やっぱり UMPC じゃなくて ThinkPad がいいですよ (;´ρ`) ｸﾞｯﾀﾘ

JPCERT/CC REPORT 2009-03-18

1. 2009年3月 Microsoft セキュリティ情報について
2. 「Adobe Reader および Adobe Acrobat にバッファオーバーフローの脆弱性」に関する追加情報
3. Cisco Unified Communications Manager に脆弱性
4. futomi’s CGI Cafe の MP Form Mail CGI に管理者権限奪取の脆弱性
5. PTK に複数の脆弱性

Red Hat Security Advisory

• [RHSA-2009:0382-01] Moderate: libvirt security update (RHEL5)
• [RHSA-2009:0345-01] Moderate: ghostscript security update (RHEL3, RHEL4, RHEL5)
• [RHSA-2009:0341-01] Moderate: curl security update (RHEL2.1, RHEL3, RHEL4, RHEL5)
• [RHSA-2009:0339-01] Moderate: lcms security update (RHEL5)
• [RHSA-2009:0358-01] Moderate: evolution security update (RHEL3)
• [RHSA-2009:0355-01] Moderate: evolution and evolution-data-server (RHEL4)
• [RHSA-2009:0354-01] Moderate: evolution-data-server security update (RHEL4, RHEL5)
• [RHSA-2009:0344-01] Moderate: libsoup security update (RHEL4, RHEL5)

Exploit Code

• CloneCD/DVD (ElbyCDIO.sys < 6.0.3.2) Local Privilege Escalation Exploit
• win32 SEH omelet shellcode v0.1
• Mozilla Firefox 3.0.7 OnbeforeUnLoad DesignMode Dereference Crash
• Google Chrome 1.0.154.48 Single Thread Alert Out of Bound MEM Access (1619)