2016年12月14日水曜日

14日 水曜日、友引

















+ 2016 年 12 月のマイクロソフト セキュリティ情報の概要
https://technet.microsoft.com/ja-jp/library/security/ms16-dec

+ MS16-144 - 緊急 Internet Explorer 用の累積的なセキュリティ更新プログラム (3204059)
https://technet.microsoft.com/library/security/ms16-144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7287

+ MS16-145 - 緊急 Microsoft Edge 用の累積的なセキュリティ更新プログラム (3204062)
https://technet.microsoft.com/library/security/ms16-145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7297
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7281

+ MS16-146 - 緊急 Microsoft Graphics コンポーネント用のセキュリティ更新プログラム (3204066)
https://technet.microsoft.com/library/security/ms16-146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7273

+ MS16-147 - 緊急 Microsoft Uniscribe 用のセキュリティ更新プログラム (3204063)
https://technet.microsoft.com/library/security/ms16-147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7274

+ MS16-148 - 緊急 Microsoft Office 用のセキュリティ更新プログラム (3204068)
https://technet.microsoft.com/library/security/ms16-148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7262
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7264
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7265
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7300

+ MS16-149 - 重要 Microsoft Windows 用のセキュリティ更新プログラム (3205655)
https://technet.microsoft.com/library/security/ms16-149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7292

+ MS16-150 - 重要 保護カーネル モード用のセキュリティ更新プログラム (3205642)
https://technet.microsoft.com/library/security/ms16-150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7271

+ MS16-151 - 重要 Windows カーネルモード ドライバー用のセキュリティ更新プログラム (3205651)
https://technet.microsoft.com/library/security/ms16-151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7260

+ MS16-152 - 重要 Windows カーネル用のセキュリティ更新プログラム (3199709)
https://technet.microsoft.com/library/security/ms16-152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7258

+ MS16-153 - 重要 共通ログ ファイル システム ドライバーのセキュリティ更新プログラム (3207328)
https://technet.microsoft.com/library/security/ms16-153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7295

+ MS16-154 - 緊急 Adobe Flash Player のセキュリティ更新プログラム (3209498)
https://technet.microsoft.com/library/security/ms16-154

+ MS16-155 - 重要 .NET Framework 用のセキュリティ更新プログラム (3205640)
https://technet.microsoft.com/library/security/ms16-155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7270

+ Mozilla Firefox 50.1.0 released
https://www.mozilla.org/en-US/firefox/50.1.0/releasenotes/

+ MFSA2016-94 Security vulnerabilities fixed in Firefox 50.1
https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893

+ APSB16-46 Security update available for RoboHelp
https://helpx.adobe.com/security/products/robohelp/apsb16-46.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7891

+ APSB16-45 Security update available for Adobe Digital Editions
https://helpx.adobe.com/security/products/Digital-Editions/apsb16-45.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7889

+ APSB16-44 Security update available for ColdFusion Builder
https://helpx.adobe.com/security/products/coldfusion/apsb16-44.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7887

+ APSB16-43 Security updates available for InDesign
https://helpx.adobe.com/security/products/indesign/apsb16-43.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7886

+ APSB16-42 Security updates available for Adobe Experience Manager
https://helpx.adobe.com/security/products/experience-manager/apsb16-42.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7885

+ APSB16-41 Security update available for the Adobe DNG Converter
https://helpx.adobe.com/security/products/dng-converter/apsb16-41.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7856

+ APSB16-40 Security updates available for Adobe Experience Manager Forms
https://helpx.adobe.com/security/products/aem-forms/apsb16-40.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6933
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6934

+ APSB16-39 Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7873
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7875
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7877
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7892

+ APSB16-38 Security update available for Adobe Animate
https://helpx.adobe.com/security/products/animate/apsb16-38.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7866

+ About the security content of watchOS 3.1.1
https://support.apple.com/ja-jp/HT207426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7626

+ About the security content of tvOS 10.1
https://support.apple.com/ja-jp/HT207425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7626

+ About the security content of iOS 10.2
https://support.apple.com/ja-jp/HT207422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7634
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7665
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7601
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4689
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7597

+ VU#535111 McAfee VirusScan Enterprise for Windows is vulnerable to denial of service or code execution
https://www.kb.cert.org/vuls/id/535111

+ JVNVU#97321122 Apache Tomcat に情報漏えいの脆弱性
http://jvn.jp/vu/JVNVU97321122/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745

+ JVNVU#93979172 複数の Apple 製品における脆弱性に対するアップデート
http://jvn.jp/vu/JVNVU93979172/index.html

+ JVNVU#90572729 McAfee Virus Scan Enterprise に複数の脆弱性
http://jvn.jp/vu/JVNVU90572729/index.html

+ PHP 7.0.13 Use After Free unserialize() PoC
https://cxsecurity.com/issue/WLB-2016120073
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936

+ Apache Tomcat NIO HTTP Connector Cache Bug Lets Remote Users Obtain Potentially Sensitive Information from Other User Requests
http://www.securitytracker.com/id/1037432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745

+ PHP 'ext/wddx/wddx.c' Denial of Service Vulnerability
http://www.securityfocus.com/bid/94846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935

+ PHP 'ext/standard/var.c' Incomplete Fix Use After Free Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/94849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9936

+ PHP 'ext/wddx/wddx.c' NULL pointer Dereference Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/94845
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934

+ Apache Tomcat CVE-2016-8745 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/94828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745

VU#779243 EpubCheck 4.0.1 contains a XML external entity processing vulnerability
https://www.kb.cert.org/vuls/id/779243

JVNDB-2016-000245 Apache ActiveMQ におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000245.html

Elite x3は本当に「ビジネスモバイル」か?
スマートフォンがWindowsなら同じActive Directoryで認証できる
http://itpro.nikkeibp.co.jp/atcl/column/16/120600292/121200004/?ST=security&itp_list_theme

IoTウイルスの脅威
ハニーポットで判明、IoTウイルスの恐るべき挙動
http://itpro.nikkeibp.co.jp/atcl/column/16/112900283/112900003/?ST=security&itp_list_theme

マイナンバーカード管理システムの不具合、5社コンソーシアムに損害賠償計1億9450万円を請求
http://itpro.nikkeibp.co.jp/atcl/news/16/121303716/?ST=security&itp_list_theme

0 件のコメント:

コメントを投稿