Red Hat Enterprise Linux Extras, RHEL Desktop Supplementary

ソフト名：Red Hat Enterprise Linux Extras v. 4, RHEL Desktop Supplementary (v. 5 client)/Supplementary (v. 5 server)/Desktop Supplementary (v. 6)/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6) (IBM Java 6.x)

回避策：RHSA-2011:1087-1にて対応

脆弱性：データ操作, 機密情報の奪取, システムアクセス, DoS攻撃, 整数オーバーフローエラー, メモリ破壊, リモートコード実行, 解放後使用エラー, リモートコマンド実行

ソース：

http://www.redhat.com/

https://rhn.redhat.com/errata/RHSA-2011-1087.html

http://secunia.com/advisories/45206/

http://secunia.com/advisories/45402/

http://dvw-j.blogspot.com/2011/07/ibm-java.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0802

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0814

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0862

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0865

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0867

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0871

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0873

CVE：CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871, CVE-2011-0873

危険性：High Risk

Adobe Flash Player, RHEL Desktop Supplementary, Red Hat Enterprise Linux Desktop Supplementary

ソフト名：Adobe Flash Player 10.2.159.1 以下のWindows Macintosh Linux Solaris版/10.2.154.28以下のChrome版/10.2.157.51以下のAndroid版, RHEL Desktop Supplementary (v. 5 client)/(v. 5 server), Red Hat Enterprise Linux Desktop Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6), Google Chrome 11.0.696.68未満

回避策：アップデート, APSB11-12にて対応, RHSA-2011:0511-1にて対応, アップデートにて対応

脆弱性：機密情報の奪取, システムアクセス, 不特定のエラー, 整数オーバーフローエラー, リモートコード実行, メモリ破壊, バウンダリエラー

ソース：http://www.adobe.com/products/flashplayer/

http://www.redhat.com/

http://www.google.co.jp/chrome/intl/ja/landing_ff.html

http://www.adobe.com/support/security/bulletins/apsb11-12.html

https://rhn.redhat.com/errata/RHSA-2011-0511.html

http://feeds.feedburner.com/GoogleChromeReleases

http://secunia.com/advisories/44568/

http://secunia.com/advisories/44590/

http://secunia.com/advisories/44591/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0579

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0618

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0619

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0620

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0621

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0622

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0623

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0624

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0625

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0626

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0627

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1799

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1800

CVE：CVE-2011-0579, CVE-2011-0618, CVE-2011-0619, CVE-2011-0620, CVE-2011-0621, CVE-2011-0622, CVE-2011-0623, CVE-2011-0624, CVE-2011-0625, CVE-2011-0626, CVE-2011-0627, CVE-2011-1799, CVE-2011-1800

危険性：High Risk

Red Hat Enterprise Linux, RHEL Supplementary, RHEL Desktop Supplementary

ソフト名：Red Hat Enterprise Linux Desktop Supplementary (v. 6)/Extras v. 4/HPC Node Supplementary (v. 6)/Server Supplementary (v. 6)/Workstation Supplementary (v. 6), RHEL Supplementary (v. 5 server), RHEL Desktop Supplementary (v. 5 client)
回避策：アップデート, RHSA-2010:0987-1にて対応
脆弱性：セキュリティ制限の回避, データ操作, 機密情報の奪取, DoS攻撃, 不正アクセス, リモートコード実行, メモリ破壊, 整数オーバーフロー, バウンダリエラー
ソース：http://www.redhat.com/
http://www.redhat.com/rhel/details/features/
https://rhn.redhat.com/errata/RHSA-2010-0987.html
http://secunia.com/advisories/41791/
http://secunia.com/advisories/42642/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574
CVE：CVE-2009-3555, CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3553, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3560, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3568, CVE-2010-3569, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574
危険性：High Risk

Red Hat製品

ソフト名：Red Hat Enterprise Linux Extras v. 4, RHEL Desktop Supplementary (v. 5 client), RHEL Supplementary (v. 5 server)
回避策：RHSA-2010:0935-1にて対応
脆弱性：機密情報の奪取, DoS攻撃, データ操作, 未知の脆弱性
ソース：http://www.redhat.com/rhel/details/features/
http://www.redhat.com/
https://rhn.redhat.com/errata/RHSA-2010-0935.html
http://secunia.com/advisories/39762/
http://secunia.com/advisories/41791/
http://secunia.com/advisories/42432/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3574
CVE：CVE-2010-1321, CVE-2010-3574
危険性：Medium Risk