+ 2014 年 4 月のセキュリティ情報
http://technet.microsoft.com/ja-jp/security/bulletin/ms14-apr
+ MS14-017 - 緊急 Microsoft Word および Office Web Apps の脆弱性により、リモートでコードが実行される (2949660)
http://technet.microsoft.com/ja-jp/security/bulletin/ms14-017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1757
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1761
+ MS14-018 - 緊急 Internet Explorer 用の累積的なセキュリティ更新プログラム (2950467)
https://technet.microsoft.com/ja-jp/security/bulletin/ms14-018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1751
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1753
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1760
+ MS14-019 - 重要 Windows のファイル操作コンポーネントの脆弱性により、リモートでコードが実行される (2922229)
https://technet.microsoft.com/ja-jp/security/bulletin/ms14-019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0315
+ MS14-020 - 重要 Microsoft Publisher の脆弱性により、リモートでコードが実行される (2950145)
http://technet.microsoft.com/ja-jp/security/bulletin/ms14-020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1759
+ RHSA-2014:0376 Important: openssl security update
http://rhn.redhat.com/errata/RHSA-2014-0376.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ APSB14-09 Security updates available for Adobe Flash Player
http://helpx.adobe.com/security/products/flash-player/apsb14-09.html
+ CESA-2014:0376 Important CentOS 6 openssl Update
http://lwn.net/Alerts/593841/
+ gawk 4.1.1 released
http://ftp.gnu.org/gnu/gawk/?C=M;O=D
+ HPSBNS02991 rev.1 - HP NonStop Servers running Samba, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04226299-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496
+ UPDATE: マイクロソフト セキュリティ アドバイザリ (2953095) Microsoft Word の脆弱性により、リモートでコードが実行される
http://technet.microsoft.com/ja-jp/security/advisory/2953095
+ UPDATE: マイクロソフト セキュリティ アドバイザリ (2755801) Internet Explorer 上の Adobe Flash Player の脆弱性に対応する更新プログラム
http://technet.microsoft.com/ja-jp/security/advisory/2755801
+ FreeBSD-SA-14:06.openssl OpenSSL multiple vulnerabilities
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:06.openssl.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ FreeBSD-SA-14:05.nfsserver Deadlock in the NFS server
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:05.nfsserver.asc
+ REMOTE: OpenSSL TLS Heartbeat Extension - Memory Disclosure
http://www.exploit-db.com/exploits/32745
+ DoS/PoC: MacOS X 10.9 Hard Link Memory Corruption
http://www.exploit-db.com/exploits/32754
+ SA57740 Linux Kernel "handle_rx()" Privilege Escalation Vulnerability
http://secunia.com/advisories/57740/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0077
+ SA57697 Linux Kernel KVM Guest IOAPIC Redirection Table Denial of Service Vulnerability
http://secunia.com/advisories/57697/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0155
+ SA57347 OpenSSL TLS Heartbeat Information Disclosure Vulnerability
http://secunia.com/advisories/57347/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ OpenSSL TLS Heartbeat Extension Memory Disclosure Exploit
http://cxsecurity.com/issue/WLB-2014040042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ OpenSSL TLS Heartbeat Read Overrun
http://cxsecurity.com/issue/WLB-2014040040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ MacOSX 10.9.2/XNU HFS Multiple Vulnerabilities
http://cxsecurity.com/issue/WLB-2014040027
Check Point response to OpenSSL vulnerability (CVE-2014-0160)
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk100173&src=securityAlerts
不正アクセス被害のワコールがWebサイト全面再構築、4月下旬まで復旧できず
http://itpro.nikkeibp.co.jp/article/NEWS/20140408/549284/?ST=security
OpenSSLに情報漏えいの危険がある脆弱性、JPCERT/CCが注意喚起
http://itpro.nikkeibp.co.jp/article/NEWS/20140408/549282/?ST=security
UPDATE: JVNVU#94401838 OpenSSL の heartbeat 拡張に情報漏えいの脆弱性
http://jvn.jp/vu/JVNVU94401838/
JVNVU#93154457 Websense TRITON Unified Security Center に情報漏えいの脆弱性
http://jvn.jp/vu/JVNVU93154457/
JVNVU#96176042 NTP が DDoS 攻撃の踏み台として使用される問題
http://jvn.jp/vu/JVNVU96176042/index.html
VU#345337 J2k-Codec contains multiple exploitable vulnerabilities
http://www.kb.cert.org/vuls/id/345337
REMOTE: Bluetooth Text Chat 1.0 iOS - Code Execution Vulnerability
http://www.exploit-db.com/exploits/32738
REMOTE: Halon Security Router (SR) 3.2-winter-r1 - Multiple Security Vulnerabilities
http://www.exploit-db.com/exploits/32743
REMOTE: Fritz!Box Webcm Unauthenticated Command Injection
http://www.exploit-db.com/exploits/32753
REMOTE: JIRA Issues Collector Directory Traversal
http://www.exploit-db.com/exploits/32725
LOCAL: BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP
http://www.exploit-db.com/exploits/32737
LOCAL: WinRAR Filename Spoofing
http://www.exploit-db.com/exploits/32752
0 件のコメント:
コメントを投稿