+ 2016 年 3 月のマイクロソフト セキュリティ情報の概要
https://technet.microsoft.com/ja-jp/library/security/ms16-mar
+ MS16-023 - 緊急 Internet Explorer 用の累積的なセキュリティ更新プログラム (3142015)
https://technet.microsoft.com/library/security/MS16-023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0114
+ MS16-024 - 緊急 Microsoft Edge 用の累積的なセキュリティ更新プログラム (3142019)
https://technet.microsoft.com/library/security/MS16-024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0123
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0130
+ MS16-025 - 重要 リモートでのコード実行に対処する Windows ライブラリの読み込み用のセキュリティ更新プログラム (3140709)
https://technet.microsoft.com/library/security/MS16-025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0100
+ MS16-026 - 緊急 リモートでのコード実行に対処するグラフィック フォント用のセキュリティ更新プログラム (3143148)
https://technet.microsoft.com/ja-jp/library/security/ms16-026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0121
+ MS16-027 - 緊急 リモートでのコード実行に対処する Windows Media 用のセキュリティ更新プログラム (3143146)
https://technet.microsoft.com/ja-jp/library/security/ms16-027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0098
+ MS16-028 - 緊急 リモートでのコード実行に対処する Microsoft Windows PDF ライブラリ用のセキュリティ更新プログラム (3143081)
https://technet.microsoft.com/ja-jp/library/security/ms16-028
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0118
+ MS16-029 - 重要 リモートでのコード実行に対処する Microsoft Office 用のセキュリティ更新プログラム (3141806)
https://technet.microsoft.com/library/security/MS16-029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0057
+ MS16-030 - 重要 リモートでのコード実行に対処する Windows OLE 用のセキュリティ更新プログラム (3143136)
https://technet.microsoft.com/ja-jp/library/security/ms16-030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0092
+ MS16-031 - 重要 特権の昇格に対処する Microsoft Windows 用のセキュリティ更新プログラム (3140410)
https://technet.microsoft.com/ja-jp/library/security/ms16-031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0087
+ MS16-032 - 重要 特権の昇格に対処するセカンダリ ログオン用のセキュリティ更新プログラム (3143141)
https://technet.microsoft.com/ja-jp/library/security/ms16-032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0099
+ MS16-033 - 重要 特権の昇格に対処する Windows USB 大容量記憶域クラス ドライバー用のセキュリティ更新プログラム (3143142)
https://technet.microsoft.com/ja-jp/library/security/ms16-033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0133
+ MS16-034 - 重要 特権の昇格に対処する Windows カーネル モード ドライバー用のセキュリティ更新プログラム (3143145)
https://technet.microsoft.com/ja-jp/library/security/ms16-034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0096
+ MS16-035 - 重要 セキュリティ機能のバイパスに対処する .NET Framework 用のセキュリティ更新プログラム (3141780)
https://technet.microsoft.com/library/security/MS16-035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0132
+ Moziila Firefox 45.0 released
https://www.mozilla.org/en-US/firefox/45.0/releasenotes/
+ MFSA 2016-37 Font vulnerabilities in the Graphite 2 library
https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
+ MFSA 2016-36 Use-after-free during processing of DER encoded keys in NSS
https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
+ MFSA 2016-35 Buffer overflow during ASN.1 decoding in NSS
https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
+ MFSA 2016-34 Out-of-bounds read in HTML parser following a failed allocation
https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
+ MFSA 2016-33 Use-after-free in GetStaticInstance in WebRTC
https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1973
+ MFSA 2016-32 WebRTC and LibVPX vulnerabilities found through code inspection
https://www.mozilla.org/en-US/security/advisories/mfsa2016-32/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1972
+ MFSA 2016-31 Memory corruption with malicious NPAPI plugin
https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
+ MFSA 2016-30 Buffer overflow in Brotli decompression
https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1968
+ MFSA 2016-29 Same-origin policy violation using perfomance.getEntries and history navigation with session restore
https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1967
+ MFSA 2016-28 Addressbar spoofing though history navigation and Location protocol property
https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
+ MFSA 2016-27 Use-after-free during XML transformations
https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
+ MFSA 2016-26 Memory corruption when modifying a file being read by FileReader
https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1963
+ MFSA 2016-25 Use-after-free when using multiple WebRTC data channels
https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
+ MFSA 2016-24 Use-after-free in SetBody
https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
+ MFSA 2016-23 Use-after-free in HTML5 string parser
https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
+ MFSA 2016-22 Service Worker Manager out-of-bounds read in Service Worker Manager
https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1959
+ MFSA 2016-21 Displayed page address can be overridden
https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
+ MFSA 2016-20 Memory leak in libstagefright when deleting an array during MP4 processing
https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
+ MFSA 2016-19 Linux video memory DOS with Intel drivers
https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1956
+ MFSA 2016-18 CSP reports fail to strip location information for embedded iframe pages
https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1955
+ MFSA 2016-17 Local file overwriting and potential privilege escalation through CSP reports
https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
+ MFSA 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1953
+ APSB16-09 Security Updates Available for Adobe Acrobat and Reader
https://helpx.adobe.com/security/products/acrobat/apsb16-09.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1009
+ APSB16-06 Security update available for Adobe Digital Editions
https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0954
+ UPDATE: Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n3k
+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl
+ Samba 4.3.6, 4.2.9, 4.1.23 released
https://www.samba.org/samba/history/samba-4.3.6.html
https://www.samba.org/samba/history/samba-4.2.9.html
https://www.samba.org/samba/history/samba-4.1.23.html
+ CVE-2016-2774: An attacker who is allowed to connect to DHCP inter-server communications and control channels can exhaust server resources
https://kb.isc.org/article/AA-01354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2774
+ JVNVU#96567499 ISC DHCP にサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/vu/JVNVU96567499/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2774
+ DHCP IPC Connection Management Flaw Lets Remote Users on the Local Network Consume Excessive Resources on the Target System
http://www.securitytracker.com/id/1035196
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2774
UPDATE: JVNVU#91475438 Internet Key Exchange (IKEv1, IKEv2) が DoS 攻撃の踏み台として使用される問題
http://jvn.jp/vu/JVNVU91475438/index.html
0 件のコメント:
コメントを投稿