+ Mozilla Firefox 33.1.1 released
https://www.mozilla.org/en-US/firefox/33.1.1/releasenotes/
+ Linux kernel 3.17.3, 3.14.24, 3.10.60 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.3
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.24
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.60
+ FreeBSD 10.1-RELEASE Announcement
https://www.freebsd.org/releases/10.1R/announce.html
+ jetty 9.2.5 released
http://download.eclipse.org/jetty/
+ Zimbra Collaboration Suite 8.5.1, 8.0.9 released
http://files.zimbra.com/website/docs/8.5/ZCS_851R1_OS_ReleaseNotes_UpgradeInst.pdf
http://files.zimbra.com/website/docs/8.0/ZCS_809R1_OS_ReleaseNotes_UpgradeInst.pdf
+ PHP 5.4.35 released
http://php.net/archive/2014.php#id2014-11-13-3
+ JVNVU#96617862 Microsoft Windows OLE ライブラリに任意のコード実行が可能な脆弱性
http://jvn.jp/vu/JVNVU96617862/
+ JVNVU#99732679 Microsoft Secure Channel (Schannel) に任意のコード実行が可能な脆弱性
http://jvn.jp/vu/JVNVU99732679/
+ JVN#89852154 iLogScanner におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN89852154/
+ LOCAL: MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python
http://www.exploit-db.com/exploits/35235
+ LOCAL: MS14-064 Microsoft Windows OLE Package Manager Code Execution
http://www.exploit-db.com/exploits/35236
+ PHP Fileinfo libmagic ELF Note Handling Denial of Service Vulnerability
http://secunia.com/advisories/62413/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
+ Google DoubleClick Open Redirect
http://cxsecurity.com/issue/WLB-2014110106
+ Linux Kernel SCTP fix remote memory pressure from excessive queueing
http://cxsecurity.com/issue/WLB-2014110098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3688
+ Linux Kernel SCTP fix panic on duplicate ASCONF chunks
http://cxsecurity.com/issue/WLB-2014110097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3687
+ Linux Kernel SCTP fix skb_over_panic when receiving malformed ASCONF chunks
http://cxsecurity.com/issue/WLB-2014110096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3673
+ Microsoft Windows OLE Package Manager Code Execution
http://cxsecurity.com/issue/WLB-2014110095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6352
+ Windows OLE Automation Array Remote Code Execution
http://cxsecurity.com/issue/WLB-2014110094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6332
+ Microsoft Windows OLE Package Manager Code Execution Through Python
http://cxsecurity.com/issue/WLB-2014110093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6352
+ Linux Kernel 'ttusbdecfe.c' Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/71097
JVNDB-2014-000133 iLogScanner におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000133.html
JVNDB-2014-000118 Direct Web Remoting (DWR) におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000118.html
JVNDB-2014-000117 Direct Web Remoting (DWR) における XML 外部実体参照 (XXE) に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000117.html
「一太郎」に見つかった脆弱性、日本を狙うゼロデイ攻撃に使われていた
http://itpro.nikkeibp.co.jp/atcl/news/14/111401911/?ST=security
ITproまとめ
サイバーセキュリティ基本法
http://itpro.nikkeibp.co.jp/atcl/column/14/494329/111300037/?ST=security
正規のiOSアプリをマルウエアに変える攻撃手口「Masque Attack」
http://itpro.nikkeibp.co.jp/atcl/news/14/111401907/?ST=security
Facebook、プライバシーポリシー改訂案を公開、より分かりやすい説明に
http://itpro.nikkeibp.co.jp/atcl/news/14/111401906/?ST=security
JVNTA14-317A Apple iOS に対する攻撃手法 Masque Attack
http://jvn.jp/ta/JVNTA14-317A/
LOCAL: OSSEC 2.8 - Insecure Temporary File Creation Vulnerability Privilege Escalation
http://www.exploit-db.com/exploits/35234
0 件のコメント:
コメントを投稿