2017年4月12日水曜日

12日 水曜日、赤口

+ 2017 年 4 月のセキュリティ更新プログラム
https://portal.msrc.microsoft.com/ja-jp/security-guidance/releasenotedetail/42b8fa28-9d09-e711-80d9-000d3a32fc99
CVE-2013-6629
CVE-2017-0058
CVE-2017-0093
CVE-2017-0106
CVE-2017-0155
CVE-2017-0156
CVE-2017-0158
CVE-2017-0159
CVE-2017-0160
CVE-2017-0162
CVE-2017-0163
CVE-2017-0164
CVE-2017-0165
CVE-2017-0166
CVE-2017-0167
CVE-2017-0168
CVE-2017-0169
CVE-2017-0178
CVE-2017-0179
CVE-2017-0180
CVE-2017-0181
CVE-2017-0182
CVE-2017-0183
CVE-2017-0184
CVE-2017-0185
CVE-2017-0186
CVE-2017-0188
CVE-2017-0189
CVE-2017-0191
CVE-2017-0192
CVE-2017-0194
CVE-2017-0195
CVE-2017-0197
CVE-2017-0199
CVE-2017-0200
CVE-2017-0201
CVE-2017-0202
CVE-2017-0203
CVE-2017-0204
CVE-2017-0205
CVE-2017-0207
CVE-2017-0208
CVE-2017-0210
CVE-2017-0211
CVE-2017-2605
CVE-2017-3447

+ RHSA-2017:0892 Important: kernel security and bug fix update
https://rhn.redhat.com/errata/RHSA-2017-0892.html
CVE-2016-7910
CVE-2017-2636

+ RHSA-2017:0893 Important: 389-ds-base security and bug fix update
https://rhn.redhat.com/errata/RHSA-2017-0893.html
CVE-2017-2668

+ APSB17-09 Security update available for Adobe Campaign
https://helpx.adobe.com/security/products/campaign/apsb17-09.html

+ APSB17-10 Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb17-10.html

+ APSB17-11 Security Updates Available for Adobe Acrobat and Reader
https://helpx.adobe.com/security/products/acrobat/apsb17-11.html
CVE-2017-3017
CVE-2017-3018
CVE-2017-3019
CVE-2017-3020
CVE-2017-3021
CVE-2017-3022
CVE-2017-3023
CVE-2017-3024
CVE-2017-3025
CVE-2017-3026
CVE-2017-3027
CVE-2017-3028
CVE-2017-3029
CVE-2017-3030
CVE-2017-3031
CVE-2017-3032
CVE-2017-3033
CVE-2017-3034
CVE-2017-3035
CVE-2017-3036
CVE-2017-3037
CVE-2017-3038
CVE-2017-3039
CVE-2017-3040
CVE-2017-3041
CVE-2017-3042
CVE-2017-3043
CVE-2017-3044
CVE-2017-3045
CVE-2017-3046
CVE-2017-3047
CVE-2017-3048
CVE-2017-3049
CVE-2017-3050
CVE-2017-3051
CVE-2017-3052
CVE-2017-3053
CVE-2017-3054
CVE-2017-3055
CVE-2017-3056
CVE-2017-3057
CVE-2017-3065

+ APSB17-12 Security updates available for Adobe Photoshop CC
https://helpx.adobe.com/security/products/photoshop/apsb17-12.html
CVE-2017-3004
CVE-2017-3005

+ APSB17-13 Security update available for the Creative Cloud Desktop Application
https://helpx.adobe.com/security/products/creative-cloud/apsb17-13.html
CVE-2017-3006
CVE-2017-3007

+ Squid 3.5.25 released
http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.25-RELEASENOTES.html

+ UPDATE: Cisco UCS Director Virtual Machine Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-ucs-director

+ UPDATE: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle

+ SA76225 Microsoft Windows Adobe Flash Multiple Vulnerabilities
https://secuniaresearch.flexerasoftware.com/advisories/76225/
CVE-2017-3058
CVE-2017-3059
CVE-2017-3060
CVE-2017-3061
CVE-2017-3062
CVE-2017-3063
CVE-2017-3064

+ SA73900 Microsoft Windows Server 2016 Multiple Vulnerabilities
https://secuniaresearch.flexerasoftware.com/advisories/73900/
CVE-2013-6629
CVE-2017-0058
CVE-2017-0156
CVE-2017-0158
CVE-2017-0159
CVE-2017-0162
CVE-2017-0163
CVE-2017-0164
CVE-2017-0166
CVE-2017-0167
CVE-2017-0178
CVE-2017-0179
CVE-2017-0180
CVE-2017-0181
CVE-2017-0182
CVE-2017-0183
CVE-2017-0184
CVE-2017-0185
CVE-2017-0186
CVE-2017-0188
CVE-2017-0189
CVE-2017-0191
CVE-2017-0192
CVE-2017-0211

+ SA76226 Microsoft Internet Explorer Multiple Vulnerabilities
https://secuniaresearch.flexerasoftware.com/advisories/76226/
CVE-2017-0201
CVE-2017-0202
CVE-2017-0210

+ SA76228 Microsoft .NET Insecure Library Loading Vulnerability
https://secuniaresearch.flexerasoftware.com/advisories/76228/
CVE-2016-0160

+ JVNVU#98665451 Microsoft OLE2Link オブジェクトに含まれる遠隔データへのリンクに対する不適切な処理
http://jvn.jp/vu/JVNVU98665451/index.html

+ Apache Tomcat 8.x / 9.x Refactoring Information Disclosure
https://cxsecurity.com/issue/WLB-2017040061
CVE-2017-5651

+ Microsoft Outlook Email Processing Flaw Lets Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1038227
CVE-2017-0106
CVE-2017-0204

+ Apache Tomcat Application Listener Facade Object Error Lets Remote Users Modify Data on the Target System
http://www.securitytracker.com/id/1038220
CVE-2017-5648

+ Apache Tomcat HTTP Connector Send File Processing Cache Error Lets Remote Users Obtain Potentially Sensitive Information on the Target System
http://www.securitytracker.com/id/1038219
CVE-2017-5651

+ Apache Tomcat Pipelined Request Send File Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System
http://www.securitytracker.com/id/1038218
CVE-2017-5647

+ Apache Tomcat HTTP/2 GOAWAY Frame Processing Error Lets Remote Users Consume Excessive Resources on the Target System
http://www.securitytracker.com/id/1038217
CVE-2017-5650

VU#334207 DBPOWER U818A WIFI quadcopter drone allows full filesystem permissions to anonymous FTP
https://www.kb.cert.org/vuls/id/334207

JVNDB-2017-000066 サイボウズ Office のAPI に関するサービス運用妨害 (DoS)の脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000066.html

JVNDB-2017-000065 サイボウズ Office のカスタムアプリのテンプレート削除機能におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000065.html

JVNDB-2017-000064 サイボウズ Office のカスタムアプリのファイル書き出し機能におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000064.html

JVNDB-2017-000063 サイボウズ Office のデザイン設定画面におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000063.html

JVNDB-2017-000054 ASSETBASE におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000054.html

UPDATE: JVN#25598952 CS-Cart日本語版におけるアクセス制限不備の脆弱性
http://jvn.jp/jp/JVN25598952/index.html

Mark Shuttleworth says some free software folk are 'deeply anti-social' and 'love to hate'
http://www.linuxsecurity.com/content/view/171167/169/

0 件のコメント:

コメントを投稿