2013年10月9日水曜日

9日 水曜日、先勝

+ 2013 年 10 月のセキュリティ情報
http://technet.microsoft.com/ja-jp/security/bulletin/ms13-oct

+ MS13-080 - 緊急 Internet Explorer 用の累積的なセキュリティ更新プログラム (2879017)
https://technet.microsoft.com/ja-jp/security/bulletin/ms13-080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3873
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3875
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3897

+ MS13-081 - 緊急 Windows カーネルモード ドライバーの脆弱性により、リモートでコードが実行される (2870008)
https://technet.microsoft.com/ja-jp/security/bulletin/ms13-081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3200
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3894

+ MS13-082 - 緊急 .NET Framework の脆弱性により、リモートでコードが実行される (2878890)
http://technet.microsoft.com/ja-jp/security/bulletin/ms13-082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3861

+ MS13-083 - 緊急 Windows コモン コントロール ライブラリの脆弱性により、リモートでコードが実行される (2864058)
https://technet.microsoft.com/ja-jp/security/bulletin/ms13-083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3195

+ MS13-084 - 重要 Microsoft SharePoint Server の脆弱性により、リモートでコードが実行される (2885089)
https://technet.microsoft.com/ja-jp/security/bulletin/ms13-084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3895

+ MS13-085 - 重要 Microsoft Excel の脆弱性により、リモートでコードが実行される (2885080)
https://technet.microsoft.com/ja-jp/security/bulletin/ms13-085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3890

+ MS13-086 - 重要 Microsoft Word の脆弱性により、リモートでコードが実行される (2885084)
https://technet.microsoft.com/ja-jp/security/bulletin/ms13-086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3892

+ MS13-087 - 重要 Silverlight の脆弱性により、情報漏えいが起こる (2890788)
https://technet.microsoft.com/ja-jp/security/bulletin/ms13-087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3896

+ APSB13-2 Security updates available for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb13-25.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5325

+ APSB13-24 Security update available for RoboHelp
http://www.adobe.com/support/security/bulletins/apsb13-24.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5327

+ CESA-2013:1409 Moderate CentOS 6 xinetd Update
http://lwn.net/Alerts/569759/

+ HPSBGN02929 rev.1 - HP Intelligent Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03943425-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4823

+ HPSBGN02930 rev.1 - HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module, Remote Authentication Bypass, Disclosure of Information, Unauthorized Access, SQL Injection
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03943547-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4827

+ UPDATE: Microsoft Security Advisory (2887505) Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://technet.microsoft.com/en-us/security/advisory/2887505

+ UPDATE: Microsoft Security Advisory (2862973) Update for Deprecation of MD5 Hashing Algorithm for Microsoft Root Certificate Program
http://technet.microsoft.com/en-us/security/advisory/2862973

+ RHSA-2013:1411 Moderate: glibc security and bug fix update
http://rhn.redhat.com/errata/RHSA-2013-1411.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332

+ SYM13-012 Security Advisories Relating to Symantec Products - Symantec Management Platform Agent Static Service Key
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20131008_00

+ GnuPG Packet Decompression Processing Flaw Lets Remote Users Deny Service
http://www.securitytracker.com/id/1029137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402

+ Xinetd Runs TCPMUX Services With Excess Privileges
http://www.securitytracker.com/id/1029134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342

+ DoS/PoC: Apple Motion 5.0.7 Integer Overflow Vulnerability
http://www.exploit-db.com/exploits/28811

+ Apple Motion 5.0.7 Integer Overflow
http://cxsecurity.com/issue/WLB-2013100047

+ Adobe Acrobat and Reader CVE-2013-5325 Remote Security Bypass Vulnerability
http://www.securityfocus.com/bid/62888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5325

+ Adobe RoboHelp CVE-2013-5327 Unspecified Memory Corruption Vulnerability
http://www.securityfocus.com/bid/62887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5327

+ Symantec Management Platform Static Key Unauthorized Access Vulnerability
http://www.securityfocus.com/bid/62757
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5008

KDDI研と三菱電機、個人を特定できる電子透かし入り動画の高速生成技術を開発
http://itpro.nikkeibp.co.jp/article/NEWS/20131008/509842/?ST=security

NRIセキュア、実際にパソコンを攻撃して脆弱性を報告するSIサービスを開始
http://itpro.nikkeibp.co.jp/article/NEWS/20131008/509705/?ST=security

REMOTE: HP LoadRunner magentproc.exe Overflow
http://www.exploit-db.com/exploits/28809

REMOTE: GestioIP Remote Command Execution
http://www.exploit-db.com/exploits/28810

LOCAL: davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit
http://www.exploit-db.com/exploits/28806

0 件のコメント:

コメントを投稿