+ CESA-2012:1590 Moderate CentOS 5 libtiff Update
http://lwn.net/Alerts/529858/
+ CESA-2012:1590 Moderate CentOS 6 libtiff Update
http://lwn.net/Alerts/529875/
+ CESA-2012:1580 Moderate CentOS 6 kernel Update
http://lwn.net/Alerts/529877/
+ Multiple vulnerabilities fixed in Java 7U9
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5085
+ Multiple vulnerabilities fixed in Java 6U37
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_java
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5085
+ Zimbra Collaboration Suite Open Source Edition 8.0.2, 7.2.2 GA Release
http://files.zimbra.com/website/docs/8.0/Zimbra_OS_Release_Notes_8.0.2.pdf
http://files.zimbra.com/website/docs/7.2/Zimbra_OS_Release_Notes_7.2.2.pdf
APSB12-28 Security update available for Photoshop Camera Raw
http://www.adobe.com/support/security/bulletins/apsb12-28.html
年末年始における注意喚起
http://www.ipa.go.jp/security/topics/alert241219.html
「数独」のExcelファイルにウイルス、マクロを有効にすると感染
パソコンのシステム情報などが盗まれる
http://itpro.nikkeibp.co.jp/article/NEWS/20121220/445604/?ST=security
不正送金を自動化、被害は60億円以上――進化する「サイバー金融詐欺」
マカフィーが最新の手口を解説、「Webインジェクト」や「MITB攻撃」も猛威
http://itpro.nikkeibp.co.jp/article/NEWS/20121219/445321/?ST=security
JVNVU#90193767 Adobe Shockwave Player におけるプラグインモジュールのインストールに関する問題
http://jvn.jp/cert/JVNVU90193767/
JVNVU#93897900 Adobe Shockwave Player に旧バージョンの Flash ランタイムが同梱されている問題
http://jvn.jp/cert/JVNVU93897900/
JVNVU#91076352 Adobe Shockwave Player における Shockwave ランタイムのインストールに関する問題
http://jvn.jp/cert/JVNVU91076352/
EMC Avamar: World writable cache files
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00118.html
Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339]
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00117.html
[ MDVSA-2012:181 ] python-django
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00116.html
Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00109.html
Multiple vulnerabilities in Banana Dance
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00115.html
Firefly MediaServer Multiple Remote DoS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00114.html
Multiple SQL Injection Vulnerabilities in Elite Bulletin Board
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00113.html
Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00112.html
Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00111.html
SonicWall SonicOS 5.8.1.8 WAF - POST Inject Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-12/msg00110.html
Challenges of Anti-Phishing Advice, the Google Docs Edition
http://isc.sans.edu/diary.html?storyid=14731
IBM Tivoli Storage Manager for Space Management Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027902
IBM Tivoli Storage Manager for Space Management Lets Remote Users Access and Modify Files
http://www.securitytracker.com/id/1027901
DoS/PoC: DIMIN Viewer 5.4.0 GIF Decode Crash PoC
http://www.exploit-db.com/exploits/23496
phpwcms "preg_replace()" Arbitrary Code Execution Vulnerabilities
http://secunia.com/advisories/51588/
Quenlig "comment" Script Insertion Vulnerability
http://secunia.com/advisories/51564/
IBM Tivoli Storage Manager for Space Management Two Vulnerabilities
http://secunia.com/advisories/51623/
fail2ban Unspecified Vulnerability
http://secunia.com/advisories/51553/
MyBB Profile Xbox Live ID Plugin "xli" SQL Injection and Script Insertion Vulnerabilities
http://secunia.com/advisories/51620/
Red Hat update for JBoss Enterprise Application Platform
http://secunia.com/advisories/51607/
IronJacamar Security Domains "allow-multiple-users" Security Bypass
http://secunia.com/advisories/51550/
Zend Framework "Zend_Feed" XML Entity References Information Disclosure Vulnerability
http://secunia.com/advisories/51583/
MyBB MyTube Plugin "profile_fields[]" Script Insertion Vulnerability
http://secunia.com/advisories/51600/
Red Hat update for kernel
http://secunia.com/advisories/51613/
Red Hat update for libtiff
http://secunia.com/advisories/51582/
Oracle Solaris Apache HTTP Server LD_LIBRARY_PATH and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/51575/
Nagios history.cgi "get_history()" Buffer Overflow Vulnerability
http://secunia.com/advisories/51537/
Oracle Solaris Java Multiple Vulnerabilities
http://secunia.com/advisories/51618/
HP-UX update for BIND
http://secunia.com/advisories/51604/
Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
http://cxsecurity.com/issue/WLB-2012120146
Cerberus FTP Server <= 5.0.5.1 Multiple XSS vulnerabilities
http://cxsecurity.com/issue/WLB-2012120149
Firefly MediaServer Multiple Remote DoS Vulnerabilities
http://cxsecurity.com/issue/WLB-2012120148
Avamar backup client for Linux writable cache files
http://cxsecurity.com/issue/WLB-2012120147
Cerberus FTP Server Web Admin Multiple HTML-Injection Vulnerabilities
http://www.securityfocus.com/bid/56906
Dell SonicWALL SonicOS Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/56976
Loadbalancer Enterprise R16 Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/56979
Oracle Java SE CVE-2012-5075 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56081
Oracle Java SE CVE-2012-5081 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56071
Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/27409
Rugged Operating System Private Key Disclosure Vulnerability
http://www.securityfocus.com/bid/55123
Apache HTTP Server 'LD_LIBRARY_PATH' Insecure Library Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/53046
Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55131
Apache CXF Child Policies Security Bypass Vulnerability
http://www.securityfocus.com/bid/53880
Oracle Mojarra 'FacesContext' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/53901
Apache CXF Elements Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/53877
Apache CXF SOAP Action Spoofing Security Bypass Vulnerability
http://www.securityfocus.com/bid/55628
IronJacamar CVE-2012-3428 Security Bypass Vulnerability
http://www.securityfocus.com/bid/56981
Django 'HttpRequest.get_host()' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56146
Linux Kernel CVE-2012-5517 NULL Pointer Dereference Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56527
Linux Kernel IPv6 CVE-2012-4444 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56891
Linux Kernel 'tcp_illinois_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/56346
Linux Kernel NFS Client 'decode_getacl()' Incomplete Fix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53615
Linux Kernel EXT4 'ext4_fill_flex_info()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53414
Samsung SmartPhones Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56955
LibTIFF 't2p_read_tiff_init()' Function Heap-based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54601
LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56715
LibTIFF 'TIFFScanlineSize()' Function Heap-based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56372
LibTIFF TIFF Image Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55673
ownCloud Multiple Cross Site Scripting and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/56658
FFmpeg Multiple Unspecified Vulnerabilities
http://www.securityfocus.com/bid/55355
Opera Web Browser Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56788
Apache Tomcat CVE-2012-4431 Cross-Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/56814
Apache Tomcat CVE-2012-4534 Denial of Service Vulnerability
http://www.securityfocus.com/bid/56813
Apache Tomcat CVE-2012-2733 Denial of Service Vulnerability
http://www.securityfocus.com/bid/56402
Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
http://www.securityfocus.com/bid/56812
Apache Tomcat DIGEST Authentication Multiple Security Weaknesses
http://www.securityfocus.com/bid/56403
rssh CVE-2012-3478 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53430
rssh Command Line Filtering Multiple Remote Arbitrary Command Execution Vulnerabilities
http://www.securityfocus.com/bid/56708
Oracle Java SE CVE-2012-5085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56067
Oracle Java SE CVE-2012-5079 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/56082
Oracle Java SE CVE-2012-5089 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56059
Oracle Java SE CVE-2012-5073 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56080
Oracle Java SE CVE-2012-5083 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56025
Oracle Java SE CVE-2012-5071 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56061
Oracle Java SE CVE-2012-5069 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56065
Oracle Java SE CVE-2012-1533 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56046
Oracle Java Virtual Machine (JVM) CVE-2012-4416 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/55501
Oracle Java SE CVE-2012-5084 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56063
Oracle Java SE CVE-2012-5077 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56058
Oracle Java SE CVE-2012-3216 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56075
Oracle Java SE CVE-2012-1531 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56033
Oracle Java SE CVE-2012-3143 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56055
Oracle Java SE CVE-2012-3159 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56072
Oracle Java SE CVE-2012-5068 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56076
Oracle Java SE CVE-2012-1532 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56051
Oracle Java SE CVE-2012-5072 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56083
Oracle Java SE CVE-2012-5067 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56070
Oracle Java SE CVE-2012-5087 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56043
Oracle Java SE CVE-2012-5076 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56054
Oracle Java SE CVE-2012-5074 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56056
Oracle Java SE CVE-2012-5070 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56079
Oracle Java SE CVE-2012-5088 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/56057
Nagios Core 'get_history()' Function Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56879
ISC BIND CVE-2012-1033 Security Bypass Vulnerability
http://www.securityfocus.com/bid/51898
Linux Kernel dl2k Network Driver IOCTL Handling Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53965
Advantech Studio ISSymbol ActiveX Control Multiple Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/47596
Drupal Context Module Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56997
Joomla! Bit Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/56995
Joomla! ZT Autolinks Component 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/56994
Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities
http://www.securityfocus.com/bid/56993
Free Hosting Manager Unspecified HTML Injection Vulnerability
http://www.securityfocus.com/bid/56991
Carlo Gavazzi EOS-BOX Security Bypass and SQL Injection Vulnerability
http://www.securityfocus.com/bid/56989
WordPress Multiple CMSMasters Themes 'upload.php' Arbitrary File Upload Vulnerability
http://www.securityfocus.com/bid/56988
Quenlig 'comment' Parameter HTML Injection Vulnerability
http://www.securityfocus.com/bid/56986
Opera Web Browser Repeated Attempts Site Access Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/56984
Zend Framework 'Zend_Feed' Component Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/56982
Opera Web Browser Prior to 12.12 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56980
MyBB Profile Xbox Live ID Plugin HTML Injection Vulnerability
http://www.securityfocus.com/bid/56978
MyBB MyYoutube Plugin HTML Injection Vulnerability
http://www.securityfocus.com/bid/56977
0 件のコメント:
コメントを投稿