2015年3月13日金曜日

13日 金曜日、大安

+ APSB15-05 Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb15-05.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0332
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0342

+ UPDATE: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle

+ patch 2.7.5 released
http://ftp.gnu.org/gnu/patch/?C=M;O=D

+ HPSBGN03249 rev.1 - HP ArcSight Enterprise Security Manager and Logger, Multiple Remote Vulnerabilities
https://h20565.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04562193&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7885

+ HPSBUX03281 SSRT101968 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
https://h20565.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04583581&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0400
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0403
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0406
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0413

+ Dovecot 2.2.16 released
http://www.dovecot.org/list/dovecot-news/2015-March/000283.html

+ Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
http://cxsecurity.com/issue/WLB-2015030081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0311

+ Google Android Integer Oveflow / Heap Corruption
http://cxsecurity.com/issue/WLB-2015030079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7911

+ REMOTE: Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
http://www.exploit-db.com/exploits/36360

+ SA63378 Hitachi JP1/Cm2/Network Node Manager Apache Tomcat Vulnerabilities
http://secunia.com/advisories/63378/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099

世界初の資格化を目指す、「脆弱性診断士」の取り組みが始まる
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/031000194/?ST=security

REMOTE: ElasticSearch Unauthenticated Remote Code Execution
http://www.exploit-db.com/exploits/36337

0 件のコメント:

コメントを投稿