:: IT Security Neophyte Investigator's MEMO ::: 1日火曜日、友引

2015年7月1日水曜日

1日火曜日、友引

+ RHSA-2015:1197 Moderate: openssl security update
https://rhn.redhat.com/errata/RHSA-2015-1197.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000

+ About the security content of QuickTime 7.7.7
https://support.apple.com/ja-jp/HT204947
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3669

+ About the security content of Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7
https://support.apple.com/ja-jp/HT204950
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659

+ About the security content of Mac EFI Security Update 2015-001
https://support.apple.com/ja-jp/HT204934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3693

+ About the security content of OS X Yosemite v10.10.4 and Security Update 2015-005
https://support.apple.com/ja-jp/HT204942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3671
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3675
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3681
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3683
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3691
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3694
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3696
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3699
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3700
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3701
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3706
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3708
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3668
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3714
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3717
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141

+ About the security content of iOS 8.4
https://support.apple.com/ja-jp/HT204941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3694
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3703
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3717
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3728

+ CESA-2015:1194 Moderate CentOS 6 postgresql Security Update
http://lwn.net/Alerts/649791/

+ CESA-2015:1194 Moderate CentOS 7 postgresql Security Update
http://lwn.net/Alerts/649792/

+ CESA-2015:1193 Moderate CentOS 7 xerces-c Security Update
http://lwn.net/Alerts/649793/

+ HS15-025 DoS Vulnerability in Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-025/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293

+ HS15-024 Vulnerability in Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-024/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292

+ HS15-025 Hitachi Web ServerにおけるDoS脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-025/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293

+ HS15-024 Hitachi Web Serverにおける脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-024/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292

+ Apple OS X DRAM "Rowhammer" Memory Bit Flipping Flaw Lets Local Users Gain Root Privileges
http://www.securitytracker.com/id/1032755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3693

+ Apple Safari Bugs Let Remote Users Conduct Cross-Site Scripting, Cross-Site Request Forgery, and SQL Injection Attacks
http://www.securitytracker.com/id/1032754
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727

+ HP-UX 'pppoec' Access Permission Flaw Lets Local Users Gain Root Privileges
http://www.securitytracker.com/id/1032746
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2126

Database .NET v16 released
http://www.postgresql.org/about/news/1594/

JVNDB-2015-000092 OpenEMR における認証回避の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000092.html

JVNDB-2015-000093 Explorer+ File Manager におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000093.html

News ＆ Trend
IP電話乗っ取りで高額請求被害、「通信機器の設定状況を確認」総務省が注意喚起
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/062900288/?ST=security

UPDATE: JVNVU#94598171 Samsung Galaxy S にプリインストールされた SwiftKey が言語パックのアップデートを正しく検証しない脆弱性
http://jvn.jp/vu/JVNVU94598171/

JVN#22677713 OpenEMR における認証回避の脆弱性
http://jvn.jp/jp/JVN22677713/

JVN#77386811 Explorer+ File Manager におけるディレクトリトラバーサルの脆弱性
http://jvn.jp/jp/JVN77386811/

:: IT Security Neophyte Investigator's MEMO ::

2015年7月1日水曜日

1日火曜日、友引

0 件のコメント:

コメントを投稿

2015年7月1日水曜日

1日 火曜日、友引

0 件のコメント:

コメントを投稿

1日火曜日、友引