Daily Vuln Watch Japan

Scull

ソフト名：Mozilla Firefox 3.6.23未満/6.x, Mozilla SeaMonkey 2.4未満, Mozilla Thunderbird 6.x, Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Desktop Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6, Canonical Ltd. Ubuntu Linux 10.04/10.10

回避策：アップデート, 7.0へのアップグレードにて対応, アップデートにて対応, 7.0へのアップグレードにて対応, RHSA-2011:1341-01, RHSA-2011:1342-01, RHSA-2011:1343-1, RHSA-2011:1344-1にて対応, USN-1210-1, USN-1213-1にて対応

脆弱性：セキュリティ制限の回避, システムアクセス, 不特定のエラー, メモリ破壊, XSS保護の回避, 不正アプリケーションのダウンロード, 不正アプリケーションの実行, バッファオーバーフロー, 不正プラグインのインストール, リモートコード実行, 解放後使用エラー, キーストロークの閲覧, レスポンス分割攻撃, 整数アンダーフローエラー

ソース：

http://www.mozilla.org/en-US/firefox/new/

http://mozilla.jp/firefox/

http://www.seamonkey-project.org/

http://www.mozilla.org/en-US/thunderbird/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

http://www.ubuntu.com/

http://www.mozilla.org/security/announce/2011/mfsa2011-36.html

http://www.mozilla.org/security/announce/2011/mfsa2011-37.html

http://www.mozilla.org/security/announce/2011/mfsa2011-38.html

http://www.mozilla.org/security/announce/2011/mfsa2011-39.html

http://www.mozilla.org/security/announce/2011/mfsa2011-40.html

http://www.mozilla.org/security/announce/2011/mfsa2011-41.html

http://www.mozilla.org/security/announce/2011/mfsa2011-42.html

http://www.mozilla.org/security/announce/2011/mfsa2011-43.html

http://www.mozilla.org/security/announce/2011/mfsa2011-44.html

http://www.mozilla.org/security/announce/2011/mfsa2011-45.html

http://www.usenix.org/events/hotsec11/tech/final_files/Cai.pdf

https://rhn.redhat.com/errata/RHSA-2011-1341.html

https://rhn.redhat.com/errata/RHSA-2011-1342.html

https://rhn.redhat.com/errata/RHSA-2011-1343.html

https://rhn.redhat.com/errata/RHSA-2011-1344.html

http://www.ubuntu.com/usn/usn-1210-1/

http://www.ubuntu.com/usn/usn-1213-1/

http://secunia.com/advisories/46171/

http://secunia.com/advisories/46184/

http://secunia.com/advisories/46190/

http://secunia.com/advisories/46192/

http://secunia.com/advisories/46194/

http://secunia.com/advisories/46196/

http://secunia.com/advisories/46203/

http://secunia.com/advisories/46204/

http://secunia.com/advisories/46205/

http://secunia.com/advisories/46217/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2372

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2995

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2996

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2997

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2998

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3000

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3001

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3002

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3003

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3004

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3005

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3232

CVE：CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2997, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3002, CVE-2011-3003, CVE-2011-3004, CVE-2011-3005, CVE-2011-3232

危険性：High Risk

Scull

ソフト名：Novell openSUSE 11.3/11.4 (Mozilla SeaMonkey 2.3)

回避策：openSUSE-SU-2011:0957-1にて対応

脆弱性：セキュリティ制限の回避, 機密情報の奪取, システムアクセス, 不特定のエラー, メモリ破壊, JARファイル操作エラー, 不正Java Scriptコード実行, バッファオーバーフロー,　解放後使用エラー

ソース：

http://www.opensuse.org/en/

http://lists.opensuse.org/opensuse-updates/2011-08/msg00039.html

http://secunia.com/advisories/45667/

http://secunia.com/advisories/45808/

http://dvw-j.blogspot.com/2011/08/mozilla-firefox-mozilla-thunderbird.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0084

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2985

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2986

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2987

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2988

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2989

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2990

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2991

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2992

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2993

CVE：CVE-2011-0084, CVE-2011-2985, CVE-2011-2986, CVE-2011-2987, CVE-2011-2988, CVE-2011-2989, CVE-2011-2990, CVE-2011-2991, CVE-2011-2992, CVE-2011-2993

危険性：High Risk

Scull

ソフト名：Mozilla Firefox 5.x, Mozilla Thunderbird 5.x, Mozilla SeaMonkey 2.3

回避策：6へのアップグレード, アップデート, MFSA 2011-29, MFSA 2011-31, MFSA 2011-33にて対応

脆弱性：セキュリティ制限の回避, 機密情報の奪取, システムアクセス, 不特定のエラー, メモリ破壊, JARファイル操作エラー, 不正Java Scriptコード実行, バッファオーバーフロー,　解放後使用エラー

ソース：

http://www.mozilla.com/en-US/firefox/new/

http://www.mozilla.org/en-US/thunderbird/

http://www.seamonkey-project.org/

http://www.mozilla.org/security/announce/2011/mfsa2011-29.html

http://www.mozilla.org/security/announce/2011/mfsa2011-31.html

http://www.mozilla.org/security/announce/2011/mfsa2011-33.html

http://www.zerodayinitiative.com/advisories/ZDI-11-270/

http://secunia.com/advisories/45667/

http://secunia.com/advisories/45581/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0084

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2985

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2986

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2987

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2988

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2989

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2990

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2991

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2992

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2993

CVE：CVE-2011-0084, CVE-2011-2985, CVE-2011-2986, CVE-2011-2987, CVE-2011-2988, CVE-2011-2989, CVE-2011-2990, CVE-2011-2991, CVE-2011-2992, CVE-2011-2993

危険性：High Risk

Scull

ソフト名：Mozilla SeaMonkey 2.x

回避策：2.2へのアップデートにて対応予定

脆弱性：XSS, 機密情報の奪取, システムアクセス, 不特定のエラー, メモリ破壊, 解放後使用エラー, 整数オーバーフローエラー, リモートコード実行, 不正HTMLの実行, スクリプトコード実行

ソース：http://www.seamonkey-project.org/

http://www.mozilla.org/security/announce/2011/mfsa2011-19.html

http://www.mozilla.org/security/announce/2011/mfsa2011-20.html

http://www.mozilla.org/security/announce/2011/mfsa2011-21.html

http://www.mozilla.org/security/announce/2011/mfsa2011-22.html

http://www.mozilla.org/security/announce/2011/mfsa2011-25.html

http://www.mozilla.org/security/announce/2011/mfsa2011-26.html

http://www.mozilla.org/security/announce/2011/mfsa2011-27.html

http://www.mozilla.org/security/announce/2011/mfsa2011-28.html

http://secunia.com/advisories/44972/

http://secunia.com/advisories/45007/

http://dvw-j.blogspot.com/2011/06/mozilla-firefox.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2366

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2367

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2368

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2369

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2370

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2371

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2373

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2375

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2377

CVE：CVE-2011-2366, CVE-2011-2367, CVE-2011-2368, CVE-2011-2369, CVE-2011-2370, CVE-2011-2371, CVE-2011-2373, CVE-2011-2375, CVE-2011-2377

危険性：High Risk

Scull

ソフト名：Red Hat Fedora 13/14, Debian GNU/Linux 6.0 (Mozilla SeaMonkey 2.0.14未満, Mozilla Thunderbird 3.1.10未満)

回避策：FEDORA-2011-6245, FEDORA-2011-6258にて対応, DSA-2235にて対応

脆弱性：機密情報の奪取, 権限の昇格, システムアクセス, メモリ破壊, リモートコード実行, 解放後使用エラー, 閲覧履歴の奪取, ディレクトリトラバーサル

ソース：https://fedoraproject.org/wiki/F13_one_page_release_notes

http://fedoraproject.org/

http://www.debian.org/

http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059996.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059975.html

http://www.debian.org/security/2011/dsa-2235

http://secunia.com/advisories/44357/

http://secunia.com/advisories/44407/

http://secunia.com/advisories/44541/

http://secunia.com/advisories/44486/

http://dvw-j.blogspot.com/2011/05/mozilla-firefox-mozilla-seamonkey.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081

CVE：CVE-2011-0065, CVE-2011-0066, CVE-2011-0067, CVE-2011-0069, CVE-2011-0070, CVE-2011-0071, CVE-2011-0072, CVE-2011-0073, CVE-2011-0074, CVE-2011-0075, CVE-2011-0076, CVE-2011-0077, CVE-2011-0078, CVE-2011-0080, CVE-2011-0081

危険性：High Risk

Scull

ソフト名：Novell SUSE Linux Enterprise Server (SLES) 10/11, Novell openSUSE 11.2/11.3/11.4, Red Hat Fedora 13 (Mozilla Firefox 3.5.19未満/3.6.17未満, Mozilla SeaMonkey 2.0.14未満)

回避策：SUSE-SA:2011:022にて対応, openSUSE-SU-2011:0437-1, SUSE-SA:2011:022にて対応, FEDORA-2011-6205にて対応

脆弱性：機密情報の奪取, 権限の昇格, システムアクセス, メモリ破壊, リモートコード実行, 解放後使用エラー, 閲覧履歴の奪取, ディレクトリトラバーサル, バッファオーバーフロー, オフバイスリーエラー

ソース：http://www.novell.com/products/server/

http://www.novell.com/promo/home/sle11.html

http://www.opensuse.org/en/

https://fedoraproject.org/wiki/F13_one_page_release_notes

http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html

http://lists.opensuse.org/opensuse-updates/2011-05/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059704.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059709.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059710.html

http://secunia.com/advisories/44357/

http://secunia.com/advisories/44406/

http://secunia.com/advisories/44450/

http://secunia.com/advisories/44455/

http://secunia.com/advisories/44472/

http://secunia.com/advisories/44528/

http://dvw-j.blogspot.com/2011/05/mozilla-firefox-mozilla-seamonkey.html

http://dvw-j.blogspot.com/2011/05/mozilla-firefox.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0068

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0079

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202

CVE：CVE-2011-0065, CVE-2011-0066, CVE-2011-0067, CVE-2011-0068, CVE-2011-0069, CVE-2011-0070, CVE-2011-0071, CVE-2011-0072, CVE-2011-0073, CVE-2011-0074, CVE-2011-0075, CVE-2011-0076, CVE-2011-0077, CVE-2011-0078, CVE-2011-0079, CVE-2011-0080, CVE-2011-0081, CVE-2011-1202

危険性：High Risk

Scull

ソフト名：Canonical Ltd. Ubuntu Linux 10.04/10.10 (Mozilla Firefox 3.5.19未満/3.6.17未満, Mozilla SeaMonkey 2.0.14未満, Mozilla Thunderbird 3.1.10未満)

回避策：USN-1122-1にて対応

脆弱性：機密情報の奪取, 権限の昇格, システムアクセス, メモリ破壊, リモートコード実行, 解放後使用エラー, 閲覧履歴の奪取, ディレクトリトラバーサル

ソース：http://www.ubuntu.com/

https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001325.html

http://secunia.com/advisories/44357/

http://secunia.com/advisories/44407/

http://secunia.com/advisories/44422/

http://dvw-j.blogspot.com/2011/05/mozilla-firefox-mozilla-seamonkey.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202

CVE：CVE-2011-0065, CVE-2011-0066, CVE-2011-0067, CVE-2011-0069, CVE-2011-0070, CVE-2011-0071, CVE-2011-0072, CVE-2011-0073, CVE-2011-0074, CVE-2011-0075, CVE-2011-0076, CVE-2011-0077, CVE-2011-0078, CVE-2011-0080, CVE-2011-0081, CVE-2011-1202

危険性：High Risk

Scull

ソフト名：Mozilla Firefox 3.5.19未満/3.6.17未満, Mozilla SeaMonkey 2.0.14未満, Mozilla Thunderbird 3.1.10未満, Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6

回避策：アップデートにて対応, RHSA-2011:0471-1, RHSA-2011:0473-01, RHSA-2011:0474-1, RHSA-2011:0475-1にて対応

脆弱性：機密情報の奪取, 権限の昇格, システムアクセス, メモリ破壊, リモートコード実行, 解放後使用エラー, 閲覧履歴の奪取, ディレクトリトラバーサル

ソース：http://mozilla.jp/firefox/

http://www.seamonkey-project.org/

http://www.mozillamessaging.com/en-US/thunderbird/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

http://www.mozilla.org/security/announce/2011/mfsa2011-12.html

http://www.mozilla.org/security/announce/2011/mfsa2011-13.html

http://www.mozilla.org/security/announce/2011/mfsa2011-14.html

http://www.mozilla.org/security/announce/2011/mfsa2011-15.html

http://www.mozilla.org/security/announce/2011/mfsa2011-16.html

http://www.mozilla.org/security/announce/2011/mfsa2011-18.html

http://rhn.redhat.com/errata/RHSA-2011-0471.html

https://rhn.redhat.com/errata/RHSA-2011-0473.html

http://rhn.redhat.com/errata/RHSA-2011-0474.html

http://rhn.redhat.com/errata/RHSA-2011-0475.html

http://secunia.com/advisories/44357/

http://secunia.com/advisories/44365/

http://secunia.com/advisories/44368/

http://secunia.com/advisories/44386/

http://secunia.com/advisories/44407/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0065

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0066

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0067

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0073

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0076

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202

CVE：CVE-2011-0065, CVE-2011-0066, CVE-2011-0067, CVE-2011-0069, CVE-2011-0070, CVE-2011-0071, CVE-2011-0072, CVE-2011-0073, CVE-2011-0074, CVE-2011-0075, CVE-2011-0076, CVE-2011-0077, CVE-2011-0078, CVE-2011-0080, CVE-2011-0081, CVE-2011-1202

危険性：High Risk

Scull

Scull

Scull

ソフト名：Mozilla Firefox 3.5 Linux～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8, Mozilla Thunderbird 3.0～3.1.4
回避策：MFSA 2010-70にて対応
脆弱性：スプーフィング攻撃, マンインミドル攻撃
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
http://www.securityfocus.com/bid/42817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3170
http://secunia.com/advisories/41244
http://secunia.com/advisories/41890
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3170
危険性：Medium Risk

Scull

ソフト名：Mozilla Firefox 3.5 Linux～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8, Mozilla Thunderbird 3.0～3.1.4
回避策：MFSA 2010-69にて対応
脆弱性：セキュリティ制限の回避, 不正アクセス, 機密情報の奪取
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-69.html
http://www.securityfocus.com/bid/44252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3178
http://secunia.com/advisories/41244
http://secunia.com/advisories/41890
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3178
危険性：Low Risk

Scull

ソフト名：Mozilla Firefox 3.5 Linux～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8, Mozilla Thunderbird 3.0～3.1.4
回避策：MFSA 2010-72にて対応
脆弱性：セキュリティの強度不足
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-72.html
http://www.securityfocus.com/bid/44228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3173
http://secunia.com/advisories/41244
http://secunia.com/advisories/41890
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3173
危険性：Low Risk

Scull

ソフト名：Mozilla Firefox 3.5 Linux～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8
回避策：MFSA 2010-68にて対応
脆弱性：XSS, 認証資格情報の奪取
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-68.html
http://www.securityfocus.com/bid/44253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3177
http://secunia.com/advisories/41244
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3177
危険性：Medium Risk

Scull

ソフト名：Mozilla Firefox 3.5 Linux～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8, Mozilla Thunderbird 3.0～3.1.4
回避策：MFSA 2010-67にて対応
脆弱性：リモートコード実行, ブラウザのクラッシュ
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-67.html
http://www.zerodayinitiative.com/advisories/ZDI-10-219/
http://www.securityfocus.com/bid/44249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3183
http://secunia.com/advisories/41244
http://secunia.com/advisories/41890
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3183
危険性：High Risk

Scull

ソフト名：Mozilla Firefox 3.5 Linux～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8, Mozilla Thunderbird 3.0～3.1.4
回避策：MFSA 2010-65にて対応
脆弱性：バッファオーバーフロー, リモートコード実行, ブラウザのクラッシュ
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-65.html
http://www.securityfocus.com/bid/44247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3179
http://secunia.com/advisories/41244
http://secunia.com/advisories/41890
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3179
危険性：High Risk

Scull

ソフト名：Mozilla Firefox 3.5 Linux～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8, Mozilla Thunderbird 3.0～3.1.4
回避策：MFSA 2010-66にて対応
脆弱性：リモートコード実行, 解放後使用エラー, メモリ破壊, DoS攻撃
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-66.html
http://www.securityfocus.com/bid/44248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3180
http://secunia.com/advisories/41244
http://secunia.com/advisories/41890
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3180
危険性：High Risk

Scull

ソフト名：Mozilla Firefox 3.5～3.6.9, Mozilla Seamonkey 2.0 Alpha 1～2.0.8, Mozilla Thunderbird 3.0～3.1.4
回避策：MFSA 2010-64にて対応
脆弱性：リモートコード実行, メモリの安全性バグ
ソース：http://www.mozilla.org/security/announce/2010/mfsa2010-64.html
http://www.securityfocus.com/bid/44243
http://www.securityfocus.com/bid/44245
http://www.securityfocus.com/bid/44246
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3176
http://secunia.com/advisories/41244
http://secunia.com/advisories/41890
http://secunia.com/advisories/41923
http://www.vupen.com/english/advisories/2010/2726
CVE：CVE-2010-3174, CVE-2010-3175, CVE-2010-3176
危険性：High Risk

Scull

ソフト名：Mozilla Firefox 3.6.7, Mozilla SeaMonkey 2.0.6
回避策：未対応
脆弱性：クリック乗っ取り, 不正アクセス
ソース：http://www.seamonkey-project.org/
http://mozilla.jp/firefox/
http://www.exploit-db.com/exploits/14447/
危険性：Medium Risk

Scull

2011-09-30

2011-08-30

2011-08-19

2011-06-28

2011-05-15

2011-05-10

2011-05-06

2011-05-04

2011-03-18

2011-03-04

2010-10-22

2010-10-05

2010-09-10

Calendar

このブログを検索

ブログ アーカイブ

Blogram投票ボタン

グーバーウォーク

参加ユーザー

JVNRSS Feed - Update Entry

ラベル

ブログアーカイブ