+ RHSA-2014:1885 Moderate: libxml2 security update
https://rhn.redhat.com/errata/RHSA-2014-1885.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660
+ RHSA-2014:1880 Critical: java-1.7.1-ibm security update
https://access.redhat.com/errata/RHSA-2014:1880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6492
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6527
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6558
+ phpMyAdmin 4.0.10.6, 4.1.14.7 and 4.2.12 are released
http://sourceforge.net/p/phpmyadmin/news/2014/11/phpmyadmin-40106-41147-and-4212-are-released/
+ PMASA-2014-13 Multiple XSS vulnerabilities.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-13.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8958
+ PMASA-2014-14 Local file inclusion vulnerability.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-14.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8959
+ PMASA-2014-15 XSS vulnerability in error reporting functionality.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-15.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8960
+ PMASA-2014-16 Leakage of line count of an arbitrary file.
http://www.phpmyadmin.net/home_page/security/PMASA-2014-16.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8961
+ UPDATE: GNU Bash Environment Variable Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
+ UPDATE: Apache HTTPd Range Header Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110830-apache
+ UPDATE: Multiple Vulnerabilities in Cisco Small Business RV Series Routers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv
+ CVE-2014-4345 Numeric Errors vulnerability in Kerberos
https://blogs.oracle.com/sunsecurity/entry/cve_2014_4345_numeric_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
+ Multiple vulnerabilities fixed in NSS 3.16
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_fixed_in_nss
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1620
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5605
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5606
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492
+ PostgreSQL 9.4 RC1 Released
http://www.postgresql.org/about/news/1555/
+ Sudo 1.8.11p2 released
http://www.sudo.ws/sudo/changes.html
+ Google Chrome Multiple Bugs Let Remote Users Execute Arbitrary Code and Obtain Information
http://www.securitytracker.com/id/1031241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7910
+ REMOTE: Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)
http://www.exploit-db.com/exploits/35308
+ Android <5.0 java.io.ObjectInputStream Privilege Escalation
http://cxsecurity.com/issue/WLB-2014110136
新人D太と先輩M子のITビジネス日誌
社会インフラをサイバー攻撃から守れ! 制御システムの国際セキュリティ標準が始動
http://itpro.nikkeibp.co.jp/atcl/column/14/493082/111700009/?ST=security
News & Trend
50人対象に規模縮小、大阪駅ビル「顔画像追跡」実験の誤算
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/111900107/?ST=security
不正プロキシ事件、ロジテック製品ユーザーのアカウントが悪用される
http://itpro.nikkeibp.co.jp/atcl/news/14/112001989/?ST=security
UPDATE: JVNTA14-317A Apple iOS に対する攻撃手法 Masque Attack
http://jvn.jp/ta/JVNTA14-317A/
UPDATE: JVNTA14-069A Microsoft Windows XP および Office 2003 のサポート終了について
http://jvn.jp/ta/JVNTA14-069A/
JVNVU#99458129 Microsoft Windows の Kerberos Key Distribution Center (KDC) に Privilege Attribute Certificate (PAC) 署名検証不備の脆弱性
http://jvn.jp/vu/JVNVU99458129/
0 件のコメント:
コメントを投稿