2012年12月13日木曜日
13日 木曜日、大安
+ Multiple Tomcat vulnerabilities in Oracle Health Sciences LabPas
https://blogs.oracle.com/sunsecurity/entry/multiple_tomcat_vulnerabilities_in_oracle
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534
+ マイクロソフト セキュリティ アドバイザリ (2755801) Internet Explorer 10 上の Adobe Flash Player の脆弱性用の更新プログラム
http://technet.microsoft.com/ja-jp/security/advisory/2755801
+ Tomcat 7.0.34 Released
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
+ UltraMonkey-L7 3.0.4-3 released
http://sourceforge.jp/projects/ultramonkey-l7/releases/57612/note
ウイルスバスター for Mac バージョン2.0 プログラムアップデートのお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1872
Advisory: Considerations for customers running Endpoint Security and Control 10 in advance of May maintenance release
http://www.sophos.com/en-us/support/knowledgebase/117226.aspx
Adobe Flash Player の脆弱性対策について(APSB12-27)(CVE-2012-5676等)
http://www.ipa.go.jp/security/ciadr/vul/20121212-adobeflashplayer.html
WindowsやIEなどに危険な脆弱性、Windows 8/RTやIE10も対象
マイクロソフトはパッチを公開、Wordにも深刻な脆弱性
http://itpro.nikkeibp.co.jp/article/NEWS/20121213/443944/?ST=security
「Shylock」マルウエアの新機能、研究者の検知を回避
http://itpro.nikkeibp.co.jp/article/COLUMN/20121210/443183/?ST=security
WindowsとFlashで相次ぎ緊急のセキュリティ脆弱性、遠隔操作の恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20121212/443829/?ST=security
警察庁、「遠隔操作ウイルス」捜査の情報提供に最大300万円の報奨金
http://itpro.nikkeibp.co.jp/article/NEWS/20121212/443701/?ST=security
マカフィーとインヴェンティット、Android端末向けセキュリティ分野で協業
http://itpro.nikkeibp.co.jp/article/NEWS/20121212/443663/?ST=security
スマホの安全対策、「パスワード」や「アクセス許可の確認」は3割未満
IPAがセキュリティ意識の調査、パソコンのウイルス対策は7割
http://itpro.nikkeibp.co.jp/article/NEWS/20121212/443545/?ST=security
悪質アプリの新手口、ダウンロードページに「利用規約」
まともなアプリに見せかける、実際は「連絡先」を勝手にアップロード
http://itpro.nikkeibp.co.jp/article/NEWS/20121212/443542/?ST=security
JVNTA12-346A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA12-346A/
JVNDB-2012-005681 IBM Informix におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005681.html
JVNDB-2012-005680 IBM Flex System CMM および IMM2 における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005680.html
JVNDB-2011-005209 複数の Rockwell Automation 製品におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005209.html
JVNDB-2011-005208 Post Oak AWAM Bluetooth Reader Traffic System におけるデバイスを偽装される脆弱性
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005208.html
JVNDB-2012-005679 IBM Tivoli Monitoring におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005679.html
US-CERT Alert TA12-346A - Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2012-12/msg00000.html
Citrix XenDesktop Lets Remote Authenticated Users Bypass USB Redirection Policies
http://www.securitytracker.com/id/1027869
Citrix XenApp XML Service Interface Bug Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027868
Symantec Network Access Control Unquoted Search Path Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027864
Symantec Endpoint Protection Input Validation Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027863
HP OpenVMS LOGIN/ACMELOGIN Bug Lets Local and Remote Users Deny Service
http://www.securitytracker.com/id/1027861
VU#856892 Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.
http://www.kb.cert.org/vuls/id/856892
VU#194604 IBM Power 5 Service Processor privilege escalation vulnerability
http://www.kb.cert.org/vuls/id/194604
VU#876780 D-Link DSL2730U router restricted telnet shell command whitelisting bypass
http://www.kb.cert.org/vuls/id/876780
Microsoft Internet Explorer 610 Mouse Tracking
http://cxsecurity.com/issue/WLB-2012120089
Snare For Linux Cross Site Request Forgery
http://cxsecurity.com/issue/WLB-2012120093
Snare For Linux Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012120092
SimpleInvoices 2011.1 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012120091
gpEasy CMS XSS Vulnerability
http://cxsecurity.com/issue/WLB-2012120090
Axway Directory Traversal
http://cxsecurity.com/issue/WLB-2012120088
HP Data Protector DtbClsLogin Buffer Overflow
http://cxsecurity.com/issue/WLB-2012120087
REMOTE: Microsoft Internet Explorer 6-10 Mouse Tracking
http://www.exploit-db.com/exploits/23321
REMOTE: Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability (0day)
http://www.exploit-db.com/exploits/23323
MuPDF "pdf_repair_obj_stm()" Signedness Vulnerability
http://secunia.com/advisories/51544/
SumatraPDF "pdf_repair_obj_stm()" Signedness Vulnerability
http://secunia.com/advisories/51511/
Red Hat update for flash-plugin
http://secunia.com/advisories/51526/
WordPress Floating Social Media Links Plugin "wpp" Remote File Inclusion Vulnerabilities
http://secunia.com/advisories/51346/
OpenDocMan Checkout Security Bypass and SQL Injection Vulnerabilities
http://secunia.com/advisories/51446/
Microsoft Windows Flash Player Multiple Vulnerabilities
http://secunia.com/advisories/51536/
VLC Media Player SWF Video Decoding Use-After-Free Vulnerability
http://secunia.com/advisories/51464/
Oracle Solaris Mozilla Firefox Multiple Vulnerabilities
http://secunia.com/advisories/51562/
Oracle Solaris GNOME Structured File Library "ole_info_read_metabat()" Buffer Overflow
http://secunia.com/advisories/51561/
Oracle Solaris Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/51563/
IBM SPSS Modeler Text Analytics Server SSL Certificate Verification Security Issue
http://secunia.com/advisories/51523/
Oracle Solaris Webmin Multiple Vulnerabilities
http://secunia.com/advisories/51515/
HP OpenVMS LOGIN / ACMELOGIN Denial of Service Vulnerabilities
http://secunia.com/advisories/51559/
Citrix XenApp XML Service Interface Code Execution Vulnerability
http://secunia.com/advisories/51538/
Citrix XenDesktop USB Redirection Policy Security Issue
http://secunia.com/advisories/51524/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/51549/
Adobe Flash Player / AIR Multiple Vulnerabilities
http://secunia.com/advisories/51560/
Avaya Aura System Manager GNU C Library stdlib Functions Integer Overflow Weaknesses
http://secunia.com/advisories/51556/
Adobe ColdFusion Sandbox Permissions Security Bypass Vulnerability
http://secunia.com/advisories/51551/
Cerberus FTP Server Web Admin Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51547/
Debian update for bogofilter
http://secunia.com/advisories/51521/
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1970 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55266
Mozilla Firefox/SeaMonkey CVE-2012-3976 Address Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/55313
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3957 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55341
Novell File Reporter 'NFRAgent.exe' Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56579
Mozilla Firefox/Thunderbird CVE-2012-3974 Local Code Execution Vulnerability
http://www.securityfocus.com/bid/55312
Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-3972 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55310
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3960 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55325
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3968 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55276
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1971 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55264
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3963 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55340
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3964 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55322
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1975 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55318
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3961 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55321
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3962 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55342
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1974 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55317
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3970 Use-After-Free Memory CorruptionVulnerability
http://www.securityfocus.com/bid/55278
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-3969 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55292
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1972 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55314
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1976 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55319
Google Chrome Prior to 23.0.1271.95 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56741
Apple Mac OS X Intel GPU Driver Unspecified Security Vulnerability
http://www.securityfocus.com/bid/56752
Google Chrome Prior to 23.0.1271.91 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56684
bash-doc Insecure Temporary File Creation Vulnerabilities
http://www.securityfocus.com/bid/32733
CUPS CVE-2012-5519 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56494
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3966 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/55274
Mozilla Firefox/Thunderbird/Seamonkey MFSA 2012-42 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/54580
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1962 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54575
Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/54585
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3958 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55323
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1960 Out of Bounds Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54572
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3978 Security Bypass Vulnerability
http://www.securityfocus.com/bid/55306
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3967 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55277
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3959 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55324
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3956 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55320
Mozilla Firefox/Thunderbird Web Console CVE-2012-3980 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/55257
VLC Media Player 'swf' File Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/56861
Webmin Multiple Input Validation Vulnerabilities
http://www.securityfocus.com/bid/55446
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1973 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/55316
Mozilla Firefox, SeaMonkey, and Thunderbird Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/54578
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1957 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54583
Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-1955 Location Bar Spoofing Vulnerability
http://www.securityfocus.com/bid/54586
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1961 Clickjacking Vulnerability
http://www.securityfocus.com/bid/54584
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1959 Security Bypass Vulnerability
http://www.securityfocus.com/bid/54576
Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-1964 Clickjacking Vulnerability
http://www.securityfocus.com/bid/54581
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1958 Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/54574
Mozilla Firefox, SeaMonkey, and Thunderbird Information Disclosure Vulnerability
http://www.securityfocus.com/bid/54582
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-1967 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/54573
Mozilla Firefox CVE-2012-1966 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54577
Mozilla Firefox CVE-2012-1965 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54579
LibGSF Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/21358
Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/56408
Multiple Rockwell Automation Products CVE-2012-4690 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56872
Adobe Flash Player and AIR CVE-2012-5677 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/56896
Adobe ColdFusion CVE-2012-5675 Security Bypass Vulnerability
http://www.securityfocus.com/bid/56900
Adobe Flash Player and AIR CVE-2012-5678 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56898
Adobe Flash Player and AIR CVE-2012-5676 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56892
Squashfs Stack-Based and Heap-Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/54610
Perl CGI.pm 'Set-Cookie' and 'P3P' Headers HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/56562
Xen 'XENMEM_exchange' Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56797
Xen Grant Table Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56794
Xen Bitmap Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56796
Xen 'get_page_from_gfn()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56805
WeeChat 'hook_process()' Function Remote Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/56584
WeeChat Color Decoding Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56482
gksu-polkit CVE-2012-5617 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56918
Ubuntu APT Insecure File Permissions Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56917
MyBB Tips Of The Day Plugin SQL Injection and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56916
D-Link DSL2730U Telnet Shell Remote Command Injection Vulnerability
http://www.securityfocus.com/bid/56914
WordPress Floating Social Media Links Plugin 'wpp' Parameter Remote File Include Vulnerabilities
http://www.securityfocus.com/bid/56913
OpenDocMan Security Bypass and SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/56912
Centreon 'menu' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/56911
IBM Server Firmware Power 5 CVE-2012-4856 Remote Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56910
Cerberus FTP Server Web Admin Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/56906
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿