2013年1月15日火曜日
15日 火曜日、先負
+ マイクロソフト セキュリティ情報の事前通知 - 2013 年 1 月 (定例外)
http://technet.microsoft.com/ja-jp/security/bulletin/ms13-jan
+ UPDATE: APSA13-01 Security Advisory for ColdFusion
http://www.adobe.com/support/security/advisories/apsa13-01.html
+ PDFCreator 1.6.2 released
http://download.pdfforge.org/download/pdfcreator/PDFCreator-stable
+ Courier-IMAP 4.12.0 released
http://www.courier-mta.org/download.php#imap
+ J2SE JDK/JRE 1.7.0_11 released
http://www.oracle.com/technetwork/java/javase/7u11-relnotes-1896856.html
+ Linux kernel 3.7.2, 3.4.25, 3.0.58 released
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.7.2
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.25
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.0.58
+ Microsoft Lync 'User-Agent' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57300
+ Apache Axis2/C SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/57267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6107
Check Point response to OpenSSH CBC Mode Information Disclosure Vulnerability (CVE-2008-5161)
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk36343&src=securityAlerts
Mitigating the BEAST attack in R75.40VS
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk74100&src=securityAlerts
Check Point response to CVE-2011-3389 aka BEAST attack
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk86440&src=securityAlerts
定期サーバメンテナンスのお知らせ(2013年1月18日)
http://www.trendmicro.co.jp/support/news.asp?id=1885
チェックしておきたい脆弱性情報<2013.01.15>
http://itpro.nikkeibp.co.jp/article/COLUMN/20130109/448527/?ST=security
パスワード運用はもう限界
http://itpro.nikkeibp.co.jp/article/COLUMN/20121227/447063/?ST=security
標的型攻撃対策「FFR yarai」に英語版、海外拠点の導入を容易に
http://itpro.nikkeibp.co.jp/article/NEWS/20130111/449006/?ST=security
JVNTA13-010A Oracle Java 7 に脆弱性
http://jvn.jp/cert/JVNTA13-010A/
[IA34] Serva v2.0.0 HTTP Server GET Remote Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00059.html
[IA33] Serva v2.0.0 DNS Server Remote Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00058.html
Updated - CA20121018-01: Security Notice for CA ARCserve Backup
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00057.html
CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00056.html
CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00055.html
CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00054.html
[SECURITY] [DSA 2605-1] asterisk security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00053.html
[SECURITY] [DSA 2606-1] proftpd-dfsg security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00052.html
Arbitrary File Upload and Code Execution in Accusoft Prizm Content Connect
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00051.html
[security bulletin] HPSBMU02838 SSRT100789 rev.1 - HP Serviceguard on Linux, Remote Denial of Service (DoS)
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00049.html
US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability
http://www.derkeiler.com/Mailing-Lists/Cert/2013-01/msg00001.html
[SE-2012-01] Fix for Issue 32 exploited by new Java 0-day code
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-01/msg00048.html
JVNDB-2012-005209 複数のアップル製品における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005209.html
JVNDB-2012-005210 Apple iOS および Apple TV における ASLR 保護メカニズムを回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005210.html
JVNDB-2013-001055 Adobe Reader および Acrobat におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001055.html
JVNDB-2013-001054 Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001054.html
JVNDB-2013-001053 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001053.html
JVNDB-2013-001052 Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001052.html
JVNDB-2013-001051 Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001051.html
JVNDB-2013-001050 Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001050.html
JVNDB-2013-001049 Adobe Reader および Acrobat におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001049.html
JVNDB-2013-001048 Adobe Reader および Acrobat における権限を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001048.html
JVNDB-2013-001047 Adobe Reader および Acrobat におけるヒープベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001047.html
JVNDB-2013-001046 Adobe Reader および Acrobat におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001046.html
JVNDB-2013-001045 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001045.html
JVNDB-2013-001044 Adobe Reader および Acrobat における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001044.html
JVNDB-2013-001043 Adobe Reader および Acrobat におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001043.html
JVNDB-2013-001042 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001042.html
JVNDB-2013-001041 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001041.html
JVNDB-2013-001040 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001040.html
JVNDB-2013-001039 Adobe Reader および Acrobat におけるアクセス制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001039.html
JVNDB-2013-001038 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001038.html
JVNDB-2013-001037 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001037.html
JVNDB-2013-001036 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001036.html
JVNDB-2013-001035 Adobe Reader および Acrobat におけるスタックベースのバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001035.html
JVNDB-2013-001034 Adobe Reader および Acrobat における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001034.html
JVNDB-2013-001033 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001033.html
JVNDB-2013-001032 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001032.html
JVNDB-2013-001031 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001031.html
JVNDB-2013-001030 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001030.html
JVNDB-2013-001029 Adobe Reader および Acrobat における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001029.html
JVNDB-2013-001028 (JVNVU#97486520) Dell OpenManage Server Administrator にクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001028.html
JVNDB-2013-001027 (JVNTA13-010A) Oracle Java 7 に脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001027.html
JVNDB-2013-001026 (JVNTA13-008A) Microsoft Windows の SSL プロバイダコンポーネントにおける SSLv2 ダウングレード攻撃を実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001026.html
JVNDB-2013-001025 (JVNTA13-008A) Microsoft Windows Server 2008 R2 および Windows 7 における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001025.html
JVNDB-2013-001024 (JVNTA13-008A) Microsoft System Center Operations Manager におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001024.html
JVNDB-2013-001023 (JVNTA13-008A) Microsoft System Center Operations Manager におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001023.html
JVNDB-2013-001022 (JVNTA13-008A) Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001022.html
JVNDB-2013-001021 (JVNTA13-008A) Microsoft XML コアサービスにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001021.html
JVNDB-2013-001020 (JVNTA13-008A) Microsoft XML コアサービスにおける任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001020.html
JVNDB-2013-001019 (JVNVU#94771138) Ruby on Rails に複数の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001019.html
JVNDB-2013-001018 (JVNTA13-008A) Microsoft .NET Framework および Windows Server 2012 におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001018.html
JVNDB-2013-001017 (JVNTA13-008A) Microsoft .NET Framework における権限昇格の脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001017.html
JVNDB-2013-001016 (JVNTA13-008A) Microsoft .NET Framework の S.DS.P 名前空間メソッドにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001016.html
JVNDB-2013-001015 (JVNTA13-008A) Microsoft .NET Framework の Windows Forms コンポーネントにおけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001015.html
JVNDB-2013-001014 (JVNTA13-008A) Microsoft .NET Framework の Windows Forms コンポーネントにおける重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001014.html
JVNDB-2013-001013 Adobe ColdFusion における重要な情報を取得される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001013.html
JVNDB-2013-001012 Adobe ColdFusion における制限されたディレクトリにアクセスされる脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001012.html
JVNDB-2013-001011 Adobe ColdFusion における認証を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001011.html
January 2013 Microsoft Out of Cycle Patch
https://isc.sans.edu/diary.html?storyid=14941
Sysinternals Updates
https://isc.sans.edu/diary.html?storyid=14926
Java 0-Day patched as Java 7 U 11 released
https://isc.sans.edu/diary.html?storyid=14932
Java 0-day impact to Java 6 (and beyond?)
https://isc.sans.edu/diary.html?storyid=14917
Oracle Patch Tuesday Pre-Release
https://isc.sans.edu/diary.html?storyid=14920
You encrypt your laptops, but what about portable media?
https://isc.sans.edu/diary.html?storyid=14923
I'll have PDF with another slice of PDF please.
https://isc.sans.edu/diary.html?storyid=14911
Chrome Updated V24
https://isc.sans.edu/diary.html?storyid=14914
VU#185100 TP-LINK TL-WR841N wireless router local file inclusion vulnerability
http://www.kb.cert.org/vuls/id/185100
Citrix CloudPlatform Logs Potentially Sensitive Information in the Log File
http://www.securitytracker.com/id/1027978
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027977
Dock Menu FX (DockMenuFX.swf) Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010125
Apache CouchDB JSONP arbitrary code execution with Adobe Flash
http://cxsecurity.com/issue/WLB-2013010124
Apache CouchDB Information disclosure (Windows)
http://cxsecurity.com/issue/WLB-2013010123
Apache CouchDB DOM based Cross-Site Scripting via Futon UI
http://cxsecurity.com/issue/WLB-2013010122
WordPress theme Daily Edition Mouss Multiple vulnerabilities
http://cxsecurity.com/issue/WLB-2013010121
phpshop 2.0 SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010120
IMAGE & SUBSTANCE Cms SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010119
Roman Design Cms SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010118
assessoria web Cms SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010117
Simple1 Cms SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010116
Gegweb SQL Injection
http://cxsecurity.com/issue/WLB-2013010115
phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabilities
http://cxsecurity.com/issue/WLB-2013010114
phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability
http://cxsecurity.com/issue/WLB-2013010113
Nagios history.cgi Remote Command Execution
http://cxsecurity.com/issue/WLB-2013010112
Apache Axis2/c SSL/TLS Hostname validation
http://cxsecurity.com/issue/WLB-2013010111
WordPress Floating Tweets 1.0.1 XSS and Directory Traversal
http://cxsecurity.com/issue/WLB-2013010110
Microsoft Lync Server 2010 Remote Code Execution/XSS User Agent Header
http://cxsecurity.com/issue/WLB-2013010107
Dedalus SQL Injection
http://cxsecurity.com/issue/WLB-2013010109
Naycom CMS SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010108
ayesha silva CMS SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010106
Avalon IT Services CMS SQL Injection Vulnerability
http://cxsecurity.com/issue/WLB-2013010105
Wordpress Age Verification Plugin <= 0.4 Open Redirect
http://cxsecurity.com/issue/WLB-2012010079
Pragyan CMS v 3.0 Remote File Disclosure
http://cxsecurity.com/issue/WLB-2012010078
Java SE 5/6/7 critical security issue
http://cxsecurity.com/issue/WLB-2012090223
Lecteur multimedia VLC 2.0.3 Twoflower (.ape) Crash Poc
http://cxsecurity.com/issue/WLB-2013010104
Apache CloudStack information disclosure vulnerability
http://cxsecurity.com/issue/WLB-2013010103
Ruby On Rails XML Processor YAML Deserialization Code Execution
http://cxsecurity.com/issue/WLB-2013010096
Java Applet JMX Remote Code Execution
http://cxsecurity.com/issue/WLB-2013010098
Cisco Linksys Remote Preauth Remote Root
http://cxsecurity.com/issue/WLB-2013010102
Internet Explorer 8 Heap Overflow
http://cxsecurity.com/issue/WLB-2013010101
BS.AM Business Solutions CMS remote add admin exploit
http://cxsecurity.com/issue/WLB-2013010100
HMTS SQL Injection
http://cxsecurity.com/issue/WLB-2013010099
Microsoft .NET Framework Privilege Escalation
http://cxsecurity.com/issue/WLB-2013010097
Hero Framework 3.76 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010095
PHP Lite Admin 1.9.3 Code Injection
http://cxsecurity.com/issue/WLB-2013010094
OrangeHRM 2.7.1 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2013010093
Cryptzone & McAfee Bypass Code Execution
http://cxsecurity.com/issue/WLB-2013010092
WordPress WP Photo Album Plus Plugin "wppa-tag" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51829/
Icinga history.cgi "show_history()" Buffer Overflow Vulnerability
http://secunia.com/advisories/51863/
BlackBerry Tablet OS Adobe Flash Player and Samba Multiple Vulnerabilities
http://secunia.com/advisories/51830/
IBM System Storage TS3310 Tape Library OpenSSL Denial of Service Vulnerability
http://secunia.com/advisories/51851/
CoDeSys Authentication Bypass and Directory Traversal Vulnerabilities
http://secunia.com/advisories/51847/
Debian update for proftpd-dfsg
http://secunia.com/advisories/51823/
Debian update for asterisk
http://secunia.com/advisories/51822/
Siemens SIMATIC RF Manager ActiveX Control Buffer Overflow Vulnerability
http://secunia.com/advisories/51845/
Avaya CMS Oracle Solaris Multiple Vulnerabilities
http://secunia.com/advisories/51857/
Citrix CloudPlatform Log File Multiple Information Disclosure Weaknesses
http://secunia.com/advisories/51827/
Apache CloudStack Log File Multiple Information Disclosure Weaknesses
http://secunia.com/advisories/51821/
Ruby multi_xml Gem XML Parameter Parsing Vulnerability
http://secunia.com/advisories/51808/
WeBid "total" and "cart_order_id" SQL Injection Vulnerabilities
http://secunia.com/advisories/51797/
DotNetNuke Information Disclosure and Denial of Service Vulnerabilities
http://secunia.com/advisories/51839/
TYPO3 T3 jQuery Extension "unserialize()" Arbitrary PHP Code Execution Vulnerability
http://secunia.com/advisories/51835/
Nero MediaHome HTTP Request Processing Two Vulnerabilities
http://secunia.com/advisories/51767/
Red Hat update for Ruby on Rails
http://secunia.com/advisories/51831/
TYPO3 Static Methods since 2007 Extension Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51836/
Red Hat update for Ruby on Rails
http://secunia.com/advisories/51795/
phpCAS Certificate Verification Security Issue
http://secunia.com/advisories/51818/
Joomla! Incapsula Component "token" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51759/
Quick.Cms admin.php URL Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51769/
Quick.Cart admin.php URL Cross-Site Scripting Vulnerability
http://secunia.com/advisories/51813/
Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/51825/
REMOTE: Nagios history.cgi Remote Command Execution Vulnerability
http://www.exploit-db.com/exploits/24084
DoS/PoC: Serva v2.0.0 DNS Server QueryName Remote Denial of Service Vulnerability
http://www.exploit-db.com/exploits/24110
DoS/PoC: Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability
http://www.exploit-db.com/exploits/24111
Microsoft Internet Explorer 'CDwnBindInfo' Use-After-Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57070
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0771 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57198
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0746 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57238
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0744 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57218
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0759 Address Bar URI Spoofing Vulnerability
http://www.securityfocus.com/bid/57228
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0758 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57232
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0748 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57234
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0762 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57193
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0767 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57195
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0754 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57217
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0743 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57258
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0750 Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57235
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0753 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57209
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0769 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57203
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0766 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57194
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0763 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57197
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0764 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57211
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0760 Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57199
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0756 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57215
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0768 Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57204
Mozilla Firefox and SeaMonkey CVE-2013-0751 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57260
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0757 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57236
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0752 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57241
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0761 Use After Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57196
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0747 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57240
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0745 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57244
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0749 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57205
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0770 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57207
phpCAS 'cURL' API Security Bypass Vulnerability
http://www.securityfocus.com/bid/56680
Google Chrome Prior to 23.0.1271.91 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56684
Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56769
Google Chrome Prior to 22.0.1229.94 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55867
Django Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/54742
ELinks CVE-2012-4545 Security Bypass Vulnerability
http://www.securityfocus.com/bid/57065
Drupal Core Access Bypass and Arbitrary PHP Code Execution Vulnerabilities
http://www.securityfocus.com/bid/56993
Qt 'QSslSocket::sslErrors()' Certificate Validation Security Weakness
http://www.securityfocus.com/bid/57162
GnuPG CVE-2012-6085 Multiple Remote Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/57102
Freeciv Multiple Remote Denial Of Service Vulnerabilities
http://www.securityfocus.com/bid/41352
librdmacm 'ib_acm' Service Port Connection Security Vulnerability
http://www.securityfocus.com/bid/55896
bogofilter CVE-2012-5468 Heap Memory Corruption Vulnerability
http://www.securityfocus.com/bid/56804
Snack Sound Toolkit 'GetWavHeader()' Function Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54419
djbdns dnscache SOA Requests Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/33818
LibTIFF 'TIFFScanlineSize()' Function Heap-based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56372
LibTIFF TIFF Image Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55673
LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56715
LibTIFF 't2p_read_tiff_init()' Function Heap-based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54601
libproxy 'print_proxies()' Function Format String Vulnerability
http://www.securityfocus.com/bid/56712
CUPS CVE-2012-5519 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/56494
rssh Command Line Filtering Multiple Remote Arbitrary Command Execution Vulnerabilities
http://www.securityfocus.com/bid/56708
rssh CVE-2012-3478 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53430
Fail2ban CVE-2012-5642 Arbitrary Log Content Injection Vulnerability
http://www.securityfocus.com/bid/56963
Oracle Java Runtime Environment CVE-2013-0422 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57246
OpenStack Nova CVE-2012-5625 Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/56904
Google Chrome Prior to 23.0.1271.64 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/56413
CoDeSys Access Security Bypass Vulnerability
http://www.securityfocus.com/bid/52942
CoDeSys CVE-2012-6069 Directory Traversal Vulnerability
http://www.securityfocus.com/bid/56300
Wireshark Buffer Underflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/51710
Wireshark Versions Prior to 1.4.7/1.2.17 Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/48066
Wireshark ERF File Parser Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50486
Wireshark ANSI A MAP Files Denial of Service Vulnerability
http://www.securityfocus.com/bid/49071
Wireshark Versions Prior to 1.8.2 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/55035
Wireshark Buffer Overflow and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/51368
Net-SNMP SNMP GET Request Denial of Service Vulnerability
http://www.securityfocus.com/bid/53255
PostgreSQL Multiple Privilege Escalation and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/27163
gdk-pixbuf 'read_bitmap_file_data()' Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/53548
FreeRADIUS Multiple Stack Based Buffer Overflow Vulnerabilities
http://www.securityfocus.com/bid/55483
OpenIPMI 'ipmievd' Daemon PID Files Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/51036
Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55131
Apache 'mod_negotiation' HTML Injection and HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/27409
libvirt CVE-2012-2693 Multiple Local Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/54126
Neon 'ne_xml*' expat XML Parsing Denial of Service Vulnerability
http://www.securityfocus.com/bid/36080
HP Linux Imaging and Printing System SNMP Protocol Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/45833
HP Linux Imaging and Printing Insecure Temporary File Creation Vulnerability
http://www.securityfocus.com/bid/48892
Red Hat autofs utility Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57183
Linux DiskQuota 'hosts_ctl()' Security Bypass Vulnerability
http://www.securityfocus.com/bid/55066
SquirrelMail Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/42399
Ruby '#to_s' Method Incomplete Fix Security Bypass Vulnerability
http://www.securityfocus.com/bid/55813
Ruby CVE-2012-4522 Local File Creation Vulnerability
http://www.securityfocus.com/bid/56115
MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/55715
MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/37075
ProFTPD Race Condition Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57172
Multiple Asterisk Products CVE-2012-5976 Stack Overflow Denial of Service Vulnerability
http://www.securityfocus.com/bid/57106
Multiple Asterisk Products CVE-2012-5977 Denial of Service Vulnerability
http://www.securityfocus.com/bid/57105
Nagios Core 'get_history()' Function Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/56879
SpecView Web Server Directory Traversal Vulnerability
http://www.securityfocus.com/bid/54243
Rockwell Automation ControlLogix CVE-2012-6441 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57307
phlyMail Lite 'config.php' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/57304
Oracle Java Runtime Environment CVE-2012-3174 Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57312
phlyMail Lite 'go' Parameter Open Redirection Vulnerability
http://www.securityfocus.com/bid/57303
WordPress Floating Tweets Plugin Directory Traversal and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/57302
BackupPC 'RestoreFile.pm' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57301
Oracle January 2013 Critical Patch Update Multiple Vulnerabilities
http://www.securityfocus.com/bid/57299
RETIRED: Adobe Acrobat and Reader APSB13-02 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57155
RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2013-01 through -20 Multiple Vulnerabilities
http://www.securityfocus.com/bid/57185
Adobe Acrobat and Reader CVE-2013-0613 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/57287
Adobe Acrobat and Reader CVE-2013-0609 Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/57286
Apache CloudStack CVE-2012-5616 Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57259
WeBid 'validate.php' Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/57250
Ruby on Rails CVE-2013-0156 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/57187
Drupal Subuser Module Cross Site Request Forgery and Access Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/54673
KnFTPd 'FEAT' Command Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/52805
Simple Machines Forum 'scheduled' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52822
IrfanView Bitmap File Remote Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52806
Quest InTrust 'AnnotateX.dll' Uninitialized Pointer Code Execution Vulnerability
http://www.securityfocus.com/bid/52765
PTK Cross Site Scripting and Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/52817
Quest InTrust 'ArDoc.dll' Multiple Insecure Method Vulnerabilities
http://www.securityfocus.com/bid/52773
WordPress Integrator 'redirect_to' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52739
IBM Tivoli Endpoint Manager 'ScheduleParam' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52514
WonderDesk SQL Cross Site Scripting and Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52193
TYPO3 Basic SEO Extension Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/52772
PicoPublisher 'id' parameter Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/52808
B2Evolution CMS SQL Injection and Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52783
twicca Unspecified Security Bypass Vulnerability
http://www.securityfocus.com/bid/52442
Seditio 'forums.php' Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52802
iRODS Multiple Unspecified Security Vulnerabilities
http://www.securityfocus.com/bid/52827
FriBidi Python binding (pyfribidi) Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/52451
MyBB 'index.php' SQL Injection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/52743
SnackAmp '.aiff' File Denial of Service Vulnerability
http://www.securityfocus.com/bid/52842
TomatoCart 'json.php' Local File Include Vulnerability
http://www.securityfocus.com/bid/52766
GreenBrowser Cross Site Scripting and HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/52767
Microsoft Internet Explorer CVE-2012-1876 Col Element Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/53848
Rockwell Automation ControlLogix CVE-2012-6436 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57311
Rockwell Automation ControlLogix CVE-2012-6438 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57310
Rockwell Automation ControlLogix CVE-2012-6442 Denial of Service Vulnerability
http://www.securityfocus.com/bid/57309
Rockwell Automation ControlLogix CVE-2012-6439 Denial of Service Vulnerability
http://www.securityfocus.com/bid/57308
Rockwell Automation ControlLogix CVE-2012-6435 Denial of Service Vulnerability
http://www.securityfocus.com/bid/57306
Microsoft Lync 'User-Agent' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57300
TYPO3 Static Methods since 2007 Extension Unspecified Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57288
Ruby multi_xml CVE-2013-0175 Remote Arbitrary Command Execution Vulnerability
http://www.securityfocus.com/bid/57281
TYPO3 T3 jQuery Extension Arbitrary PHP Code Execution Vulnerability
http://www.securityfocus.com/bid/57280
TP-LINK TL-WR841N Router CVE-2012-6276 Local File Include Vulnerability
http://www.securityfocus.com/bid/57279
Adobe Acrobat and Reader CVE-2013-0605 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57273
Adobe Acrobat and Reader CVE-2013-0601 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/57272
Apache Axis2/C SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/57267
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿