Mozilla Firefox, Mozilla SeaMonkey, Mozilla Thunderbird, Red Hat Desktop, Red Hat Enterprise Linux, Canonical Ltd. Ubuntu Linux

ソフト名：Mozilla Firefox 3.6.23未満/6.x, Mozilla SeaMonkey 2.4未満, Mozilla Thunderbird 6.x, Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Desktop Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6, Canonical Ltd. Ubuntu Linux 10.04/10.10

回避策：アップデート, 7.0へのアップグレードにて対応, アップデートにて対応, 7.0へのアップグレードにて対応, RHSA-2011:1341-01, RHSA-2011:1342-01, RHSA-2011:1343-1, RHSA-2011:1344-1にて対応, USN-1210-1, USN-1213-1にて対応

脆弱性：セキュリティ制限の回避, システムアクセス, 不特定のエラー, メモリ破壊, XSS保護の回避, 不正アプリケーションのダウンロード, 不正アプリケーションの実行, バッファオーバーフロー, 不正プラグインのインストール, リモートコード実行, 解放後使用エラー, キーストロークの閲覧, レスポンス分割攻撃, 整数アンダーフローエラー

ソース：

http://www.mozilla.org/en-US/firefox/new/

http://mozilla.jp/firefox/

http://www.seamonkey-project.org/

http://www.mozilla.org/en-US/thunderbird/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

http://www.ubuntu.com/

http://www.mozilla.org/security/announce/2011/mfsa2011-36.html

http://www.mozilla.org/security/announce/2011/mfsa2011-37.html

http://www.mozilla.org/security/announce/2011/mfsa2011-38.html

http://www.mozilla.org/security/announce/2011/mfsa2011-39.html

http://www.mozilla.org/security/announce/2011/mfsa2011-40.html

http://www.mozilla.org/security/announce/2011/mfsa2011-41.html

http://www.mozilla.org/security/announce/2011/mfsa2011-42.html

http://www.mozilla.org/security/announce/2011/mfsa2011-43.html

http://www.mozilla.org/security/announce/2011/mfsa2011-44.html

http://www.mozilla.org/security/announce/2011/mfsa2011-45.html

http://www.usenix.org/events/hotsec11/tech/final_files/Cai.pdf

https://rhn.redhat.com/errata/RHSA-2011-1341.html

https://rhn.redhat.com/errata/RHSA-2011-1342.html

https://rhn.redhat.com/errata/RHSA-2011-1343.html

https://rhn.redhat.com/errata/RHSA-2011-1344.html

http://www.ubuntu.com/usn/usn-1210-1/

http://www.ubuntu.com/usn/usn-1213-1/

http://secunia.com/advisories/46171/

http://secunia.com/advisories/46184/

http://secunia.com/advisories/46190/

http://secunia.com/advisories/46192/

http://secunia.com/advisories/46194/

http://secunia.com/advisories/46196/

http://secunia.com/advisories/46203/

http://secunia.com/advisories/46204/

http://secunia.com/advisories/46205/

http://secunia.com/advisories/46217/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2372

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2995

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2996

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2997

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2998

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3000

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3001

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3002

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3003

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3004

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3005

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3232

CVE：CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2997, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3002, CVE-2011-3003, CVE-2011-3004, CVE-2011-3005, CVE-2011-3232

危険性：High Risk

Red Hat Desktop, Red Hat Enterprise Linux, Nokia Qt

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Desktop Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6, Nokia Qt 3.x/4.x

回避策：RHSA-2011:1323-01, RHSA-2011:1324-01, RHSA-2011:1325-01, RHSA-2011:1326-01, RHSA-2011:1327-01にて対応

脆弱性：XSS, システムアクセス, 過度に長い文字列, 不正ライブラリのロード, リモートコード実行, 不正フォントファイル, バッファオーバーフロー

ソース：

http://qt.nokia.com/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

https://qt.gitorious.org/qt/qt/commit/cb6380beb81ab9571c547270c144988781fed465

https://rhn.redhat.com/errata/RHSA-2011-1323.html

https://rhn.redhat.com/errata/RHSA-2011-1324.html

https://rhn.redhat.com/errata/RHSA-2011-1325.html

https://rhn.redhat.com/errata/RHSA-2011-1326.html

https://rhn.redhat.com/errata/RHSA-2011-1327.html

http://secunia.com/advisories/24727/

http://secunia.com/advisories/41537/

http://secunia.com/advisories/46117/

http://secunia.com/advisories/46118/

http://secunia.com/advisories/46119/

http://secunia.com/advisories/46128/

http://secunia.com/advisories/46140/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3193

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3194

CVE：CVE-2007-0242, CVE-2011-3193, CVE-2011-3194

危険性：Medium Risk

Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop Workstation 5/Server 6/Workstation 6 (Cyrus IMAP Server 2.3.17未満/2.4.11未満)

回避策：RHSA-2011:1317-01にて対応

脆弱性：システムアクセス, バッファオーバーフロー, バウンダリエラー

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

https://rhn.redhat.com/errata/RHSA-2011-1317.html

http://secunia.com/advisories/45938/

http://secunia.com/advisories/46064/

http://dvw-j.blogspot.com/2011/09/cyrus-imap-server.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3208

CVE：CVE-2011-3208

危険性：Medium Risk

OpenVZ

ソフト名：OpenVZ (Red Hat Enterprise Linux Desktop 6/HPC Node 6/Server 6/Workstation 6)

回避策：RHEL6 の042stab037.1へのアップデートにて対応

脆弱性：セキュリティ制限の回避, 機密情報の奪取, DoS攻撃, システムアクセス, メモリリーク, カーネルのクラッシュ, システムコール, カーネルスタックメモリの曝露, バッファオーバーフロー, アロケーションエラー, アウトオブメモリ, システムのクラッシュ, CPUリソースの浪費, 整数オーバーフローエラー, メモリ破壊

ソース：

http://wiki.openvz.org/Main_Page

http://wiki.openvz.org/Download/kernel/rhel6/042stab037.1

http://secunia.com/advisories/45746/

http://secunia.com/advisories/46060/

http://dvw-j.blogspot.com/2011/08/red-hat-enterprise-linux_26.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1898

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2183

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2497

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2695

CVE：CVE-2011-1182, CVE-2011-1576, CVE-2011-1593, CVE-2011-1776, CVE-2011-1898, CVE-2011-2183, CVE-2011-2213, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2497, CVE-2011-2517, CVE-2011-2689, CVE-2011-2695

危険性：Medium Risk

Red Hat Enterprise Linux

ソフト名：Red Hat Enterprise Linux Server 6/Workstation 6 (Squid 3.0.STABLE25未満の3.0.x/3.1.14未満の3.1.x)

回避策：RHSA-2011:1293-01にて対応

脆弱性：DoS攻撃, システムアクセス, バウンダリエラー, バッファオーバーフロー, リモートコード実行

ソース：

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-1293.html

http://secunia.com/advisories/45805/

http://secunia.com/advisories/46029/

http://dvw-j.blogspot.com/2011/08/squid.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3205

CVE：CVE-2011-3205

危険性：High Risk

Canonical Ltd. Ubuntu Linux, Red Hat Enterprise Linux

ソフト名：Canonical Ltd. Ubuntu Linux 10.04/10.10, Red Hat Enterprise Linux Desktop 6/HPC Node 6/Server 6/Workstation 6 (GNOME Project librsvg 2.34.1未満)

回避策：USN-1206-1にて対応, RHSA-2011:1289-01にて対応

脆弱性：DoS攻撃, システムアクセス, 不正SVG画像, 無効なメモリへの間接参照

ソース：

http://www.ubuntu.com/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

http://www.ubuntu.com/usn/usn-1206-1/

https://rhn.redhat.com/errata/RHSA-2011-1289.html

http://secunia.com/advisories/45877/

http://secunia.com/advisories/45992/

http://secunia.com/advisories/46010/

http://dvw-j.blogspot.com/2011/09/gnome-project-librsvg.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3146

CVE：CVE-2011-3146

危険性：Medium Risk

Red Hat Enterprise MRG

ソフト名：Red Hat Enterprise MRG v2 for Red Hat Enterprise Linux (version 6) (Kernel.org Linux Kernel 2.6.x)

回避策：RHSA-2011:1253-01にて対応

脆弱性：セッション乗っ取り, セキュリティ制限の回避, 機密情報の奪取, 権限の昇格, DoS攻撃, システムアクセス, カーネルメモリ破壊, プロセス設定の操作, カーネルのクラッシュ, デリファレンスエラー, 二重解放エラー, メモリリーク, 展開処理エラー, システムコール, NULLポインタ参照エラー, バッファオーバーフロー, アロケーションエラー, アウトオブメモリ, CPUリソースの浪費, 整数オーバーフローエラー, 区域外メモリの読み出し

ソース：

http://www.redhat.com/mrg/

https://rhn.redhat.com/errata/RHSA-2011-1253.html

http://secunia.com/advisories/41493/

http://secunia.com/advisories/42964/

http://secunia.com/advisories/43009/

http://secunia.com/advisories/43496/

http://secunia.com/advisories/43576/

http://secunia.com/advisories/43594/

http://secunia.com/advisories/44091/

http://secunia.com/advisories/44094/

http://secunia.com/advisories/44164/

http://secunia.com/advisories/44220/

http://secunia.com/advisories/44248/

http://secunia.com/advisories/44466/

http://secunia.com/advisories/44754/

http://secunia.com/advisories/45193/

http://secunia.com/advisories/45236/

http://secunia.com/advisories/45253/

http://secunia.com/advisories/45994/

http://dvw-j.blogspot.com/2011/01/red-hat-enterprise-linux_21.html

http://dvw-j.blogspot.com/2011/01/kernelorg-linux-kernel.html

http://dvw-j.blogspot.com/2011/03/kernelorg-linux-kernel.html

http://dvw-j.blogspot.com/2011/03/kernelorg-linux-kernel_16.html

http://dvw-j.blogspot.com/2011/03/kernelorg-linux-kernel_08.html

http://dvw-j.blogspot.com/2011/04/kernelorg-linux-kernel_13.html

http://dvw-j.blogspot.com/2011/04/kernelorg-linux-kernel_3728.html

http://dvw-j.blogspot.com/2011/04/kernelorg-linux-kernel_22.html

http://dvw-j.blogspot.com/2011/04/kernelorg-linux-kernel_26.html

http://dvw-j.blogspot.com/2011/04/kernelorg-linux-kernel_856.html

http://dvw-j.blogspot.com/2011/05/kernelorg-linux-kernel.html

http://dvw-j.blogspot.com/2011/06/kernelorg-linux-kernel_07.html

http://dvw-j.blogspot.com/2011/07/kernelorg-linux-kernel.html

http://dvw-j.blogspot.com/2011/07/red-hat-enterprise-linux_15.html

http://dvw-j.blogspot.com/2011/07/red-hat-enterprise-linux_19.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4243

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4526

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1020

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1021

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1090

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1160

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1478

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1479

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1585

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1598

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1748

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1767

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1768

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1770

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2183

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2484

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2496

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2497

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2695

CVE：CVE-2010-4243, CVE-2010-4526, CVE-2011-1020, CVE-2011-1021, CVE-2011-1090, CVE-2011-1160, CVE-2011-1478, CVE-2011-1479, CVE-2011-1494, CVE-2011-1495, CVE-2011-1576, CVE-2011-1577, CVE-2011-1585, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1748, CVE-2011-1767, CVE-2011-1768, CVE-2011-1770, CVE-2011-1776, CVE-2011-2022, CVE-2011-2183, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2695

危険性：Medium Risk

Red Hat Enterprise Linux

ソフト名：Red Hat Enterprise Linux 5 (Server)/Desktop 5 (Kernel.org Linux Kernel 2.6.39, XenSource. Inc. Xen 3.3)

回避策：RHSA-2011:1212-01, Red Hat Bug#714867にて対応

脆弱性：機密情報の奪取, 権限の昇格, DoS攻撃, クラッシュ, 入力検証エラー, ハイパーコール

ソース：

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-1212.html

https://bugzilla.redhat.com/show_bug.cgi?id=714867

http://xenbits.xen.org/hg/xen-3.1-testing.hg/rev/15644

http://secunia.com/advisories/44754/

http://secunia.com/advisories/45835/

http://secunia.com/advisories/45897/

http://dvw-j.blogspot.com/2011/09/xensource-inc-xen.html

http://dvw-j.blogspot.com/2011/06/kernelorg-linux-kernel_07.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2482

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2519

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901

CVE：CVE-2011-2482, CVE-2011-2491, CVE-2011-2495, CVE-2011-2517, CVE-2011-2519, CVE-2011-2901

危険性：Medium Risk

Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/ES 4 (libmodplug 0.8.8.3)

回避策：RHSA-2011:1264-01にて対応

脆弱性：システムアクセス, 整数オーバーフローエラー, バッファオーバーフロー, バウンダリエラー, オフバイワンエラー, スタックメモリ破壊

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-1264.html

http://secunia.com/advisories/45131/

http://secunia.com/advisories/45901/

http://dvw-j.blogspot.com/2011/08/libmodplug.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2911

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2912

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2913

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2914

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2915

CVE：CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915

危険性：Medium Risk

Adiscon rsyslog, Red Hat Enterprise Linux

ソフト名：Adiscon rsyslog 4.6.0〜4.6.7/5.2.0〜5.8.4, Red Hat Enterprise Linux Desktop 6/HPC Node 6/Server 6/Workstation 6

回避策：4.6.8/5.8.5へのアップデートにて対応, RHSA-2011:1247-1にて対応

脆弱性：DoS攻撃, システムアクセス, オフバイツーエラー, バッファオーバーフロー

ソース：

http://www.rsyslog.com/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

http://www.rsyslog.com/potential-dos-with-malformed-tag/

https://bugzilla.redhat.com/show_bug.cgi?id=727644

https://rhn.redhat.com/errata/RHSA-2011-1247.html

http://secunia.com/advisories/45848/

http://secunia.com/advisories/45874/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3200

CVE：CVE-2011-3200

危険性：Medium Risk

Red Hat Desktop, Red Hat Enterprise Linux, IBM OS/400

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Desktop Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6, IBM OS/400 V6R1M0 (Apache 2.2.19)

回避策：RHSA-2011:1245-01にて対応, APAR SE49334, SE49334にて対応

脆弱性：DoS攻撃, 不正HTTPのリクエスト, メモリの浪費

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

http://www-03.ibm.com/systems/i/software/

https://rhn.redhat.com/errata/RHSA-2011-1245.html

https://www.ibm.com/support/docview.wss?uid=nas2aae02620b9b78d9e862578fe003c799b

http://secunia.com/advisories/45606/

http://secunia.com/advisories/45822/

http://secunia.com/advisories/45644/

http://dvw-j.blogspot.com/2011/08/apache.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192

CVE：CVE-2011-3192

危険性：Medium Risk

Red Hat Enterprise Linux

ソフト名：Red Hat Enterprise Linux 5 (Server)/Desktop 5/Desktop Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6 (eCryptfs, Canonical Ltd. Ubuntu Linux 10.04/10.10)

回避策：RHSA-2011:1241-1にて対応

脆弱性：セキュリティ制限の回避, データ操作, 機密情報の奪取, 権限の昇格, DoS攻撃, マウント脆弱性, 不正アクションの実行

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-1241.html

http://secunia.com/advisories/45563/

http://secunia.com/advisories/45747/

http://dvw-j.blogspot.com/2011/08/ecryptfs-canonical-ltd-ubuntu-linux.html

http://dvw-j.blogspot.com/2011/08/canonical-ltd-ubuntu-linux_26.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1831

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1832

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1833

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1834

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1835

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1837

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3145

CVE：CVE-2011-1831, CVE-2011-1832, CVE-2011-1833, CVE-2011-1834, CVE-2011-1835, CVE-2011-1837, CVE-2011-3145

危険性：Medium Risk

Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6 (Samba 3.x, cifs-utils)

回避策：RHSA-2011:1219-1, RHSA-2011:1220-1, RHSA-2011:1221-1にて対応

脆弱性：機密情報の奪取, 権限の昇格, DoS攻撃, XSS, ファイル破損, CSRF, 不正HTTPのリクエスト, アカウント操作, 不正HTMLの実行, スクリプトコード実行

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

https://rhn.redhat.com/errata/RHSA-2011-1219.html

https://rhn.redhat.com/errata/RHSA-2011-1220.html

https://rhn.redhat.com/errata/RHSA-2011-1221.html

http://secunia.com/advisories/38286/

http://secunia.com/advisories/38811/

http://secunia.com/advisories/45371/

http://secunia.com/advisories/45393/

http://secunia.com/advisories/45760/

http://secunia.com/advisories/45798/

http://secunia.com/advisories/45806/

http://dvw-j.blogspot.com/2011/07/red-hat-fedora_1898.html

http://dvw-j.blogspot.com/2011/07/samba.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2724

CVE：CVE-2010-0547, CVE-2010-0787, CVE-2011-1678, CVE-2011-2522, CVE-2011-2694, CVE-2011-2724

危険性：Medium Risk

Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5

回避策：RHSA-2011:1196-1にて対応

脆弱性：システムアクセス, 入力検証エラー, シェルコマンドの挿入, シェルコマンド実行

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

https://rhn.redhat.com/errata/RHSA-2011-1196.html

http://secunia.com/advisories/45744/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2899

CVE：CVE-2011-2899

危険性：Medium Risk

Red Hat Enterprise Linux

ソフト名：Red Hat Enterprise Linux Desktop 6/HPC Node 6/Server 6/Workstation 6 (libvirt 0.9.2)

回避策：RHSA-2011:1197-1にて対応

脆弱性：DoS攻撃, システムアクセス, 整数オーバーフローエラー, デーモンのクラッシュ, メモリ破壊, ローカルコード実行

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-1197.html

http://secunia.com/advisories/44988/

http://secunia.com/advisories/45745/

http://dvw-j.blogspot.com/2011/07/libvirt.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2511

CVE：CVE-2011-2511

危険性：Medium Risk

Red Hat Enterprise Linux

ソフト名：Red Hat Enterprise Linux Desktop 6/HPC Node 6/Server 6/Workstation 6 (Kernel.org Linux Kernel 2.6.x)

回避策：RHSA-2011:1189-1にて対応

脆弱性：セキュリティ制限の回避, 機密情報の奪取, DoS攻撃, システムアクセス, メモリリーク, カーネルのクラッシュ, システムコール, カーネルスタックメモリの曝露, バッファオーバーフロー, アロケーションエラー, アウトオブメモリ, システムのクラッシュ, CPUリソースの浪費, 整数オーバーフローエラー, メモリ破壊

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/server/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-1189.html

http://secunia.com/advisories/43806/

http://secunia.com/advisories/44164/

http://secunia.com/advisories/44466/

http://secunia.com/advisories/44754/

http://secunia.com/advisories/45193/

http://secunia.com/advisories/45253/

http://secunia.com/advisories/45746/

http://dvw-j.blogspot.com/2011/03/kernelorg-linux-kernel_22.html

http://dvw-j.blogspot.com/2011/04/kernelorg-linux-kernel_22.html

http://dvw-j.blogspot.com/2011/05/kernelorg-linux-kernel.html

http://dvw-j.blogspot.com/2011/06/kernelorg-linux-kernel_07.html

http://dvw-j.blogspot.com/2011/07/kernelorg-linux-kernel.html

http://dvw-j.blogspot.com/2011/07/red-hat-enterprise-linux_19.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1898

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2183

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2497

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2695

CVE：CVE-2011-1182, CVE-2011-1576, CVE-2011-1593, CVE-2011-1776, CVE-2011-1898, CVE-2011-2183, CVE-2011-2213, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2497, CVE-2011-2517, CVE-2011-2689, CVE-2011-2695

危険性：Medium Risk

Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/Linux 5 (Server)/Desktop Workstation 5/Server 6/Workstation 6 (Dovecot 1.2.16/2.0.12)

回避策：RHSA-2011:1187-1にて対応

脆弱性：DoS攻撃, デーモンのクラッシュ

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

http://rhn.redhat.com/errata/RHSA-2011-1187.html

http://secunia.com/advisories/44683/

http://secunia.com/advisories/45699/

http://dvw-j.blogspot.com/2011/05/dovecot-novell-opensuse.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1929

CVE：CVE-2011-1929

危険性：Medium Risk

Mozilla Firefox, Mozilla Thunderbird, Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Mozilla Firefox 3.6.20未満, Mozilla Thunderbird 3.1.12未満, Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Desktop Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6

回避策：アップデート, MFSA 2011-30, MFSA 2011-32にて対応, RHSA-2011:1164-1, RHSA-2011:1165-1, RHSA-2011:1166-1, RHSA-2011:1167-1にて対応

脆弱性：セキュリティ制限の回避, 機密情報の奪取, システムアクセス, 不特定のエラー, メモリ破壊, 解放後使用エラー, 不正Java Scriptコード実行, ポインタ間接参照エラー, リモートコード実行, 不正ライブラリのロード

ソース：

http://mozilla.jp/firefox/

https://www.mozilla.org/en-US/thunderbird/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

http://www.mozilla.org/security/announce/2011/mfsa2011-30.html

http://www.mozilla.org/security/announce/2011/mfsa2011-32.html

https://rhn.redhat.com/errata/RHSA-2011-1164.html

http://rhn.redhat.com/errata/RHSA-2011-1165.html

https://rhn.redhat.com/errata/RHSA-2011-1166.html

http://rhn.redhat.com/errata/RHSA-2011-1167.html

http://www.zerodayinitiative.com/advisories/ZDI-11-270/

http://www.zerodayinitiative.com/advisories/ZDI-11-271/

http://secunia.com/advisories/45650/

http://secunia.com/advisories/45651/

http://secunia.com/advisories/45652/

http://secunia.com/advisories/45666/

http://secunia.com/advisories/45669/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0084

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2378

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2980

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2981

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2982

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2983

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2984

CVE：CVE-2011-0084, CVE-2011-2378, CVE-2011-2980, CVE-2011-2981, CVE-2011-2982, CVE-2011-2983, CVE-2011-2984

危険性：High Risk

Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4 (FreeType)

回避策：RHSA-2011:1161-01にて対応

脆弱性：システムアクセス, 不正フォントファイル, バッファオーバーフロー

ソース：

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

https://rhn.redhat.com/errata/RHSA-2011-1161.html

http://secunia.com/advisories/45628/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895

CVE：CVE-2011-2895

危険性：Medium Risk

Canonical Ltd. Ubuntu Linux, Red Hat Desktop, Red Hat Enterprise Linux

ソフト名：Canonical Ltd. Ubuntu Linux 8.04/10.04/10.10, Red Hat Desktop 4.x, Red Hat Enterprise Linux AS 4/ES 4/WS 4/5 (Server)/Desktop 5/Desktop Workstation 5/Desktop 6/HPC Node 6/Server 6/Workstation 6 (Internet Software Consortium ISC DHCP 3.1.0〜3.1-ESV-R1/4.1.0〜4.1.2rc1/4.1-ESV〜4.1-ESV-R3b1/4.2.0〜4.2.2rc1)

回避策：USN-1190-1にて対応, RHSA-2011:1160-1にて対応

脆弱性：DoS攻撃, 不特定のエラー, サーバの停止

ソース：

http://www.ubuntu.com/

http://www.redhat.com/rhel/

http://www.redhat.com/rhel/desktop/

http://www.redhat.com/rhel/server/

http://www.ubuntu.com/usn/usn-1190-1/

http://rhn.redhat.com/errata/RHSA-2011-1160.html

http://secunia.com/advisories/45582/

http://secunia.com/advisories/45629/

http://secunia.com/advisories/45639/

http://dvw-j.blogspot.com/2011/08/internet-software-consortium-isc-dhcp.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2749

CVE：CVE-2011-2748, CVE-2011-2749

危険性：Medium Risk