:: IT Security Neophyte Investigator's MEMO ::: 26日火曜日、大安

2013年2月26日火曜日

26日火曜日、大安

+ RHSA-2013:0517 Low: util-linux-ng security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0517.html

+ RHSA-2013:0525 Moderate: pcsc-lite security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0525.html

+ RHSA-2013:0520 Low: dovecot security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0520.html

+ RHSA-2013:0512 Low: httpd security, bug fix, and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0512.html

+ RHSA-2013:0519 Moderate: openssh security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0519.html

+ RHSA-2013:0500 Low: hplip security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0500.html

+ RHSA-2013:0506 Moderate: samba4 security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0506.html

+ RHSA-2012:1418 Critical: kdelibs security
http://rhn.redhat.com/errata/RHSA-2012-1418.html

+ RHSA-2013:0508 Low: sssd security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0508.html

+ RHSA-2013:0511 Moderate: pki-core security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0511.html

+ RHSA-2013:0509 Low: rdma security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0509.html

+ RHSA-2013:0514 Moderate: php security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0514.html

+ RHSA-2013:0550 Moderate: bind security and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0550.html

+ RHSA-2013:0505 Moderate: squid security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0505.html

+ RHSA-2013:0521 Moderate: pam security, bug fix, and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0521.html

+ RHSA-2013:0499 Low: xinetd security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0499.html

+ RHSA-2013:0515 Moderate: openchange security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0515.html

+ RHSA-2013:0276 Moderate: libvirt security, bug fix, and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0276.html

+ RHSA-2013:0496 Important: Red Hat Enterprise Linux 6 kernel
http://rhn.redhat.com/errata/RHSA-2013-0496.html

+ RHSA-2013:0503 Moderate: 389-ds-base security, bug fix, and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0503.html

+ RHSA-2013:0504 Low: dhcp security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0504.html

+ RHSA-2013:0526 Low: automake security
http://rhn.redhat.com/errata/RHSA-2013-0526.html

+ RHSA-2013:0516 Low: evolution security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0516.html

+ RHSA-2013:0502 Low: Core X11 clients security, bug fix, and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0502.html

+ RHSA-2013:0277 Moderate: dnsmasq security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0277.html

+ RHSA-2013:0528 Low: ipa security, bug fix and enhancement
http://rhn.redhat.com/errata/RHSA-2013-0528.html

+ RHSA-2013:0523 Low: ccid security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0523.html

+ RHSA-2013:0522 Moderate: gdb security and bug fix
http://rhn.redhat.com/errata/RHSA-2013-0522.html

+ CESA-2013:0271 Critical CentOS 6 firefox Update
http://lwn.net/Alerts/539464/

+ CESA-2013:0272 Critical CentOS 6 thunderbird Update
http://lwn.net/Alerts/539465/

+ CESA-2013:0271 Critical CentOS 6 xulrunner Update
http://lwn.net/Alerts/539466/

+ CESA-2013:0271 Critical CentOS 6 libproxy Update
http://lwn.net/Alerts/539468/

+ CESA-2013:0274 Important CentOS 5 java-1.6.0-openjdk Update
http://lwn.net/Alerts/539471/

+ CESA-2013:0275 Important CentOS 6 java-1.7.0-openjdk Update
http://lwn.net/Alerts/539472/

+ CESA-2013:0275 Important CentOS 5 java-1.7.0-openjdk Update
http://lwn.net/Alerts/539473/

+ CESA-2013:0271 Critical CentOS 6 yelp Update
http://lwn.net/Alerts/539467/

+ CESA-2013:0273 Critical CentOS 6 java-1.6.0-openjdk Update
http://lwn.net/Alerts/539470/

+ HS13-004 Multiple Vulnerabilities in Cosminexus
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-004/index.html

+ HS13-004 Cosminexusにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-004/index.html

+ Apache HTTP Server 2.2.24 Released
http://www.apache.org/dist/httpd/Announcement2.2.html

+ Linux kernel CVE-2013-1763 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/58137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1763

PHP 5.4.12 and 5.3.22 x64 (64 bit) for Windows
http://www.anindya.com/php-5-4-12-and-5-3-22-x64-64-bit-for-windows/

Anti-Virus / Anti-Bot / Application Control / URL Filtering update might fail on R75.40/R75.40VS/R75.45
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk90700&src=securityAlerts

Advisory: Accidental overwrite of a SafeGuard LAN Crypt key can occur under specific circumstances, preventing access to data. Patch now available.
http://www.sophos.com/en-us/support/knowledgebase/113822.aspx

「CRYPTRECシンポジウム2013」開催のお知らせ
http://www.ipa.go.jp/security/event/2013/crypt-sympo/index.html

「暗号鍵の適切な運用・管理に係る課題調査」報告書の公開
http://www.ipa.go.jp/security/fy24/reports/key-management/index.html

“誤認逮捕”を防ぐWebセキュリティ強化術
［2］CSRFとクロスサイトスクリプティング
http://itpro.nikkeibp.co.jp/article/COLUMN/20130218/456764/?ST=security

Eugrid、端末にデータを残さずにクラウドを利用してアプリを実行するソフトを出荷
http://itpro.nikkeibp.co.jp/article/NEWS/20130225/458529/?ST=security

Microsoftにもサイバー攻撃、「Mac事業部門」などでJava脆弱性の影響受ける
http://itpro.nikkeibp.co.jp/article/NEWS/20130225/458467/?ST=security

JVNVU#90797811 Dell PowerConnect 6248P にサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/cert/JVNVU90797811/

JVNVU#91334049 CS-Cart に検証不備の脆弱性
http://jvn.jp/cert/JVNVU91334049/

[SECURITY] [DSA 2629-1] openjpeg security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00128.html

VUPEN Security Research - Microsoft Windows OLE Automation Code Execution Vulnerability
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00127.html

DC4420 - London DEFCON Tuesday 26th Feb 2013
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00126.html

[SE-2012-01] New security issues affecting Oracles Java SE 7u15
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00125.html

NoSuchCon CFP 2.0 / 15-17 May 2013 / Paris, France
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00124.html

[SECURITY] [DSA 2631-1] squid3 security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00123.html

[Onapsis Security Advisory 2013-005] SAP CCMS Agent Code Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00134.html

[Onapsis Security Advisory 2013-006] SAP SMD Agent Code Injection
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00133.html

[Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00132.html

[Onapsis Security Advisory 2013-003] SAP Enterprise Portal Cross-Site-Scripting
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00131.html

[Onapsis Security Advisory 2013-002] SAP SDM Denial of Service
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00130.html

[Onapsis Security Advisory 2013-001] SAP Portal PDC Information Disclosure
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00129.html

[ MDVSA-2013:014 ] java-1.6.0-openjdk
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2013-02/msg00122.html

Why I think you should try Bro
https://isc.sans.edu/diary.html?storyid=15259

Mass-Customized Malware Lures: Don't trust your cat!
https://isc.sans.edu/diary.html?storyid=15265

Trustwave Trustkeeper Phish
https://isc.sans.edu/diary.html?storyid=15271

Punkspider enumerates web application vulnerabilities
https://isc.sans.edu/diary.html?storyid=15274

Kerberos Null Pointer Dereference in KDC PKINIT Code Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1028204

REMOTE: Java Applet JMX Remote Code Execution
http://www.exploit-db.com/exploits/24539

fusionforge multiple privilege escalations
http://cxsecurity.com/issue/WLB-2013020185

Java Applet JMX Remote Code Execution
http://cxsecurity.com/issue/WLB-2013020184

WordPress plugin smart-flv jwplayer.swf XSS
http://cxsecurity.com/issue/WLB-2013020183

Honeywell Multiple Products ActiveX Control Remote Code Execution Vulnerability
http://secunia.com/advisories/52389/

Kerberos KDC "pkinit_check_kdc_pkid()" NULL Pointer Dereference Denial of Service Vulnerability
http://secunia.com/advisories/52390/

SUSE update for openssl
http://secunia.com/advisories/52292/

SUSE update for RubyOnRails
http://secunia.com/advisories/52259/

SUSE update for openssl
http://secunia.com/advisories/52314/

GIT "git-imap-send" SSL Certificate Verification Security Issue
http://secunia.com/advisories/52361/

SUSE update for acroread
http://secunia.com/advisories/52304/

Samsung Galaxy S III Emergency Contacts Home Button "Passcode Lock" Bypass Weakness
http://secunia.com/advisories/52384/

Ruby REXML Denial of Service Vulnerability
http://secunia.com/advisories/52363/

Apache Maven / Apache Maven Wagon SSL Certificate Verification Security Issue
http://secunia.com/advisories/52381/

Debian update for squid3
http://secunia.com/advisories/52370/

Hitachi Cosminexus Products Oracle Java Multiple Vulnerabilities
http://secunia.com/advisories/52354/

Microsoft Windows Object Linking and Embedding (OLE) Automation Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57863

PCSC-Lite 'atrhandler.c' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/45450

Linux-PAM 'pam_env' Module Multiple Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/50343

Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
http://www.securityfocus.com/bid/48003

Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/50709

'pam_ssh_agent_auth' Module CVE-2012-5536 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/58097

util-linux Package 'mount' and 'umount' Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57168

Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
http://www.securityfocus.com/bid/51706

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability
http://www.securityfocus.com/bid/50802

Apache HTTP Server HTML-Injection And Information Disclosure Vulnerabilities
http://www.securityfocus.com/bid/55131

Linux Kernel 'ext4_ext_insert_extent()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/50322

Apache HTTP Server 'ap_pregsub()' Function Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/50494

Apache HTTP Server Scoreboard Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/51407

Oracle Java SE CVE-2013-1475 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57694

Oracle Enterprise Manager Grid Control CVE-2013-0354 HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/57361

Red Hat Certificate System Multiple Cross-Site Scripting and Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/56843

OpenJPEG Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/54373

OpenJPEG Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/55214

OpenJPEG Gray16 TIFF Image File Memory Corruption Vulnerability
http://www.securityfocus.com/bid/53012

Xinetd CVE-2012-0862 Security Bypass Vulnerability
http://www.securityfocus.com/bid/53720

GNU Automake Local Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/54418

CCID Card Serial Number Integer Overflow Vulnerability
http://www.securityfocus.com/bid/45806

GNOME Evolution CVE-2011-3201 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/58086

ibacm Denial of Service And Insecure File Permissions Vulnerabilities
http://www.securityfocus.com/bid/55890

Squid 'cachemgr.cgi' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/56957

Oracle Enterprise Manager Grid Control CVE-2013-0355 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57382

ISC DHCP IPv6 Lease Expiration Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/55530

ISC DHCP Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/54665

389 Directory Server Access Bypass Vulnerability
http://www.securityfocus.com/bid/55690

XFree86 x11perf CVE-2011-2504 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/58082

Dnsmasq Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/54353

Linux GNU Debugger 'debug_gdb_scripts' Loading Arbitrary Code Execution Vulnerability
http://www.securityfocus.com/bid/50829

Transmission 'UTP_ProcessIncoming()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57872

Adobe Acrobat And Reader CVE-2013-0640 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57931

Adobe Acrobat And Reader CVE-2013-0641 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57947

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0778 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58050

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0773 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58041

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0776 URI Spoofing Vulnerability
http://www.securityfocus.com/bid/58044

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0775 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58042

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0765 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58036

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0777 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58048

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0782 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58047

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0780 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58043

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0779 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58051

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0783 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/58037

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0774 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/58038

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0784 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/58040

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0781 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/58049

Mozilla Firefox/Thunderbird/SeaMonkey CVE-2013-0772 Out-of-Bounds Read Vulnerability
http://www.securityfocus.com/bid/58034

Oracle Enterprise Manager Grid Control CVE-2013-0358 SQL Injection Vulnerability
http://www.securityfocus.com/bid/57336

Oracle Enterprise Manager Grid Control CVE-2012-3219 Open Redirection Vulnerability
http://www.securityfocus.com/bid/57349

Oracle Enterprise Manager Grid Control CVE-2013-0353 SQL Injection Vulnerability
http://www.securityfocus.com/bid/57373

Oracle Enterprise Manager Grid Control CVE-2013-0373 SQL Injection Vulnerability
http://www.securityfocus.com/bid/57370

Oracle Enterprise Manager Grid Control CVE-2013-0374 Multiple SQL Injection Vulnerabilities
http://www.securityfocus.com/bid/57368

Oracle Java SE CVE-2013-0431 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57726

Oracle Enterprise Manager Grid Control CVE-2013-0352 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/57365

Oracle Database Server CVE-2012-3220 Remote Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57372

Pidgin 'libpurple' Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/57954

Pidgin 'Libpurple' CVE-2013-0271 Arbitrary File Overwrite Vulnerability
http://www.securityfocus.com/bid/57952

Pidgin 'libpurple' CVE-2013-0272 HTTP Header Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57951

Linux Kernel CVE-2013-0228 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/57940

Linux Kernel '__skb_recv_datagram()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/57964

OpenConnect VPN Gateway Stack Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57884

FreeIPA CVE-2012-5484 Man in The Middle Security Vulnerability
http://www.securityfocus.com/bid/57529

Oracle Enterprise Manager Grid Control CVE-2013-0372 SQL Injection Vulnerability
http://www.securityfocus.com/bid/57378

Boost UTF-8 'utf_traits::decode()' Function Input Validation Vulnerability
http://www.securityfocus.com/bid/57675

Oracle Java SE CVE-2013-0435 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57729

sthttpd 'thttpd.log' Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/58127

Oracle Java SE CVE-2013-0441 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57692

Oracle Java SE CVE-2013-0428 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57713

Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57712

Oracle Java SE CVE-2013-0434 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57730

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/57778

Oracle Java SE CVE-2013-0445 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57689

Oracle Java SE CVE-2013-0443 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57702

Oracle Java SE CVE-2013-0442 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57687

Oracle Java SE CVE-2013-0432 Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57727

Oracle Java SE CVE-2013-0433 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57719

Oracle Java SE CVE-2013-0429 Remote Java Runtime Environment Remote Security Vulnerability
http://www.securityfocus.com/bid/57710

cURL/libcURL 'Curl_sasl_create_digest_md5_message()' Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/57842

Qt Shared Memory Segments Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/57772

CometChat Remote Code Execution and Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/57979

Oracle Java SE CVE-2013-0427 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57724

Oracle Java SE CVE-2013-0426 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57711

Oracle Java SE CVE-2013-1481 Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/57718

Oracle Java SE CVE-2013-0450 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57703

Oracle Java SE CVE-2013-0424 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57715

Oracle Java SE CVE-2013-0409 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57728

Oracle Java SE CVE-2013-0425 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57709

Oracle Java SE CVE-2012-1541 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57697

Oracle Java SE CVE-2013-1476 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/57696

Oracle Java SE CVE-2013-1486 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/58029

webfs 'webfsd.log' Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/58126

Apache Commons HttpClient CVE-2012-5783 SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/58073

Squid 'cachemgr.cgi' Incomplete Fix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/57646

WiFilet For iPhone/iPad Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/58154

Oracle Java Runtime Environment Multiple Unspecified Remote Code Execution Vulnerabilities
http://www.securityfocus.com/bid/58153

IBM Lotus Domino Unspecified Open Redirection and Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/58152

MTP Poll Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/58150

MTP Guestbook Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/58149

MTP Image Gallery 'title' Parameter Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/58146

FusionForge CVE-2013-1423 Multiple Local Privilege Escalation Vulnerabilities
http://www.securityfocus.com/bid/58143

WordPress Smart Flv Plugin 'jwplayer.swf' Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/58135

GIT 'git-imap-send' Command SSL Certificate Validation Spoofing Vulnerability
http://www.securityfocus.com/bid/58148

Monkey 'master.log' Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/58140

SkunkWeb 'sw.log' Insecure File Permissions Vulnerability
http://www.securityfocus.com/bid/58138

Linux kernel CVE-2013-1763 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/58137

Apache Maven CVE-2013-0253 SSL Certificate Validation Security Bypass Vulnerability
http://www.securityfocus.com/bid/58136

Rix4Web 'dir_link' Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/58132

Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
http://www.securityfocus.com/bid/58131

IPMap Local File Include and Arbitrary File Upload Vulnerabilities
http://www.securityfocus.com/bid/58130

Kayako Fusion Multiple HTML Injection Vulnerabilities
http://www.securityfocus.com/bid/58129

:: IT Security Neophyte Investigator's MEMO ::

2013年2月26日火曜日

26日火曜日、大安

0 件のコメント:

コメントを投稿

2013年2月26日火曜日

26日 火曜日、大安

0 件のコメント:

コメントを投稿

26日火曜日、大安