+ CESA-2013:0144 Critical CentOS 6 xulrunner Update
http://lwn.net/Alerts/532106/
+ CESA-2013:0145 Critical CentOS 6 thunderbird Update
http://lwn.net/Alerts/532107/
+ CESA-2013:0144 Critical CentOS 6 firefox Update
http://lwn.net/Alerts/532109/
+ Squid 3.2.6 released
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html
+ Cisco Prime LAN Management Solution Command Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms
+ Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone
+ PSN-2013-01-809 2013-01: Routing and Switching: Security Advisories Released
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-01-809&viewMode=view
+ PSN-2013-01-808 2013-01 Security Bulletin: Junos: PIM (S,G) join flood can trigger RPD crash
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-01-808&viewMode=view
+ PSN-2013-01-807 2013-01 Security Bulletin: Junos: J-Web (Appweb) heap overflow vulnerability related to URL encoding
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-01-807&viewMode=view
+ Urgent from Sybase: Security vulnerabilities in Adaptive Server Enterprise (ASE)
http://www.sybase.com/detail?id=1099305
+ Ruby on Rails CVE-2013-0156 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57187
+ Xen 'set_msi_source_id()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57223
Trend Micro Deep Discovery Inspector 3.2 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1877
VMwareの仮想OS上でクローン処理を実施した際BOMが正常に動作しない場合がある
http://www.say-tech.co.jp/support/vmwareosbom/index.shtml
Adobe Reader および Acrobat の脆弱性対策について
(APSB13-02)(CVE-2012-1530等)
http://www.ipa.go.jp/security/ciadr/vul/20130109-adobereader.html
Adobe Flash Player の脆弱性対策について
(APSB13-01)(CVE-2013-0630)
http://www.ipa.go.jp/security/ciadr/vul/20130109-adobeflashplayer.html
WindowsやOfficeに脆弱性、Office 2007 SP2用パッチは今回が最後
「緊急」のセキュリティ情報が2件、Office 2007ユーザーはSP3の適用を
http://itpro.nikkeibp.co.jp/article/NEWS/20130110/448642/?ST=security
Androidのトーストを悪用したタップジャッキング
http://itpro.nikkeibp.co.jp/article/COLUMN/20130109/448466/?ST=security
NHN Japan、セキュリティ対策アプリ「LINE アンチウィルス」を無料で提供
http://itpro.nikkeibp.co.jp/article/NEWS/20130109/448601/?ST=security
「標的型攻撃やスマホ利用が広がるもセキュリティ人材/投資は不足」、NRIセキュア調査
http://itpro.nikkeibp.co.jp/article/NEWS/20130109/448529/?ST=security
【京都大学】認証基盤を整備し、セキュリティと利便性を両立
電子マネーから重要システム利用制限までICカード1枚で賄う
http://itpro.nikkeibp.co.jp/article/NEWS/20130109/448387/?ST=security
JVNTA13-008A Microsoft 製品における複数の脆弱性に対するアップデート
http://jvn.jp/cert/JVNTA13-008A/
JVNVU#94771138 Ruby on Rails に複数の脆弱性
http://jvn.jp/cert/JVNVU94771138/
JVN#74829345 Android OS を搭載した複数の端末におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/jp/JVN74829345/
[SECURITY] [DSA 2604-1] rails security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00039.html
[SECURITY] [DSA 2603-1] emacs23 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00038.html
Remote Buffer Overflow Vulnerability in Samsung Kies
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00035.html
Nero MediaHome Multiple Remote DoS Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00036.html
Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00034.html
Cisco Security Advisory: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerabil
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00032.html
[ MDVSA-2013:003 ] rootcerts
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00037.html
Cisco Security Advisory: Cisco Prime LAN Management Solution Command Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00031.html
[ MDVSA-2013:002 ] firefox
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00033.html
US-CERT Alert TA13-008A - Microsoft Updates for Multiple Vulnerabilities
http://www.derkeiler.com/Mailing-Lists/Cert/2013-01/msg00000.html
Cisco Unified IP Phone System Call Validation Flaw Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1027964
Cisco Prime LAN Management Solution Virtual Appliance Lets Remote Users Execute Commands With Root Privileges
http://www.securitytracker.com/id/1027963
Ruby on Rails Input Validation Flaw in Action Pack Parameter Parsing Lets Remote Users Bypass Authentication, Inject SQL Commands, Execute Arbitrary Code, and Deny Service
http://www.securitytracker.com/id/1027961
Ruby on Rails Active Record Bug Lets Remote Users Generate Unsafe Queries
http://www.securitytracker.com/id/1027960
Mozilla Seamonkey Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof URLs, and Bypass Same-Origin Policy
http://www.securitytracker.com/id/1027958
Mozilla Thunderbird Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof URLs, and Bypass Same-Origin Policy
http://www.securitytracker.com/id/1027957
Mozilla Firefox Multiple Bugs Let Remote Users Execute Arbitrary Code, Spoof URLs, and Bypass Same-Origin Policy
http://www.securitytracker.com/id/1027955
JBoss Input Validation Flaw in GateIn Portal Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027954
Foxit Reader Browser Plugin URL Processing Buffer Overflow Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027953
VU#950172 Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability
http://www.kb.cert.org/vuls/id/950172
VU#990652 BigAnt IM Message server and components contain multiple vulnerabilities
http://www.kb.cert.org/vuls/id/990652
SQL Injection Flaw in Ruby on Rails
https://isc.sans.edu/diary.html?storyid=14866
The 80's called - They Want Their Mainframe Back!
https://isc.sans.edu/diary.html?storyid=14869
Hotmail seeing some temporary access issues
https://isc.sans.edu/diary.html?storyid=14872
Firefox and Thunderbird Updates
https://isc.sans.edu/diary.html?storyid=14875
New Format for Monthly Threat Update
https://isc.sans.edu/diary.html?storyid=14884
LOCAL: Inmatrix Ltd. Zoom Player 8.5 Crafted JPEG File Exploit
http://www.exploit-db.com/exploits/23996
WordPress Zingiri Forum Plugin "url" Arbitrary File Disclosure Vulnerability
http://secunia.com/advisories/50833/
Call of Duty Elite for iOS Certificate Verification Security Issue
http://secunia.com/advisories/51366/
Dell OpenManage Server Administrator "topic" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51764/
WordPress Store Locator Plus Plugin "query" SQL Injection Vulnerability
http://secunia.com/advisories/51757/
WordPress Browser Rejector Plugin "wppath" Remote File Inclusion Vulnerability
http://secunia.com/advisories/51739/
Red Hat update for flash-plugin
http://secunia.com/advisories/51792/
Ruby on Rails XML Parameter Parsing Vulnerability
http://secunia.com/advisories/51753/
MotoCMS Username and Password Hash Information Disclosure Security Issue
http://secunia.com/advisories/51760/
Xen VT-d Interrupt Handling Denial of Service Vulnerability
http://secunia.com/advisories/51734/
Red Hat update for thunderbird
http://secunia.com/advisories/51790/
Red Hat update for firefox
http://secunia.com/advisories/51788/
Gentoo update for dokuwiki
http://secunia.com/advisories/51781/
Gentoo update for dhcp
http://secunia.com/advisories/51784/
Ubuntu update for thunderbird
http://secunia.com/advisories/51754/
Gentoo update for tor
http://secunia.com/advisories/51782/
Debian update for zendframework
http://secunia.com/advisories/51735/
Gentoo update for dhcpcd
http://secunia.com/advisories/51783/
Gentoo update for bzip2
http://secunia.com/advisories/51785/
Gentoo update for haproxy
http://secunia.com/advisories/51786/
Proficy HMI/SCADA - CIMPLICITY Web Server Integer Overflow Vulnerability
http://secunia.com/advisories/51789/
Ubuntu update for firefox
http://secunia.com/advisories/51770/
EMC NetWorker nsrindexd RPC Service Buffer Overflow Vulnerability
http://secunia.com/advisories/51801/
WordPress WP SlimStat Plugin "s" Script Insertion Vulnerability
http://secunia.com/advisories/51721/
HP-UX update for xfs
http://secunia.com/advisories/51799/
Adobe Reader / Acrobat Multiple Vulnerabilities
http://secunia.com/advisories/51791/
Mozilla Firefox / Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/51787/
Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities
http://secunia.com/advisories/51752/
TinyBrowser Multiple vulnerabilities
http://cxsecurity.com/issue/WLB-2013010077
Inmatrix Ltd. Zoom Player Crafted JPEG Arbitrary Code Execution Exploit
http://cxsecurity.com/issue/WLB-2013010076
GetSimple 3.1.2 cookie() code execution
http://cxsecurity.com/issue/WLB-2013010044
Free Blog 1.0 Multiple Vulnerability
http://cxsecurity.com/issue/WLB-2013010075
Websitebaker Add-on Concert Calendar 2.1.4 XSS & SQLi vulnerability
http://cxsecurity.com/issue/WLB-2013010074
Joomla Incapsula Component <= 1.4.6_b Reflected Cross-Site Scripting
http://cxsecurity.com/issue/WLB-2013010070
Ecomtrade cms SQL Injection
http://cxsecurity.com/issue/WLB-2013010073
MotoCMS <=1.3.3 Password File disclosure & Code/Command execution
http://cxsecurity.com/issue/WLB-2013010072
Action Pack DoS & SQL Injection & Code Execution
http://cxsecurity.com/issue/WLB-2013010071
Ruby on Rails CVE-2013-0156 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57187
GNU Emacs 'enable-local-variables' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/54969
Google Chrome Prior to 23.0.1271.64 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56413
Cisco Unified IP Phone 7900 Series CVE-2012-5445 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57090
phpCAS 'cURL' API Security Bypass Vulnerability
http://www.securityfocus.com/bid/56680
GE Proficy HMI/SCADA CIMPLICITY Denial of Service Vulnerability
http://www.securityfocus.com/bid/57188
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0762 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57193
Adobe Shockwave Player CVE-2012-0759 Remote Memory Corruption Vulnerability
http://www.securityfocus.com/bid/52006
IBM Cognos TM1 Admin Server Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52847
Adobe Flash Player and AIR CVE-2013-0630 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57184
WordPress Google Doc Embedder Plugin Arbitrary File Disclosure Vulnerability
http://www.securityfocus.com/bid/57133
Dokuwiki 'url' HTML Injection Vulnerability
http://www.securityfocus.com/bid/48364
Dokuwiki 'index.php' Path Disclosure Vulnerability
http://www.securityfocus.com/bid/56328
DokuWiki 'ns' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/54439
DokuWiki 'ajax.php' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/37820
DokuWiki File Enumeration Information Disclosure Vulnerability
http://www.securityfocus.com/bid/37821
bzip2 'BZ2_decompress' Function Integer Overflow Vulnerability
http://www.securityfocus.com/bid/43331
ISC DHCP Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/54665
ISC DHCP 'dhclient' Shell Characters in Response Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/47176
ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55530
ISC DHCP Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/49120
ISC DHCP Server DHCPv6 NULL Pointer Dereference Denial Of Service Vulnerability
http://www.securityfocus.com/bid/51408
ISC DHCP Regular Expressions Denial of Service Vulnerability
http://www.securityfocus.com/bid/50971
Centrify Deployment Manager CVE-2012-6348 Insecure Temporary File Handling Vulnerability
http://www.securityfocus.com/bid/56802
dhcpcd 'hostname' Remote Arbitrary Shell Command Injection Vulnerability
http://www.securityfocus.com/bid/47272
HAProxy Trash Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/53647
Apache Tomcat CVE-2012-3546 Security Bypass Vulnerability
http://www.securityfocus.com/bid/56812
Advantech WebAccess HMI/SCADA Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57227
Zoom Player JPEG File Processing Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57226
Call of Duty Elite for iOS CVE-2012-4918 SSL Certificate Validation Spoofing Vulnerability
http://www.securityfocus.com/bid/57225
WordPress Forums Plugin 'url' Parameter Arbitrary File Disclosure Vulnerability
http://www.securityfocus.com/bid/57224
Xen 'set_msi_source_id()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57223
WordPress Store Locator Plus Plugin 'query' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/57222
Cisco Prime LAN Management Solution Virtual Appliance Remote Command Execution Vulnerability
http://www.securityfocus.com/bid/57221
Wordpress Browser Rejector Plugin 'wppath' Parameter Remote File Include Vulnerability
http://www.securityfocus.com/bid/57220
BigAnt IM Server Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57214
Dell OpenManage Server Administrator CVE-2012-6272 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57212
Joomla! JEvents Component SQL Injection Vulnerability
http://www.securityfocus.com/bid/57208
Red Hat Security Advisory RHSA-2012:0103 for SquirrelMail Denial of Service Vulnerability
http://www.securityfocus.com/bid/57201
0 件のコメント:
コメントを投稿