2012年12月19日水曜日
19日 水曜日、大安
+ RHSA-2012:1590 Moderate: libtiff security update
http://rhn.redhat.com/errata/RHSA-2012-1590.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581
+ RHSA-2012:1580 Moderate: kernel security, bug fix and enhancement update
http://rhn.redhat.com/errata/RHSA-2012-1580.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5517
+ Opera 12.12 released
http://www.opera.com/docs/changelogs/unified/1212/
+ HPSBUX02835 SSRT100763 rev.1 - HP-UX Running BIND, Remote Domain Name Revalidation
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03577598-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1033
+ Multiple vulnerabilities in Apache HTTP server
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_http2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
+ Multiple vulnerabilities in Firefox
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_firefox
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3958
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3959
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3961
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3962
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3963
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3964
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3966
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3967
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3968
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3980
OpenSSL vulnerability CVE-2012-0884
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk76360&src=securityAlerts
Database .NET 7.6 released
http://www.postgresql.org/about/news/1436/
NECがインターポールと提携、国際サイバー犯罪への対応力を強化
http://itpro.nikkeibp.co.jp/article/NEWS/20121218/445242/?ST=security
Mitigating the impact of organizational change: a risk assessment
http://isc.sans.edu/diary.html?storyid=14725
All I Want for Christmas is to Not Get Hacked !
http://isc.sans.edu/diary.html?storyid=14722
Joomla! 'language search' Component Cross Site Scripting Vulnerability
http://www.securiteam.com/securitynews/6Z0362A6AA.html
VU#519137 Adobe Shockwave player installs Xtras without prompting
http://www.kb.cert.org/vuls/id/519137
VU#323161 Adobe Shockwave player provides vulnerable Flash runtime
http://www.kb.cert.org/vuls/id/323161
VU#546769 Adobe Shockwave player vulnerable to downgrading
http://www.kb.cert.org/vuls/id/546769
SonicWALL SonicOS Input Validation Flaw Permits Script Injection Attacks
http://www.securitytracker.com/id/1027895
RealPlayer Buffer Overflow and Invalid Pointer Flaw Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027893
Aptdaemon Certification Validation Flaw Lets Remote Users Install PPA GPG Keys
http://www.securitytracker.com/id/1027891
SANLock Log File Insecure Permissions Weakness
http://secunia.com/advisories/51603/
Ubuntu update for aptdaemon
http://secunia.com/advisories/51627/
IBM InfoSphere BigInsights Java and Jetty Denial of Service Vulnerabilities
http://secunia.com/advisories/51586/
Ubuntu update for bogofilter
http://secunia.com/advisories/51625/
MyBB User Profile Skype ID Plugin "skype" Script Insertion Vulnerability
http://secunia.com/advisories/51612/
IBM Intelligent Operations Center Event Data Script Insertion Vulnerability
http://secunia.com/advisories/51591/
REMOTE: Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
http://www.exploit-db.com/exploits/23472
phpwcms 1.5.4.6 remote code execution exploit
http://cxsecurity.com/issue/WLB-2012120135
Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
http://cxsecurity.com/issue/WLB-2012120134
MyBB Profile Skype ID Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012120133
WordPress Rokbox 2.13 Multiple Vulns
http://cxsecurity.com/issue/WLB-2012120132
Peruvian Universities SQL Injection
http://cxsecurity.com/issue/WLB-2012120131
National Weather Service Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012120130
Element C2 & Phuse Web & Cox Web Design SQL Injection
http://cxsecurity.com/issue/WLB-2012120129
Pej Studio & Nissi Infotech & Plante Graffix Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012120128
Centrify Deployment Manager '/tmp' Insecure Temporary File Handling Vulnerability
http://www.securityfocus.com/bid/56802
Freeciv Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/41352
Linux Kernel 'binfmt_script.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55878
Perl CGI.pm 'Set-Cookie' and 'P3P' Headers HTTP Header Injection Vulnerability
http://www.securityfocus.com/bid/56562
Oracle Java SE CVE-2012-0501 Remote Stack Overflow Vulnerability
http://www.securityfocus.com/bid/52013
Jetty Hash Collision Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51199
SAP Crystal Reports Print ActiveX Control Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45387
Dell SonicWALL SonicOS Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/56976
MyBB MyTube Plugin 'mytube.php' HTML Injection Vulnerability
http://www.securityfocus.com/bid/56974
IBM Intelligent Operations Center HTML Injection Vulnerability
http://www.securityfocus.com/bid/56970
Totem '.avi' File Divide-By-Zero Denial of Service Vulnerability
http://www.securityfocus.com/bid/56968
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿