2014年5月9日金曜日

9日 金曜日、友引

+ APSB14-15 Prenotification Security Advisory for Adobe Reader and Acrobat
http://helpx.adobe.com/security/products/reader/apsb14-15.html

+ phpMyAdmin 4.2.0 is released
http://sourceforge.net/p/phpmyadmin/news/2014/05/phpmyadmin-420-is-released/

+ UPDATE: HPSBGN03008 rev.2 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04248997-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ HPSBMU03035 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross-Site Scripting (XSS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04273695-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6220

+ UPDATE: HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generatorで、コードがリモート実行される
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04023666-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken

+ PHP 5.5.11 FastCGI privilege escalation due to insecure configuration
http://cxsecurity.com/issue/WLB-2014050042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185

+ Apple iOS 'MobileMail.app' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/67263

+ Microsoft May 2014 Advance Notification Multiple Vulnerabilities
http://www.securityfocus.com/bid/67298

+ Microsoft Security Bulletin Advance Notification for May 2014
https://technet.microsoft.com/library/security/ms14-may

JVNDB-2014-000044 intra-mart におけるオープンリダイレクトの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000044.html

OpenSSLの「心臓出血」脆弱性から保護できるアプライアンス
http://itpro.nikkeibp.co.jp/article/NEWS/20140509/555502/?ST=security

日本IBMがセキュリティ対策ソフト「QRadar」の新版を発売、フルパケットキャプチャーに対応
http://itpro.nikkeibp.co.jp/article/NEWS/20140508/555472/?ST=security

政府関係者が狙いか?国内でIEのゼロデイ脆弱性を突く「水飲み場型攻撃」
http://itpro.nikkeibp.co.jp/article/NEWS/20140508/555443/?ST=security

JVNVU#99180587 Fortinet Fortiweb におけるクロスサイトリクエストフォージェリの脆弱性
http://jvn.jp/vu/JVNVU99180587/

JVNVU#91373286 Caldera に複数の脆弱性
http://jvn.jp/vu/JVNVU91373286/

0 件のコメント:

コメントを投稿