2013年12月6日金曜日

6日 金曜日、友引

+ マイクロソフト セキュリティ情報の事前通知 - 2013 年 12 月
http://technet.microsoft.com/ja-jp/security/bulletin/ms13-dec

+ HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04031212-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5852
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5854

+ HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04031205-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5852

+ PostgreSQL Maintenance Releases: 9.3.2, 9.2.6, 9.1.11, 9.0.15, and 8.4.19
http://www.postgresql.org/about/news/1492/
http://www.postgresql.org/docs/9.3/static/release-9-3-2.html
http://www.postgresql.org/docs/9.2/static/release-9-2-6.html
http://www.postgresql.org/docs/9.1/static/release-9-1-11.html
http://www.postgresql.org/docs/9.0/static/release-9-0-15.html
http://www.postgresql.org/docs/8.4/static/release-8-4-19.html

+ SonicWALL GMS/Analyzer/UMA Input Validation Flaw in 'Alert Settings' Request Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1029433

+ SA55942 Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/55942/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6634
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6635
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6636
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6637
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6639
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6640

+ Microsoft Windows NDPROXY Local SYSTEM Privilege Escalation
http://cxsecurity.com/issue/WLB-2013120040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5065

Microsoft、政府の盗聴行為への対抗策としてサービス暗号化を強化
http://itpro.nikkeibp.co.jp/article/NEWS/20131206/523045/?ST=security

世界のセキュリティ・ラボから
非暗号化HTTPはもうすぐ消える?
http://itpro.nikkeibp.co.jp/article/COLUMN/20131205/522844/?ST=security

サイバー攻撃の進化とセキュリティ対策意識に大きな乖離
ファイア・アイ 最高技術責任者 三輪信雄氏
http://itpro.nikkeibp.co.jp/article/Interview/20131128/521326/?ST=security

ジャパネットたかた、テレビ映像にIDを埋め込み「詳しくはWebで」をスマホカメラで簡単に
http://itpro.nikkeibp.co.jp/article/NEWS/20131205/522824/?ST=security

Facebookのログイン情報など200万件が流出、米セキュリティ会社が確認
http://itpro.nikkeibp.co.jp/article/NEWS/20131205/522762/?ST=security

JVNVU#92648323 NagiosQL にクロスサイトスクリプティングの脆弱性
http://jvn.jp/cert/JVNVU92648323/index.html

VU#268662 NagiosQL 3.2 Service Pack 2 contains a reflected cross-site scripting vulnerability
http://www.kb.cert.org/vuls/id/268662


0 件のコメント:

コメントを投稿