2015年1月26日月曜日

26日 月曜日、赤口

+ UPDATE: APSA15-01 Security Advisory for Adobe Flash Player
http://helpx.adobe.com/security/products/flash-player/apsa15-01.html

+ phpMyAdmin 4.3.8 released
http://sourceforge.net/p/phpmyadmin/news/2015/01/phpmyadmin-438-release-notes/

+ HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04552143&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187

+ UPDATE: HPSBMU03216 rev.2 - HP Service Manager running SSLv3, Multiple Remote Vulnerabilities
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04512909&docLocale=ja_JP

+ UPDATE: HPSBMU03232 rev.2 - HP SiteScope, Remote Elevation of Privilege
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04539443&docLocale=ja_JP

+ PHP 5.4.37 Released
http://www.php.net/ChangeLog-5.php#5.4.37

+ PHP Bugs Let Remote Users Deny Service and Potentially Execute Arbitrary Code
http://www.securitytracker.com/id/1031627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232

+ Apple OS X Memory Corruption Flaw in IOKit IOBluetoothDevice Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1031626

+ Apple OS X Null Pointer Dereference in IOKit IntelAccelerator Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1031625

+ Apple OS X networkd XPC Parsing Flaw Lets Local Users Bypass Sandbox Restrictions
http://www.securitytracker.com/id/1031624

+ Google Chrome Multiple Bugs Let Remote Users Execute Arbitrary Code and Deny Service
http://www.securitytracker.com/id/1031623
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7932
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7935
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7936
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7944
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7946
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7948
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1346

+ Samba Active Directory Domain Controller Access Control Flaw Lets Remote Authenticated Users Gain Elevated Privileges
http://www.securitytracker.com/id/1031615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143

+ SA62533 Microsoft Windows Flash Player Memory Randomization Security Bypass Vulnerability
http://secunia.com/advisories/62533/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0310

+ Samba CVE-2014-8143 Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/72278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8143

PGConf US 2015 Schedule & Early-Bird Registration Open
http://www.postgresql.org/about/news/1565/

JVNDB-2015-000008 shiromuku(bu2)BBS における任意のファイルを作成される脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000008.html

狙われるWebサイト、改ざんの脅威から守る
第1回 「被害者」なのに「加害者」に
http://itpro.nikkeibp.co.jp/atcl/column/15/011600011/011600001/?ST=security

News & Trend
サイバーセキュリティを全学部で必修に、九大が16年度開始を目指す
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/012200152/?ST=security

最新ウイルス解析レポート
第1回:PC内部のファイルを人質にとるランサムウエア「CryptoWall」
http://itpro.nikkeibp.co.jp/atcl/column/14/121100126/011300002/?ST=security

ヤバイメールの処方箋
(6)PCに山ほどたまったメールは高リスク
http://itpro.nikkeibp.co.jp/atcl/column/15/011300007/011300007/?ST=security

チェックしておきたい脆弱性情報<2015.01.26>
http://itpro.nikkeibp.co.jp/atcl/column/14/268561/011900040/?ST=security

JVN#94502417 shiromuku(bu2)BBS における任意のファイルを作成される脆弱性
http://jvn.jp/jp/JVN94502417/

VU#546340 QPR Portal contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/546340

VU#637068 LabTech contains privilege escalation vulnerability
http://www.kb.cert.org/vuls/id/637068

0 件のコメント:

コメントを投稿