:: IT Security Neophyte Investigator's MEMO ::: 15日木曜日、仏滅

2016年9月15日木曜日

15日木曜日、仏滅

+ 2016 年 9 月のマイクロソフトセキュリティ情報の概要
https://technet.microsoft.com/ja-jp/library/security/ms16-sep

+ MS16-104 - 緊急 Internet Explorer 用の累積的なセキュリティ更新プログラム (3183038)
https://technet.microsoft.com/library/security/MS16-104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3297
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3375

+ MS16-105 - 緊急 Microsoft Edge 用の累積的なセキュリティ更新プログラム (3183043)
https://technet.microsoft.com/library/security/MS16-105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3297
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3377

+ MS16-106 - 緊急 Microsoft Graphics コンポーネント用のセキュリティ更新プログラム (3185848)
https://technet.microsoft.com/library/security/MS16-106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3349

+ MS16-107 - 緊急 Microsoft Office 用のセキュリティ更新プログラム (3185852)
https://technet.microsoft.com/library/security/MS16-107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3359
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3362
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3363
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3365
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3381

+ MS16-108 - 緊急 Microsoft Exchange Server 用のセキュリティ更新プログラム (3185883)
https://technet.microsoft.com/library/security/MS16-108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3379

+ MS16-109 - 重要 Silverlight 用のセキュリティ更新プログラム (3182373)
https://technet.microsoft.com/library/security/MS16-109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3367

+ MS16-110 - 重要 Microsoft Windows 用のセキュリティ更新プログラム (3178467)
https://technet.microsoft.com/library/security/MS16-110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3346
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3369

+ MS16-111 - 重要 Windows カーネル用のセキュリティ更新プログラム (3186973)
https://technet.microsoft.com/library/security/MS16-111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3306
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3373

+ MS16-112 - 重要 Windows のロック画面用のセキュリティ更新プログラム (3178469)
https://technet.microsoft.com/library/security/MS16-112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3302

+ MS16-113 - 重要 Windows 保護カーネルモード用のセキュリティ更新プログラム (3185876)
https://technet.microsoft.com/library/security/MS16-113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3344

+ MS16-114 - 重要 Windows SMBv1 サーバー用のセキュリティ更新プログラム (3185879)
https://technet.microsoft.com/library/security/MS16-114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3345

+ MS16-115 - 重要 Microsoft Windows PDF ライブラリ用のセキュリティ更新プログラム (3188733)
https://technet.microsoft.com/library/security/MS16-115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3374

+ MS16-116 - 緊急 VBScript スクリプトエンジン用の OLE オートメーションのセキュリティ更新プログラム (3188724)
https://technet.microsoft.com/library/security/MS16-116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3375

+ MS16-117 - 緊急 Adobe Flash Player のセキュリティ更新プログラム (3188128)
https://technet.microsoft.com/library/security/MS16-117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6921
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6923
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6932

+ curl escape and unescape integer overflows
https://curl.haxx.se/docs/adv_20160914.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167

+ RHSA-2016:1847 Important: kernel security, bug fix, and enhancement update
https://rhn.redhat.com/errata/RHSA-2016-1847.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4998

+ About the security content of watchOS 3
https://support.apple.com/ja-jp/HT207141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4719

+ About the security content of Xcode 8
https://support.apple.com/ja-jp/HT207140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4705

+ About the security content of iOS 10.0.1
https://support.apple.com/ja-jp/HT207145

+ About the security content of iOS 10
https://support.apple.com/ja-jp/HT207143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4746
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4749
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4620

+ Google Chrome 53.0.2785.116 released
https://googlechromereleases.blogspot.jp/2016/09/stable-channel-update-for-desktop_14.html

+ Google Chrome 53.0.2785.113 released
https://googlechromereleases.blogspot.jp/2016/09/stable-channel-update-for-desktop_13.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5175

+ Zabbix 3.2.0 released
http://www.zabbix.com/rn3.2.0.php

+ APSB16-31 Security update available for Adobe AIR SDK & Compiler
https://helpx.adobe.com/security/products/air/apsb16-31.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6936

+ APSB16-29 Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6921
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6923
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6927
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6929
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6930
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6931
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6932

+ APSB16-28 Security update available for Adobe Digital Editions
https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4256
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4263

+ VMware Workstation Player 12.5 released
http://pubs.vmware.com/Release_Notes/en/workstation/12player/player-125-release-notes.html?__utma=207178772.702043549.1440547077.1473897507.1473908525.223&__utmb=207178772.1.10.1473908525&__utmc=207178772&__utmx=-&__utmz=207178772.1440547077.1.1.utmcsr=my.vmware.com|utmccn=(referral)|utmcmd=referral|utmcct=/web/vmware/free&__utmv=-&__utmk=112311047

+ Cisco Web Security Appliance HTTP Load Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wsa
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6407

+ Cisco WebEx Meetings Server Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wms
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1483

+ Cisco WebEx Meetings Server Remote Command Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wem
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1482

+ Cisco Unified Computing System Command Line Interface Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ucs
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6402

+ Cisco Fog Director for IOx Arbitrary File Write Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ioxfd
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6405

+ Cisco IOS XR for NCS6000 Series Devices OSPF Packet Processing Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-iosxr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1433

+ Cisco IOS and IOS XE Software Data in Motion Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ios-xe
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6403

+ Cisco IOS and IOS XE Software IOx Local Manager Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-ios
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6404

+ Cisco Carrier Routing System IPv6 Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-crs
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6401

+ UPDATE: Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6

+ curl 7.50.3 released
https://curl.haxx.se/changes.html#7_50_3

+ SA72515 libcURL Multiple Integer Overflow Denial of Service Vulnerabilities
https://secunia.com/advisories/72515/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167

+ SA72509 VMware Workstation Multiple Vulnerabilities
https://secunia.com/advisories/72509/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7084

+ SA72567 VMware Tools Multiple NULL Pointer Dereference Vulnerabilities
https://secunia.com/advisories/72567/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7080

+ MySQL General Query Logging Function Lets Remote Authenticated Users Modify the 'my.cnf' File to Gain Elevated Privileges
http://www.securitytracker.com/id/1036769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6662

VU#667480 AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities
https://www.kb.cert.org/vuls/id/667480

JVNDB-2016-000159 H2O における書式指定文字列に関する脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000159.html

JVNDB-2016-000158 Zend Framework における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000158.html

JVNDB-2016-000157 CS-Cart 用アドオン「Twigmo」における PHP オブジェクトインジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000157.html

マカフィー、個人向けセキュリティ対策ソフトの2017年版を発表--クラウドを活用しゼロデイ攻撃を防御
http://itpro.nikkeibp.co.jp/atcl/news/16/091402690/?ST=security?itp_list_theme

NRIセキュア、成りすましによる不正アクセスを振る舞い検知するソフトを販売
http://itpro.nikkeibp.co.jp/atcl/news/16/091302668/?ST=security?itp_list_theme

:: IT Security Neophyte Investigator's MEMO ::

2016年9月15日木曜日

15日木曜日、仏滅

0 件のコメント:

コメントを投稿

2016年9月15日木曜日

15日 木曜日、仏滅

0 件のコメント:

コメントを投稿

15日木曜日、仏滅