ソフト名:Stunnel 4.40/4.41
回避策:4.42へのアップデートにて対応
脆弱性:DoS攻撃, システムアクセス, ヒープメモリ破壊, 不特定のエラー
ソース:
CVE:CVE-2011-2940
危険性:High Risk
2011-07-26
CA Gateway Security, CA Total Defense
ソフト名:CA Gateway Security (formerly CA Secure Content Manager) 8.1.0.69未満, CA Total Defense 12.x
回避策:RO32642にて対応
脆弱性:システムアクセス, 不正HTTPのリクエスト, ヒープメモリ破壊, ローカルコード実行
CVE:CVE-2011-2667
危険性:Medium Risk
2011-05-18
Red Hat Fedora
ソフト名:Red Hat Fedora 14 (Tor 0.2.1.29未満)
回避策:FEDORA-2011-0642にて対応
脆弱性:機密情報の奪取, DoS攻撃, システムアクセス, 不特定のエラー, ヒープメモリ破壊
CVE:CVE-2011-0015, CVE-2011-0016, CVE-2011-0427, CVE-2011-0490, CVE-2011-0491, CVE-2011-0492, CVE-2011-0493
危険性:High Risk
2011-04-08
Debian GNU/Linux
ソフト名:Debian GNU/Linux 5.0 (VLC media player 1.1.6.1以下)
回避策:DSA-2211-1にて対応
脆弱性:システムアクセス, バッファオーバーフロー, 無効なメモリアクセス, 解放後使用エラー, リモートコード実行, ヒープメモリ破壊, バウンダリエラー, 入力検証エラー
CVE:CVE-2010-1441, CVE-2010-1442, CVE-2011-0522, CVE-2011-0531
危険性:High Risk
2011-03-23
Novell SUSE Linux Enterprise Server
ソフト名:Novell SUSE Linux Enterprise Server (SLES) 10/11 (JAVA 1.6.0-IBM)
回避策:SUSE-SU-2011:0206-1にて対応
脆弱性:機密情報の奪取, データ操作, DoS攻撃, 無限ループ, 入力検証エラー, ヒープメモリ破壊, リモートコード実行, 貼り付け操作強制
CVE:CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4471, CVE-2010-4473, CVE-2010-4475, CVE-2010-4476
危険性:High Risk
2011-03-22
Red Hat Enterprise Linux
ソフト名:Red Hat Enterprise Linux Extras v. 4/Desktop Supplementary (v. 5 client)/Supplementary (v. 5 server)/Desktop Supplementary (v. 6)/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6)
回避策:RHSA-2011:0364-1にて対応
脆弱性:機密情報の奪取, データ操作, DoS攻撃, 無限ループ, リモートコード実行, ヒープメモリ破壊, 貼り付け操作強制
ソース:http://www.redhat.com/
http://www.redhat.com/rhel/details/features/
https://rhn.redhat.com/errata/RHSA-2011-0364.html
http://secunia.com/advisories/c/
http://secunia.com/advisories/43809/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475
CVE:CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4468, CVE-2010-4471, CVE-2010-4473, CVE-2010-4475
危険性:High Risk
回避策:RHSA-2011:0364-1にて対応
脆弱性:機密情報の奪取, データ操作, DoS攻撃, 無限ループ, リモートコード実行, ヒープメモリ破壊, 貼り付け操作強制
ソース:http://www.redhat.com/
http://www.redhat.com/rhel/details/features/
https://rhn.redhat.com/errata/RHSA-2011-0364.html
http://secunia.com/advisories/c/
http://secunia.com/advisories/43809/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475
CVE:CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4468, CVE-2010-4471, CVE-2010-4473, CVE-2010-4475
危険性:High Risk
2011-03-18
Red Hat Enterprise Linux Extras
ソフト名:Red Hat Enterprise Linux Extras v. 4/Supplementary (v. 5 server)/Supplementary (v. 5 client)/Desktop Supplementary (v. 6)/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6) (Sun JAVA 1.6.0 ibm))
回避策:RHSA-2011:0357-1にて対応
脆弱性:データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 無限ループ, リモートコード実行, ヒープメモリ破壊, 貼り付け操作強制, データの曝露
ソース:http://www.redhat.com/
http://www.redhat.com/rhel/details/features/
https://rhn.redhat.com/errata/RHSA-2011-0357.html
http://secunia.com/advisories/43262/
http://secunia.com/advisories/43657/
http://dvw-j.blogspot.com/2011/02/sun-java-ibm-java-ibm-websphere.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475
CVE:CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4471, CVE-2010-4473, CVE-2010-4475
危険性:High Risk
回避策:RHSA-2011:0357-1にて対応
脆弱性:データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 無限ループ, リモートコード実行, ヒープメモリ破壊, 貼り付け操作強制, データの曝露
ソース:http://www.redhat.com/
http://www.redhat.com/rhel/details/features/
https://rhn.redhat.com/errata/RHSA-2011-0357.html
http://secunia.com/advisories/43262/
http://secunia.com/advisories/43657/
http://dvw-j.blogspot.com/2011/02/sun-java-ibm-java-ibm-websphere.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4475
CVE:CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4471, CVE-2010-4473, CVE-2010-4475
危険性:High Risk
2011-03-11
Apple Safari, Apple iOS, Apple TV
ソフト名:Apple Safari 5.0.4未満, Apple iOS 4.3未満 (and iPad , iPod touch), Apple TV 4.2未満
回避策:アップデートにて対応
脆弱性:XSS, スプーフィング攻撃, 機密情報の奪取, システムアクセス, ヒープメモリ破壊, インデックスエラー, バッファオーバーフロー, バウンダリエラー, 解放後使用エラー, CSS挿入, Webキャッシュ汚染, ファイル操作, 不正HTMLの実行, スクリプトコード実行
ソース:http://www.apple.com/safari/
http://www.apple.com/ios/
http://www.apple.com/ipad/ios4/
http://www.apple.com/ipodtouch/
http://www.apple.com/appletv/
http://support.apple.com/kb/HT4564
http://support.apple.com/kb/HT4565
http://support.apple.com/kb/HT4566
http://secunia.com/advisories/40110/
http://secunia.com/advisories/41738/
http://secunia.com/advisories/43582/
http://secunia.com/advisories/43593/
http://secunia.com/advisories/43696/
http://secunia.com/advisories/43697/
http://secunia.com/advisories/43698/
http://dvw-j.blogspot.com/2011/03/libtiff-red-hat-desktop-red-hat.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0123
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
CVE:CVE-2010-1205, CVE-2010-1792, CVE-2010-1824, CVE-2010-2249, CVE-2010-3855, CVE-2010-4008, CVE-2010-4494, CVE-2011-0111, CVE-2011-0112, CVE-2011-0113, CVE-2011-0114, CVE-2011-0115, CVE-2011-0116, CVE-2011-0117, CVE-2011-0118, CVE-2011-0119, CVE-2011-0120, CVE-2011-0121, CVE-2011-0122, CVE-2011-0123, CVE-2011-0124, CVE-2011-0125, CVE-2011-0126, CVE-2011-0127, CVE-2011-0128, CVE-2011-0129, CVE-2011-0130, CVE-2011-0131, CVE-2011-0132, CVE-2011-0133, CVE-2011-0134, CVE-2011-0135, CVE-2011-0136, CVE-2011-0137, CVE-2011-0138, CVE-2011-0139, CVE-2011-0140, CVE-2011-0141, CVE-2011-0142, CVE-2011-0143, CVE-2011-0144, CVE-2011-0145, CVE-2011-0146, CVE-2011-0147, CVE-2011-0148, CVE-2011-0149, CVE-2011-0150, CVE-2011-0151, CVE-2011-0152, CVE-2011-0153, CVE-2011-0154, CVE-2011-0155, CVE-2011-0156, CVE-2011-0157, CVE-2011-0158, CVE-2011-0159, CVE-2011-0160, CVE-2011-0161, CVE-2011-0162, CVE-2011-0163, CVE-2011-0164, CVE-2011-0165, CVE-2011-0166, CVE-2011-0167, CVE-2011-0168, CVE-2011-0169, CVE-2011-0170, CVE-2011-0191, CVE-2011-0192
危険性:High Risk
回避策:アップデートにて対応
脆弱性:XSS, スプーフィング攻撃, 機密情報の奪取, システムアクセス, ヒープメモリ破壊, インデックスエラー, バッファオーバーフロー, バウンダリエラー, 解放後使用エラー, CSS挿入, Webキャッシュ汚染, ファイル操作, 不正HTMLの実行, スクリプトコード実行
ソース:http://www.apple.com/safari/
http://www.apple.com/ios/
http://www.apple.com/ipad/ios4/
http://www.apple.com/ipodtouch/
http://www.apple.com/appletv/
http://support.apple.com/kb/HT4564
http://support.apple.com/kb/HT4565
http://support.apple.com/kb/HT4566
http://secunia.com/advisories/40110/
http://secunia.com/advisories/41738/
http://secunia.com/advisories/43582/
http://secunia.com/advisories/43593/
http://secunia.com/advisories/43696/
http://secunia.com/advisories/43697/
http://secunia.com/advisories/43698/
http://dvw-j.blogspot.com/2011/03/libtiff-red-hat-desktop-red-hat.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0117
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0123
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0140
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0142
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0146
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0192
CVE:CVE-2010-1205, CVE-2010-1792, CVE-2010-1824, CVE-2010-2249, CVE-2010-3855, CVE-2010-4008, CVE-2010-4494, CVE-2011-0111, CVE-2011-0112, CVE-2011-0113, CVE-2011-0114, CVE-2011-0115, CVE-2011-0116, CVE-2011-0117, CVE-2011-0118, CVE-2011-0119, CVE-2011-0120, CVE-2011-0121, CVE-2011-0122, CVE-2011-0123, CVE-2011-0124, CVE-2011-0125, CVE-2011-0126, CVE-2011-0127, CVE-2011-0128, CVE-2011-0129, CVE-2011-0130, CVE-2011-0131, CVE-2011-0132, CVE-2011-0133, CVE-2011-0134, CVE-2011-0135, CVE-2011-0136, CVE-2011-0137, CVE-2011-0138, CVE-2011-0139, CVE-2011-0140, CVE-2011-0141, CVE-2011-0142, CVE-2011-0143, CVE-2011-0144, CVE-2011-0145, CVE-2011-0146, CVE-2011-0147, CVE-2011-0148, CVE-2011-0149, CVE-2011-0150, CVE-2011-0151, CVE-2011-0152, CVE-2011-0153, CVE-2011-0154, CVE-2011-0155, CVE-2011-0156, CVE-2011-0157, CVE-2011-0158, CVE-2011-0159, CVE-2011-0160, CVE-2011-0161, CVE-2011-0162, CVE-2011-0163, CVE-2011-0164, CVE-2011-0165, CVE-2011-0166, CVE-2011-0167, CVE-2011-0168, CVE-2011-0169, CVE-2011-0170, CVE-2011-0191, CVE-2011-0192
危険性:High Risk
Apple Mac OS X, Red Hat JBoss Enterprise
ソフト名:Apple Mac OS X, Red Hat JBoss Enterprise SOA Platform/Portal Platform 4.x/5.x
回避策:アップデートにて対応, RHSA-2011:0333-1, RHSA-2011:0334-1にて対応
脆弱性:データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 無限ループ, リモートコード実行, 入力検証エラー, ヒープメモリ破壊, クリップボード脆弱性
ソース:http://www.apple.com/macosx/
http://www.jboss.com/products/platforms/soa/
http://www.jboss.com/products/platforms/portals/
http://support.apple.com/kb/HT4562
http://support.apple.com/kb/HT4563
https://rhn.redhat.com/errata/RHSA-2011-0333.html
https://rhn.redhat.com/errata/RHSA-2011-0334.html
http://secunia.com/advisories/43262/
http://secunia.com/advisories/43574/
http://secunia.com/advisories/43704/
http://secunia.com/advisories/43705/
http://dvw-j.blogspot.com/2011/02/sun-java-ibm-java-ibm-websphere.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476
CVE:CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4476
危険性:High Risk
回避策:アップデートにて対応, RHSA-2011:0333-1, RHSA-2011:0334-1にて対応
脆弱性:データ操作, 機密情報の奪取, DoS攻撃, システムアクセス, 無限ループ, リモートコード実行, 入力検証エラー, ヒープメモリ破壊, クリップボード脆弱性
ソース:http://www.apple.com/macosx/
http://www.jboss.com/products/platforms/soa/
http://www.jboss.com/products/platforms/portals/
http://support.apple.com/kb/HT4562
http://support.apple.com/kb/HT4563
https://rhn.redhat.com/errata/RHSA-2011-0333.html
https://rhn.redhat.com/errata/RHSA-2011-0334.html
http://secunia.com/advisories/43262/
http://secunia.com/advisories/43574/
http://secunia.com/advisories/43704/
http://secunia.com/advisories/43705/
http://dvw-j.blogspot.com/2011/02/sun-java-ibm-java-ibm-websphere.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4469
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4470
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4471
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4476
CVE:CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4476
危険性:High Risk
2011-02-18
Debian GNU/Linux
ソフト名:Debian GNU/Linux 5.0
回避策:DSA-2165-1にて対応
脆弱性:DoS攻撃, システムアクセス, クラッシュ, ゼロ除算エラー, ヒープメモリ破壊, リモートコード実行
ソース:http://www.debian.org/
http://lists.debian.org/debian-security-announce/2011/msg00031.html
http://secunia.com/advisories/38643/
http://secunia.com/advisories/41626/
http://secunia.com/advisories/43197/
http://secunia.com/advisories/43323/
http://dvw-j.blogspot.com/2011/02/ffmpeg.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4705
CVE:CVE-2010-3429, CVE-2010-4704, CVE-2010-4705
危険性:Medium Risk
回避策:DSA-2165-1にて対応
脆弱性:DoS攻撃, システムアクセス, クラッシュ, ゼロ除算エラー, ヒープメモリ破壊, リモートコード実行
ソース:http://www.debian.org/
http://lists.debian.org/debian-security-announce/2011/msg00031.html
http://secunia.com/advisories/38643/
http://secunia.com/advisories/41626/
http://secunia.com/advisories/43197/
http://secunia.com/advisories/43323/
http://dvw-j.blogspot.com/2011/02/ffmpeg.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4705
CVE:CVE-2010-3429, CVE-2010-4704, CVE-2010-4705
危険性:Medium Risk
2011-01-19
Tor, Debian GNU/Linux
ソフト名:Tor 0.2.1.29未満, Debian GNU/Linux 5.0
回避策:アップデートにて対応, DSA-2148-1にて対応
脆弱性:機密情報の奪取, DoS攻撃, 不正アクセス, 不特定のエラー, ヒープメモリ破壊
ソース:http://www.torproject.org/
http://www.debian.org/
http://blog.torproject.org/blog/tor-02129-released-security-patches
https://trac.torproject.org/projects/tor/ticket/2324
https://trac.torproject.org/projects/tor/ticket/2385
http://www.us.debian.org/security/2011/dsa-2148
http://secunia.com/advisories/42905/
http://secunia.com/advisories/42907/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0427
CVE:CVE-2011-0427
危険性:High Risk
回避策:アップデートにて対応, DSA-2148-1にて対応
脆弱性:機密情報の奪取, DoS攻撃, 不正アクセス, 不特定のエラー, ヒープメモリ破壊
ソース:http://www.torproject.org/
http://www.debian.org/
http://blog.torproject.org/blog/tor-02129-released-security-patches
https://trac.torproject.org/projects/tor/ticket/2324
https://trac.torproject.org/projects/tor/ticket/2385
http://www.us.debian.org/security/2011/dsa-2148
http://secunia.com/advisories/42905/
http://secunia.com/advisories/42907/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0427
CVE:CVE-2011-0427
危険性:High Risk
2011-01-07
Red Hat Fedora
ソフト名:Red Hat Fedora 13/14
回避策:アップデート, FEDORA-2010-19022, FEDORA-2010-19033にて対応
脆弱性:DoS攻撃, バッファオーバーフロー, 整数オーバーフロー, アプリケーションのクラッシュ, ヒープメモリ破壊, CPUリソースの浪費
ソース:https://fedoraproject.org/wiki/F13_one_page_release_notes
http://fedoraproject.org/
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://secunia.com/advisories/23916/
http://secunia.com/advisories/25855/
http://secunia.com/advisories/42813/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3478
CVE:CVE-2007-0455, CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
危険性:Medium Risk
回避策:アップデート, FEDORA-2010-19022, FEDORA-2010-19033にて対応
脆弱性:DoS攻撃, バッファオーバーフロー, 整数オーバーフロー, アプリケーションのクラッシュ, ヒープメモリ破壊, CPUリソースの浪費
ソース:https://fedoraproject.org/wiki/F13_one_page_release_notes
http://fedoraproject.org/
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html
http://secunia.com/advisories/23916/
http://secunia.com/advisories/25855/
http://secunia.com/advisories/42813/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3474
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3476
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3478
CVE:CVE-2007-0455, CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
危険性:Medium Risk
2010-12-17
Red Hat Desktop, Red Hat Enterprise Linux
ソフト名:Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4
回避策:RHSA-2010:0981-1にて対応
脆弱性:不正アクセス, メモリ破壊, アドレス開放エラー, バッファオーバーフロー, メモリアロケーションエラー, 整数オーバーフロー, ヒープメモリ破壊, ActiveXスクリプトのダウンロード, ActiveXスクリプトの実行, バウンダリエラー
ソース:http://www.redhat.com/rhel/desktop/
http://www.redhat.com/rhel/
http://rhn.redhat.com/errata/RHSA-2010-0981.html
http://secunia.com/advisories/42532/
http://secunia.com/advisories/42565/
http://dvw-j.blogspot.com/2010/12/realplayer.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4392
CVE:CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379, CVE-2010-4382, CVE-2010-4383, CVE-2010-4384, CVE-2010-4385, CVE-2010-4386, CVE-2010-4392
危険性:High Risk
回避策:RHSA-2010:0981-1にて対応
脆弱性:不正アクセス, メモリ破壊, アドレス開放エラー, バッファオーバーフロー, メモリアロケーションエラー, 整数オーバーフロー, ヒープメモリ破壊, ActiveXスクリプトのダウンロード, ActiveXスクリプトの実行, バウンダリエラー
ソース:http://www.redhat.com/rhel/desktop/
http://www.redhat.com/rhel/
http://rhn.redhat.com/errata/RHSA-2010-0981.html
http://secunia.com/advisories/42532/
http://secunia.com/advisories/42565/
http://dvw-j.blogspot.com/2010/12/realplayer.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4392
CVE:CVE-2010-2997, CVE-2010-4375, CVE-2010-4378, CVE-2010-4379, CVE-2010-4382, CVE-2010-4383, CVE-2010-4384, CVE-2010-4385, CVE-2010-4386, CVE-2010-4392
危険性:High Risk
2010-12-15
Novell ZENworks Desktop Management
ソフト名:Novell ZENworks Desktop Management 7.x
回避策:あり
脆弱性:不正アクセス, ヒープメモリ破壊, バッファオーバーフロー, ローカルコード実行
ソース:http://www.novell.com/products/zenworks/configurationmanagement/
http://www.novell.com/support/viewContent.do?externalId=7007320
http://www.novell.com/support/viewContent.do?externalId=7007321
http://www.novell.com/support/viewContent.do?externalId=7007339
http://www.zerodayinitiative.com/advisories/ZDI-10-283/
http://www.zerodayinitiative.com/advisories/ZDI-10-284/
http://www.zerodayinitiative.com/advisories/ZDI-10-285/
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=20&Itemid=20
http://secunia.com/advisories/42598/
危険性:Medium Risk
回避策:あり
脆弱性:不正アクセス, ヒープメモリ破壊, バッファオーバーフロー, ローカルコード実行
ソース:http://www.novell.com/products/zenworks/configurationmanagement/
http://www.novell.com/support/viewContent.do?externalId=7007320
http://www.novell.com/support/viewContent.do?externalId=7007321
http://www.novell.com/support/viewContent.do?externalId=7007339
http://www.zerodayinitiative.com/advisories/ZDI-10-283/
http://www.zerodayinitiative.com/advisories/ZDI-10-284/
http://www.zerodayinitiative.com/advisories/ZDI-10-285/
http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=20&Itemid=20
http://secunia.com/advisories/42598/
危険性:Medium Risk
RealPlayer
ソフト名:RealPlayer 11.x/SP 1.x, RealPlayer Enterprise 2.x, Mac RealPlayer 12.x, Linux RealPlayer 11.x
回避策:アップデートにて対応
脆弱性:不正アクセス, メモリ破壊, アドレス開放エラー, バッファオーバーフロー, メモリアロケーションエラー, 整数オーバーフロー, ヒープメモリ破壊, ActiveXスクリプトのダウンロード, ActiveXスクリプトの実行, バウンダリエラー
ソース:http://jp.real.com/
http://www.realnetworks.com/products-services/realplayer-enterprise.aspx
http://secunia.com/secunia_research/2010-9/
http://secunia.com/secunia_research/2010-14/
http://secunia.com/secunia_research/2010-15/
http://service.real.com/realplayer/security/12102010_player/en/
http://realnetworksblog.com/?p=2216
http://www.zerodayinitiative.com/advisories/ZDI-10-268/
http://www.zerodayinitiative.com/advisories/ZDI-10-266/
http://www.zerodayinitiative.com/advisories/ZDI-10-270/
http://www.zerodayinitiative.com/advisories/ZDI-10-273/
http://www.zerodayinitiative.com/advisories/ZDI-10-269/
http://www.zerodayinitiative.com/advisories/ZDI-10-271/
http://www.zerodayinitiative.com/advisories/ZDI-10-272/
http://www.zerodayinitiative.com/advisories/ZDI-10-274/
http://www.zerodayinitiative.com/advisories/ZDI-10-275/
http://www.zerodayinitiative.com/advisories/ZDI-10-276/
http://www.zerodayinitiative.com/advisories/ZDI-10-277/
http://www.zerodayinitiative.com/advisories/ZDI-10-278/
http://www.zerodayinitiative.com/advisories/ZDI-10-279/
http://www.zerodayinitiative.com/advisories/ZDI-10-281/
http://www.zerodayinitiative.com/advisories/ZDI-10-280/
http://www.zerodayinitiative.com/advisories/ZDI-10-282/
http://www.zerodayinitiative.com/advisories/ZDI-10-267/
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0216.html
http://dvlabs.tippingpoint.com/advisory/TPTI-10-18
http://dvlabs.tippingpoint.com/advisory/TPTI-10-19
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=883
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=884
http://secunia.com/advisories/38550/
http://secunia.com/advisories/42333/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2579
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4397
CVE:CVE-2010-0121, CVE-2010-0125, CVE-2010-2579, CVE-2010-2997, CVE-2010-2999, CVE-2010-4375, CVE-2010-4376, CVE-2010-4377, CVE-2010-4378, CVE-2010-4379, CVE-2010-4380, CVE-2010-4381, CVE-2010-4382, CVE-2010-4383, CVE-2010-4384, CVE-2010-4385, CVE-2010-4386, CVE-2010-4387, CVE-2010-4388, CVE-2010-4389, CVE-2010-4390, CVE-2010-4391, CVE-2010-4392, CVE-2010-4394, CVE-2010-4395, CVE-2010-4396, CVE-2010-4397
危険性:High Risk
回避策:アップデートにて対応
脆弱性:不正アクセス, メモリ破壊, アドレス開放エラー, バッファオーバーフロー, メモリアロケーションエラー, 整数オーバーフロー, ヒープメモリ破壊, ActiveXスクリプトのダウンロード, ActiveXスクリプトの実行, バウンダリエラー
ソース:http://jp.real.com/
http://www.realnetworks.com/products-services/realplayer-enterprise.aspx
http://secunia.com/secunia_research/2010-9/
http://secunia.com/secunia_research/2010-14/
http://secunia.com/secunia_research/2010-15/
http://service.real.com/realplayer/security/12102010_player/en/
http://realnetworksblog.com/?p=2216
http://www.zerodayinitiative.com/advisories/ZDI-10-268/
http://www.zerodayinitiative.com/advisories/ZDI-10-266/
http://www.zerodayinitiative.com/advisories/ZDI-10-270/
http://www.zerodayinitiative.com/advisories/ZDI-10-273/
http://www.zerodayinitiative.com/advisories/ZDI-10-269/
http://www.zerodayinitiative.com/advisories/ZDI-10-271/
http://www.zerodayinitiative.com/advisories/ZDI-10-272/
http://www.zerodayinitiative.com/advisories/ZDI-10-274/
http://www.zerodayinitiative.com/advisories/ZDI-10-275/
http://www.zerodayinitiative.com/advisories/ZDI-10-276/
http://www.zerodayinitiative.com/advisories/ZDI-10-277/
http://www.zerodayinitiative.com/advisories/ZDI-10-278/
http://www.zerodayinitiative.com/advisories/ZDI-10-279/
http://www.zerodayinitiative.com/advisories/ZDI-10-281/
http://www.zerodayinitiative.com/advisories/ZDI-10-280/
http://www.zerodayinitiative.com/advisories/ZDI-10-282/
http://www.zerodayinitiative.com/advisories/ZDI-10-267/
http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0216.html
http://dvlabs.tippingpoint.com/advisory/TPTI-10-18
http://dvlabs.tippingpoint.com/advisory/TPTI-10-19
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=883
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=884
http://secunia.com/advisories/38550/
http://secunia.com/advisories/42333/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0121
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2579
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4397
CVE:CVE-2010-0121, CVE-2010-0125, CVE-2010-2579, CVE-2010-2997, CVE-2010-2999, CVE-2010-4375, CVE-2010-4376, CVE-2010-4377, CVE-2010-4378, CVE-2010-4379, CVE-2010-4380, CVE-2010-4381, CVE-2010-4382, CVE-2010-4383, CVE-2010-4384, CVE-2010-4385, CVE-2010-4386, CVE-2010-4387, CVE-2010-4388, CVE-2010-4389, CVE-2010-4390, CVE-2010-4391, CVE-2010-4392, CVE-2010-4394, CVE-2010-4395, CVE-2010-4396, CVE-2010-4397
危険性:High Risk
2010-12-08
VMware Fusion, VMware Player, VMware Workstation, VMware Server, VMware Workstation Movie Decoder
ソフト名:VMware Fusion 3.x, VMware Player 2.x/3.x, VMware Workstation 6.x/7.x, VMware Server 2.x, VMware Workstation Movie Decoder 6.x/7.x
回避策:VMSA-2010-0018にて対応
脆弱性:権限の昇格, ローカルコード実行, 不正アクセス, セキュリティ制限の回避, ローカルコマンド実行, ヒープメモリ破壊
ソース:http://www.vmware.com/products/fusion/
http://www.vmware.com/products/player/
http://downloads.vmware.com/d/info/desktop_downloads/vmware_workstation/7_0
http://www.vmware.com/products/server/
http://lists.vmware.com/pipermail/security-announce/2010/000112.html
http://dvlabs.tippingpoint.com/advisory/TPTI-10-16
http://secunia.com/advisories/42453/
http://secunia.com/advisories/42480/
http://secunia.com/advisories/42481/
http://secunia.com/advisories/42482/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4297
CVE:CVE-2010-4294, CVE-2010-4295, CVE-2010-4296, CVE-2010-4297
危険性:High Risk
回避策:VMSA-2010-0018にて対応
脆弱性:権限の昇格, ローカルコード実行, 不正アクセス, セキュリティ制限の回避, ローカルコマンド実行, ヒープメモリ破壊
ソース:http://www.vmware.com/products/fusion/
http://www.vmware.com/products/player/
http://downloads.vmware.com/d/info/desktop_downloads/vmware_workstation/7_0
http://www.vmware.com/products/server/
http://lists.vmware.com/pipermail/security-announce/2010/000112.html
http://dvlabs.tippingpoint.com/advisory/TPTI-10-16
http://secunia.com/advisories/42453/
http://secunia.com/advisories/42480/
http://secunia.com/advisories/42481/
http://secunia.com/advisories/42482/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4297
CVE:CVE-2010-4294, CVE-2010-4295, CVE-2010-4296, CVE-2010-4297
危険性:High Risk
2010-11-10
Microsoft PowerPoint
ソフト名:Microsoft PowerPoint 2002 SP3/2003 SP3/Viewer SP2, Microsoft Office 2004 Mac OS
回避策:Microsoft Security Bulletin MS10-088にて対応
脆弱性:バッファオーバーフロー, 整数アンダーフロー, リモートコード実行, アプリケーションのクラッシュ, ヒープメモリ破壊
ソース:http://www.microsoft.com/technet/security/bulletin/ms10-088.mspx
http://www.securityfocus.com/bid/44626
http://www.securityfocus.com/bid/44628
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2573
http://secunia.com/advisories/39304
http://secunia.com/advisories/42103
http://www.vupen.com/english/advisories/2010/2924
CVE:CVE-2010-2572, CVE-2010-2573
危険性:High Risk
回避策:Microsoft Security Bulletin MS10-088にて対応
脆弱性:バッファオーバーフロー, 整数アンダーフロー, リモートコード実行, アプリケーションのクラッシュ, ヒープメモリ破壊
ソース:http://www.microsoft.com/technet/security/bulletin/ms10-088.mspx
http://www.securityfocus.com/bid/44626
http://www.securityfocus.com/bid/44628
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2573
http://secunia.com/advisories/39304
http://secunia.com/advisories/42103
http://www.vupen.com/english/advisories/2010/2924
CVE:CVE-2010-2572, CVE-2010-2573
危険性:High Risk
2010-09-24
Linux Kernel
ソフト名:Linux Kernel 2.6.0~2.6.35 rc5
回避策:あり
脆弱性:DoS攻撃, ヒープメモリ破壊, メモリの浪費
ソース:http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=9828e6e6e3f19efcb476c567b9999891d051f52f
http://www.openwall.com/lists/oss-security/2010/09/21/1
http://www.kernel.org/
http://www.securityfocus.com/bid/43368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3310
http://secunia.com/advisories/41493
CVE:CVE-2010-3310
危険性:Low Risk
回避策:あり
脆弱性:DoS攻撃, ヒープメモリ破壊, メモリの浪費
ソース:http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=9828e6e6e3f19efcb476c567b9999891d051f52f
http://www.openwall.com/lists/oss-security/2010/09/21/1
http://www.kernel.org/
http://www.securityfocus.com/bid/43368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3310
http://secunia.com/advisories/41493
CVE:CVE-2010-3310
危険性:Low Risk
登録:
投稿 (Atom)
