2014年6月11日水曜日

11日 水曜日、赤口

+ 2014 年 6 月のマイクロソフト セキュリティ情報の概要
https://technet.microsoft.com/ja-jp/library/security/ms14-jun

+ MS14-030 重要 リモート デスクトップの脆弱性により改ざんが起こる (2969259)
https://technet.microsoft.com/library/security/ms14-030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0296

+ MS14-031 重要 TCP プロトコルの脆弱性により、サービス拒否が起こる (2962478)
https://technet.microsoft.com/library/security/ms14-031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1811

+ MS14-032 重要 Microsoft Lync Server の脆弱性により、情報漏えいが起こる (2969258)
https://technet.microsoft.com/library/security/ms14-032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1823

+ MS14-033 Important Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061)
https://technet.microsoft.com/en-us/library/security/ms14-033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1816

+ MS14-034 重要 Microsoft Word の脆弱性により、リモートでコードが実行される (2969261)
https://technet.microsoft.com/library/security/ms14-034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2778

+ MS14-035 緊急 Internet Explorer 用の累積的なセキュリティ更新プログラム (2969262)
https://technet.microsoft.com/library/security/ms14-035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1779
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1795
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2753
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2754
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2757
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2763
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2765
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2776

+ MS14-036 緊急 Microsoft Graphics コンポーネントの脆弱性により、リモートでコードが実行される (2967487)
https://technet.microsoft.com/library/security/ms14-036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1818

+ RHSA-2014:0741 Critical: firefox security update
https://rhn.redhat.com/errata/RHSA-2014-0741.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541

+ RHSA-2014:0740 Important: kernel security and bug fix update
https://rhn.redhat.com/errata/RHSA-2014-0740.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738

+ RHSA-2014:0742 Important: thunderbird security update
https://rhn.redhat.com/errata/RHSA-2014-0742.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541

+ RHSA-2014:0743 Moderate: qemu-kvm security and bug fix update
https://rhn.redhat.com/errata/RHSA-2014-0743.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4535
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4536
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6399
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3461

+ Google Chrome 35.0.1916.153 released
http://googlechromereleases.blogspot.jp/2014/06/stable-channel-update.html

+ Mozilla Firefox 30.0 released
http://www.mozilla.org/en-US/firefox/30.0/releasenotes/


+ MFSA 2014-54 Buffer overflow in Gamepad API
http://www.mozilla.org/security/announce/2014/mfsa2014-54.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1543

+ MFSA 2014-53 Buffer overflow in Web Audio Speex resampler
http://www.mozilla.org/security/announce/2014/mfsa2014-53.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1542

+ MFSA 2014-52 Use-after-free with SMIL Animation Controller
http://www.mozilla.org/security/announce/2014/mfsa2014-52.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541

+ MFSA 2014-51 Use-after-free in Event Listener Manager
http://www.mozilla.org/security/announce/2014/mfsa2014-51.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1540

+ MFSA 2014-50 Clickjacking through cursor invisability after Flash interaction
http://www.mozilla.org/security/announce/2014/mfsa2014-50.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1539

+ MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
http://www.mozilla.org/security/announce/2014/mfsa2014-49.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1536
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538

+ MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
http://www.mozilla.org/security/announce/2014/mfsa2014-48.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1534

+ APSB14-16 Security updates available for Adobe Flash Player
http://helpx.adobe.com/security/products/flash-player/apsb14-16.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0535
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0536

+ Moziila Thunderbird 24.6 released
http://www.mozilla.org/en-US/thunderbird/24.6.0/releasenotes/

+ HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04333125-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6221

+ CVE-2014-0591 Buffer Errors vulnerability in Bind
https://blogs.oracle.com/sunsecurity/entry/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE_2014_0591_buffer_errors1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591

+ CVE-2014-0591 Buffer Errors vulnerability in Bind
https://blogs.oracle.com/sunsecurity/entry/http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE_2014_0591_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591

+ HS14-014 XXE (Xml eXternal Entity) Vulnerability in COBOL2002
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-014/index.html

+ HS14-013 Multiple Vulnerabilities in Hitachi Tuning Manager, and JP1/Performance Management - Manager Web Option
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-013/index.html

+ HS14-014 COBOL2002におけるXXE(Xml eXternal Entity)の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS14-014/index.html

+ HS14-013 Hitachi Tuning Manager, JP1/Performance Management - Manager Web Optionにおける脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS14-013/index.html

+ SA58585 Google Chrome Multiple Vulnerabilities
http://secunia.com/advisories/58585/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0535
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0536
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3157

+ SA57455 Sendmail Close-on-Exec File Descriptors Access Bypass Security Issue
http://secunia.com/advisories/57455/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956

+ Sendmail File Descriptor Security Vulnerability
http://www.securityfocus.com/bid/67791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956

Trend Micro Security (for Mac) 2.0 Service Pack 1 (ビルド 3030) の公開のお知らせ
http://app.trendmicro.co.jp/support/news.asp?id=2142

UPDATE: JVN#61247051 OpenSSL における Change Cipher Spec メッセージの処理に脆弱性
http://jvn.jp/jp/JVN61247051/index.html

JVNVU#94501306 複数製品の UEFI ファームウェアの実装に脆弱性
http://jvn.jp/vu/JVNVU94501306/index.html

「偽画面にご注意!」、三菱東京UFJ銀行をかたるフィッシング
http://itpro.nikkeibp.co.jp/article/NEWS/20140610/562867/?ST=security

サイバー犯罪が世界経済に与える損害は年間4450億ドル
http://itpro.nikkeibp.co.jp/article/NEWS/20140610/562829/?ST=security

Google、「忘れられる権利」に基づく削除を明示する手法を検討中
http://itpro.nikkeibp.co.jp/article/NEWS/20140610/562802/?ST=security

VU#613308 Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability
http://www.kb.cert.org/vuls/id/613308

0 件のコメント:

コメントを投稿