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005317.html
JVNDB-2012-005467 複数の Mozilla 製品の nsWindow::OnExposeEvent 関数におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005467.html
JVNDB-2012-005672 ISC BIND におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005672.html
Red Hat Certificate System Flaws Permit Cross-Site Scripting and Denial of Service Attacks
http://www.securitytracker.com/id/1027846
Reports of Strange TCP Port 443 Behavior
http://isc.sans.edu/diary.html?storyid=14665
ISC Feature of the Week: Glossary Additions
http://isc.sans.edu/diary.html?storyid=14668
VU#702452 Qualcomm Android OS kernel privilege escalation and denial of service vulnerabilites
http://www.kb.cert.org/vuls/id/702452
Site Builder RumahWeb Arbitrary Config File Disclosure Vulnerability
http://cxsecurity.com/issue/WLB-2012120074
Pixie v1.04 blog Add Admin
http://cxsecurity.com/issue/WLB-2012120073
KeenLook SQL injection Vulnerability
http://cxsecurity.com/issue/WLB-2012120072
Centrify Deployment Manager v2.1.0.283 Local Root
http://cxsecurity.com/issue/WLB-2012120071
Centrify Deployment Manager v2.1.0.283 /tmp insecure file handling
http://cxsecurity.com/issue/WLB-2012120038
TVMOBiLi Media Server 2.1.0.3557 Denial Of Service
http://cxsecurity.com/issue/WLB-2012120070
Achievo 1.4.5 Cross Site Scripting & SQL Injection
http://cxsecurity.com/issue/WLB-2012120069
Splunk 5.0 Custom App Remote Code Execution
http://cxsecurity.com/issue/WLB-2012120068
WordPress Simple Gmail Login Path Disclosure
http://cxsecurity.com/issue/WLB-2012120067
ClipBucket 2.6 Revision 738 SQL Injection
http://cxsecurity.com/issue/WLB-2012120066
FreeFloat FTP Server Arbitrary File Upload
http://cxsecurity.com/issue/WLB-2012120065
Maxthon3 about:history XCS Trusted Zone Code Execution
http://cxsecurity.com/issue/WLB-2012120064
VLC Media Player 2.0.4 Buffer Overflow
http://cxsecurity.com/issue/WLB-2012120063
Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2012120062
Oracle MySQL For Microsoft Windows MOF Execution
http://cxsecurity.com/issue/WLB-2012120061
IBM System Director Agent DLL Injection
http://cxsecurity.com/issue/WLB-2012120060
m0n0wall 1.33 Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012120059
Microsoft Internet Explorer 7 Denial Of Service
http://cxsecurity.com/issue/WLB-2012120058
Maxthon / Avant Browser XCS / Same Origin Bypass
http://cxsecurity.com/issue/WLB-2012120057
TVMOBiLi HTTP Request Processing Two Buffer Overflow Vulnerabilities
http://secunia.com/advisories/51465/
Red Hat update for mysql
http://secunia.com/advisories/51466/
SUSE update for gimp
http://secunia.com/advisories/51479/
SUSE update for gegl
http://secunia.com/advisories/51461/
SUSE update for horde4-kronolith
http://secunia.com/advisories/51469/
SUSE update for tor
http://secunia.com/advisories/51471/
Red Hat update for bind
http://secunia.com/advisories/51481/
Red Hat update for pki
http://secunia.com/advisories/51482/
SUSE update for xen
http://secunia.com/advisories/51487/
SUSE update for libssh
http://secunia.com/advisories/51492/
m0n0wall Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/51238/
IBM Informix Dynamic Server Buffer Overflow Vulnerability
http://secunia.com/advisories/51506/
bogofilter Base64 Character Set Conversion Denial of Service Vulnerability
http://secunia.com/advisories/51334/
IBM Flex System CMM and IMM2 Modules Credentials Disclosure Security Issue
http://secunia.com/advisories/51508/
IBM Tivoli Monitoring HTTP Service Console Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51509/
Perl Locale::Maketext Module Two Code Injection Vulnerabilities
http://secunia.com/advisories/51498/
Avaya Experience Portal Apache HTTP Server ByteRange Filter Denial of Service Vulnerability
http://secunia.com/advisories/51480/
REMOTE: Splunk 5.0 Custom App Remote Code Execution
http://www.exploit-db.com/exploits/23224
REMOTE: Maxthon3 about:history XCS Trusted Zone Code Execution
http://www.exploit-db.com/exploits/23225
REMOTE: FreeFloat FTP Server Arbitrary File Upload
http://www.exploit-db.com/exploits/23226
REMOTE: Nagios XI Network Monitor Graph Explorer Component Command Injection
http://www.exploit-db.com/exploits/23227
REMOTE: Free Float FTP Server USER Command Buffer Overflow
http://www.exploit-db.com/exploits/23243
REMOTE: IBM System Director Agent DLL Injection
http://www.exploit-db.com/exploits/23203
LOCAL: Centrify Deployment Manager v2.1.0.283 Local Root
http://www.exploit-db.com/exploits/23251
DoS/PoC: Sumatra 2.1.1/MuPDF 1.0 Integer Overflow
http://www.exploit-db.com/exploits/23246
DoS/PoC: Android Kernel 2.6 Local DoS Crash PoC
http://www.exploit-db.com/exploits/23248
DoS/PoC: TVMOBiLi 2.1.0.3557 Denial of Service Vulnerability
http://www.exploit-db.com/exploits/23254
TP-LINK TL-WR841N Router Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56602
Xen Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56498
Xen Grant Table Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56794
Xen CVE-2012-5514 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56803
Xen 'extent_order' Values Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56798
Xen DMA Requests IOMMU Denial of Service Vulnerability
http://www.securityfocus.com/bid/49146
Linux Kernel 'binfmt_script.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55878
Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56769
WordPress Video Lead Form Plugin 'errMsg' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56737
libssh Multiple Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56604
Symfony CVE-2012-5574 Arbitrary File Access Vulnerability
http://www.securityfocus.com/bid/56685
Midnight Commander 'MC_EXT_SELECTED' Variable Remote Security Vulnerability
http://www.securityfocus.com/bid/55777
Ruby CVE-2012-5371 Hash Collision Denial of Service Vulnerability
http://www.securityfocus.com/bid/56484
IBM Director CIM Server Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/34065
FOOT Gestion 'id' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56862
Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56860
IBM Informix Dynamic Server CVE-2012-4857 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56857
Qualcomm Android kernel Remote Code Execution and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56855
TVMOBiLi CVE-2012-5451 Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/56853
Perl Locale::Maketext Module '_compile()' Multiple Code Injection Vulnerabilities
http://www.securityfocus.com/bid/56852
IBM Flex System CMM and IMM2 Modules Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56850
libssh CVE-2012-6063 Denial of Service Vulnerability
http://www.securityfocus.com/bid/56848
0 件のコメント:
コメントを投稿