+ MS16-083 - 緊急 Adobe Flash Player のセキュリティ更新プログラム (3167685)
https://technet.microsoft.com/ja-jp/library/security/ms16-083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4123
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4171
+ psqlodbc 09.05.0300 released
https://www.postgresql.org/ftp/odbc/versions/msi/
+ CESA-2016:1237 Important CentOS 6 ImageMagick Security Update
http://lwn.net/Alerts/691792/
+ CESA-2016:1237 Important CentOS 7 ImageMagick Security Update
http://lwn.net/Alerts/691793/
+ CESA-2016:1217 Critical CentOS 7 firefox Security Update
http://lwn.net/Alerts/691791/
+ CESA-2016:1217 Critical CentOS 6 firefox Security Update
http://lwn.net/Alerts/691789/
+ CESA-2016:1217 Critical CentOS 5 firefox Security Update
http://lwn.net/Alerts/691790/
+ Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1424
+ Cisco cBR-8 Series Converged Broadband Router SNMP Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-cbr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1432
+ Cisco Firepower Management Center Persistent Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160617-fmc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1431
+ Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1425
+ Cisco IOS Software Link Layer Discovery Protocol Processing Code Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160616-ios1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1425
+ Samba 4.2.13 Available for Download
https://www.samba.org/samba/history/samba-4.2.13.html
+ Apache Struts 2.5.1, 2.3.29 released
http://struts.apache.org/announce.html#a20160618
http://struts.apache.org/announce.html#a20160617
+ S2-035 Action name clean up is error prone
http://struts.apache.org/docs/s2-035.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4436
+ S2-036 Forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution (similar to S2-029)
http://struts.apache.org/docs/s2-036.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0785
+ S2-037 Remote Code Execution can be performed when using REST Plugin.
http://struts.apache.org/docs/s2-037.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4438
+ S2-038 It is possible to bypass token validation and perform a CSRF attack
http://struts.apache.org/docs/s2-038.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4430
+ S2-039 Getter as action method leads to security bypass
http://struts.apache.org/docs/s2-039.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4433
+ S2-040 Input validation bypass using existing default action method.
http://struts.apache.org/docs/s2-040.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4431
+ S2-041 Possible DoS attack when using URLValidator
http://struts.apache.org/docs/s2-041.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4465
+ UPDATE: JVNVU#99609116 Adobe Flash Player にメモリ破損の脆弱性
http://jvn.jp/vu/JVNVU99609116/index.html
+ Microsoft Edge/Internet Explorer Certificate Error Url Spoofing (MS16-009/MS16-011)
https://cxsecurity.com/issue/WLB-2016060116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0077
+ Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion
https://cxsecurity.com/issue/WLB-2016060139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0199
0 件のコメント:
コメントを投稿