13日 月曜日、先勝

+ UPDATE: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130508-cvp

+ Apache Tomcat 7.0.40 released
http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071

+ Apache Tomcat FORM Authenticator Lets Remote Users Conduct Session Fixation Attacks
http://www.securitytracker.com/id/1028534
http://cxsecurity.com/issue/WLB-2013050090
http://www.securityfocus.com/bid/59799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067

+ Apache Tomcat Lack of Chunked Transfer Encoding Extension Size Limit Lets Remote Users Deny Service
http://www.securitytracker.com/id/1028533
http://cxsecurity.com/issue/WLB-2013050089
http://www.securityfocus.com/bid/59797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544

+ Apache Tomcat AsyncListeners Bug May Disclose Information from One Request to Another User
http://www.securitytracker.com/id/1028532
http://cxsecurity.com/issue/WLB-2013050088
http://www.securityfocus.com/bid/59798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2071

+ Linux Kernel 'tun.c' Denial Of Service Vulnerability
http://www.securityfocus.com/bid/59804

UPDATE: Internet Explorer 8 の脆弱性対策について (KB2847140)(CVE-2013-1347)
http://www.ipa.go.jp/security/ciadr/vul/20130507-ms.html

チェックしておきたい脆弱性情報＜2013.05.13＞
http://itpro.nikkeibp.co.jp/article/COLUMN/20130507/474932/?ST=security

脅威高まる車載ソフトへの攻撃
第1回 標的になる車載ソフト
http://itpro.nikkeibp.co.jp/article/COLUMN/20130507/475084/?ST=security

ディノスに111万件の不正アクセス、1万5000件の不正ログイン
http://itpro.nikkeibp.co.jp/article/NEWS/20130510/475982/?ST=security

DoS/PoC: Lan Messenger sending PM Buffer Overflow(UNICODE) - Overwrite SEH
http://www.exploit-db.com/exploits/25363