+ MS15-078 - 緊急 Microsoft フォント ドライバーの脆弱性により、リモートでコードが実行される (3079904)
https://technet.microsoft.com/ja-jp/library/security/ms15-078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2426
+ RHSA-2015:1455 Important: thunderbird security update
https://rhn.redhat.com/errata/RHSA-2015-1455.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2741
+ RHSA-2015:1443 Important: bind security update
https://rhn.redhat.com/errata/RHSA-2015-1443.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4620
+ phpMyAdmin 4.4.12 released
https://www.phpmyadmin.net/files/4.4.12/
+ UPDATE: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150710-openssl
+ HPSBGN03381 rev.1 - HP Service Manager with TLS/Diffie-Hellman Export Ciphersuite, Remote Unauthorized Modification
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04748615&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
+ HPSBGN03383 rev.1 - HP Asset Manager with TLS/Diffie-Hellman Export Ciphersuite, Remote Unauthorized Modification
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04748838&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
+ HPSBMU03382 rev.1 - HP Systems Insight Manager on Linux affected by VENOM, Execution of Arbitrary Code, Denial of Service (DoS)
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04748720&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456
+ HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities
https://h20566.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04746490&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9427
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0208
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2134
+ UPDATE: Oracle Solaris Third Party Bulletin - July 2015
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
+ Sudo 1.8.14p1 released
http://www.sudo.ws/stable.html#1.8.14p1
+ JVNDB-2015-000101 Windows 版 PHP における OS コマンドインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000101.html
+ UPDATE: JVNVU#92689788 Windows の Adobe Type Manager モジュールに特権昇格の脆弱性
http://jvn.jp/vu/JVNVU92689788/index.html
+ Windows Adobe Type Manager Library OpenFont File Processing Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1032991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2426
+ Apache Struts Incorrect Default 'excludeParams' Configuration Lets Remote Users Bypass Security Restrictions
http://www.securitytracker.com/id/1032985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1831
+ Apache Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1032967
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
+ OpenSSH keyboard-interactive authentication brute force vulnerability (MaxAuthTries bypass)
http://cxsecurity.com/issue/WLB-2015070097
New ODBC Driver for PostgreSQL
http://www.postgresql.org/about/news/1598/
記者の眼
年金情報流出問題、次はあなた
http://itpro.nikkeibp.co.jp/atcl/watcher/14/334361/061700297/?ST=security
美人研究員は見た! ビジネスメール事件簿
外出先でのメールは、誰かに見られている!?――「ビジネスメール実態調査2015」
http://itpro.nikkeibp.co.jp/atcl/column/14/537680/071400029/?ST=security
【ITpro編集長日記】
役員はメールに気を付けよう
http://itpro.nikkeibp.co.jp/atcl/column/14/509445/071700270/?ST=security
「役員の標的型メール開封率は1.5倍、開封前提の対策を」、NRIセキュア
http://itpro.nikkeibp.co.jp/atcl/news/15/071702409/?ST=security
VU#912036 N-Able RSMWinService contains hard coded security constants allowing decryption of domain administrator password
http://www.kb.cert.org/vuls/id/912036
VU#813631 Total Commander File Info plugin vulnerable to denial of service via an out-of-bounds read
http://www.kb.cert.org/vuls/id/813631
0 件のコメント:
コメントを投稿