+ RHSA-2013:1269 Important: thunderbird security update
http://rhn.redhat.com/errata/RHSA-2013-1269.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737
+ RHSA-2013:1268 Critical: firefox security update
http://rhn.redhat.com/errata/RHSA-2013-1268.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1737
+ About the security content of OS X Server v2.2.2
http://support.apple.com/kb/HT5892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1034
+ Mozilla Firefox 24.0 released
http://www.mozilla.org/en-US/firefox/24.0/releasenotes/
+ Mozilla Thunderbird 24.0 released
http://www.mozilla.org/en-US/thunderbird/24.0/releasenotes/
+ MFSA 2013-92 GC hazard with default compartments and frame chain restoration
http://www.mozilla.org/security/announce/2013/mfsa2013-92.html
+ MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
http://www.mozilla.org/security/announce/2013/mfsa2013-91.html
+ MFSA 2013-90 Memory corruption involving scrolling
http://www.mozilla.org/security/announce/2013/mfsa2013-90.html
+ MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
http://www.mozilla.org/security/announce/2013/mfsa2013-89.html
+ MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
http://www.mozilla.org/security/announce/2013/mfsa2013-88.html
+ MFSA 2013-87 Shared object library loading from writable location
http://www.mozilla.org/security/announce/2013/mfsa2013-87.html
+ MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers
http://www.mozilla.org/security/announce/2013/mfsa2013-86.html
+ MFSA 2013-85 Uninitialized data in IonMonkey
http://www.mozilla.org/security/announce/2013/mfsa2013-85.html
+ MFSA 2013-84 Same-origin bypass through symbolic links
http://www.mozilla.org/security/announce/2013/mfsa2013-84.html
+ MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
http://www.mozilla.org/security/announce/2013/mfsa2013-83.html
+ MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
http://www.mozilla.org/security/announce/2013/mfsa2013-82.html
+ MFSA 2013-81 Use-after-free with select element
http://www.mozilla.org/security/announce/2013/mfsa2013-81.html
+ MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed
http://www.mozilla.org/security/announce/2013/mfsa2013-80.html
+ MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
http://www.mozilla.org/security/announce/2013/mfsa2013-79.html
+ MFSA 2013-78 Integer overflow in ANGLE library
http://www.mozilla.org/security/announce/2013/mfsa2013-78.html
+ MFSA 2013-77 Improper state in HTML5 Tree Builder with templates
http://www.mozilla.org/security/announce/2013/mfsa2013-77.html
+ MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)
http://www.mozilla.org/security/announce/2013/mfsa2013-76.html
+ Microsoft Security Advisory (2887505) Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://technet.microsoft.com/en-us/security/advisory/2887505
+ マイクロソフト セキュリティ アドバイザリ (2887505) Internet Explorer の脆弱性により、リモートでコードが実行される
http://technet.microsoft.com/ja-jp/security/advisory/2887505
+ Mac OS X Server Input Validation Flaws in Wiki Server Permit Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1029047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1034
+ Microsoft Internet Explorer Object Access Memory Corruption Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1029041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3893
+ REMOTE: Oracle Java ShortComponentRaster.verify() Memory Corruption
http://www.exploit-db.com/exploits/28331
+ REMOTE: HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
http://www.exploit-db.com/exploits/28336
+ REMOTE: HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
http://www.exploit-db.com/exploits/28337
+ DoS/PoC: Vino VNC Server 3.7.3 - Persistent Denial of Service
http://www.exploit-db.com/exploits/28338
+ ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation during kbdint authentication
http://cxsecurity.com/issue/WLB-2013090109
+ Oracle Java ShortComponentRaster.verify() Memory Corruption
http://cxsecurity.com/issue/WLB-2013090117
+ Microsoft Internet Explorer CVE-2013-3893 Memory Corruption Vulnerability
http://www.securityfocus.com/bid/62453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3893
+ Apple Mac OS X Server CVE-2013-1034 Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/62449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1034
世界のセキュリティ・ラボから
産業制御デバイスに対する攻撃の傾向
http://itpro.nikkeibp.co.jp/article/COLUMN/20130917/504842/?ST=security
NSAはクレジットカードの国際決済データにもアクセス---ドイツ誌が報道
http://itpro.nikkeibp.co.jp/article/NEWS/20130917/504922/?ST=security
HPがセキュリティ新サービスを2014年開始、ハードウエアレベルでPCを保護
http://itpro.nikkeibp.co.jp/article/NEWS/20130917/504882/?ST=security
JVNVU#99181254 Dahua Technology 製 DVR に複数の脆弱性
http://jvn.jp/cert/JVNVU99181254/index.html
REMOTE: PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF)
http://www.exploit-db.com/exploits/28328
REMOTE: D-Link Devices UPnP SOAP Telnetd Command Execution
http://www.exploit-db.com/exploits/28333
REMOTE: Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
http://www.exploit-db.com/exploits/28334
LOCAL: Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation
http://www.exploit-db.com/exploits/28332
LOCAL: Agnitum Outpost Internet Security Local Privilege Escalation
http://www.exploit-db.com/exploits/28335
0 件のコメント:
コメントを投稿