2013年6月19日水曜日

19日 水曜日、先負

+ Multiple vulnerabilities in Squid
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_squid
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0189

+ Multiple vulnerabilities in X.org
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2062

+ Multiple vulnerabilities in X.org
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2066

+ Multiple Input Validation vulnerabilities in kerberos
https://blogs.oracle.com/sunsecurity/entry/multiple_input_validation_vulnerabilities_in
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1529

+ SYM13-005 Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Manager 12.1.x Buffer Overflow
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130618_00

+ FreeBSD-SA-13:06.mmap Privilege escalation via mmap
http://www.freebsd.org/security/advisories/FreeBSD-SA-13:06.mmap.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2171

+ MySQL Cluster 7.3 released
http://www.mysql.com/products/cluster/

+ Oracle Java Multiple Flaws Let Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2400
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3743
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3744

+ Ichitaro Unspecified Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1028678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3644

+ FreeBSD mmap Permission Check Flaw Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1028676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2171

+ SA53833 Cybozu Live for Android Arbitrary Java Method Execution Vulnerability
http://secunia.com/advisories/53833/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3646

+ Symantec Endpoint Protection Manager CVE-2013-1612 Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/60542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1612

脆弱性対策オプション 1.5 Service Pack 1 Patch 1 公開のお知らせ
http://www.trendmicro.co.jp/support/news.asp?id=1970

JVNDB-2013-000060 サイボウズLive for Android における WebView クラスに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000060.html

JVNDB-2013-000059 サイボウズLive for Android において任意の Java のメソッドが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000059.html

JVNDB-2013-000058 一太郎シリーズにおいて任意のコードが実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-000058.html

世界のセキュリティ・ラボから
「iPhone」をハッキングする偽装充電器
http://itpro.nikkeibp.co.jp/article/COLUMN/20130616/485401/?ST=security

個人情報が抜き取られる!急増する迷惑スマホアプリ
[3]自衛策その1---安全なアプリマーケットからダウンロード
http://itpro.nikkeibp.co.jp/article/COLUMN/20130607/483326/?ST=security

組み込み機器のセキュリティー確保術
【第3回】開発フェーズで考慮すべき事項とは
http://itpro.nikkeibp.co.jp/article/COLUMN/20130607/483173/?ST=security

「フィッシング対策」を改定、ネットサービス初回利用時はURL直接入力を
http://itpro.nikkeibp.co.jp/article/NEWS/20130618/486041/?ST=security

マイクロソフトが無償の脆弱性緩和ツール「EMET」の新版を公開
http://itpro.nikkeibp.co.jp/article/NEWS/20130618/485925/?ST=security

一太郎に危険な脆弱性、PCを完全に制御される恐れ
http://itpro.nikkeibp.co.jp/article/NEWS/20130618/485864/?ST=security

みずほ情報総研、「ソースコード脆弱性診断サービス」を提供開始
http://itpro.nikkeibp.co.jp/article/NEWS/20130618/485861/?ST=security

パロアルト、サンドボックス使うマルウエア判定をオンプレミスでも提供
http://itpro.nikkeibp.co.jp/article/NEWS/20130618/485806/?ST=security

VU#225657 Oracle Javadoc HTML frame injection vulnerability
http://www.kb.cert.org/vuls/id/225657

0 件のコメント:

コメントを投稿