취약점 정보2 썸네일형 리스트형 Microsoft Windows SMB Tree Connect Response denial of service vulnerability OverviewMicrosoft Windows contains a memory corruption bug in the handling of SMB traffic, which may allow a remote, unauthenticated attacker to cause a denial of service on a vulnerable system.DescriptionMicrosoft Windows fails to properly handle traffic from a malicious server. In particular, Windows fails to properly handle a specially-crafted server response that contains too many bytes foll.. 더보기 2017-02-03 주간 취약점 이슈 ID: CVE-2017-3823 Title: Cisco WebEx Google Chrome Extension Remote Code Execution Vulnerability Vendor: Cisco Description: A remote exploitation of an input validation error vulnerability in Cisco WebEx browser extensions could allow an unauthenticated attacker to execute arbitrary code with the privileges of the affected browser on an affected system. An input validation error vulnerability ha.. 더보기 한컴오피스 2월업데이트 한컴오피스 2014 업데이트 내용은 다음과 같습니다. (대상: 한컴오피스 2014, 한/글 2014(단품)) 버 전업데이트 내용공통 요소 20149.1.1.3668#48 보안 취약점 개선 한/글 20149.1.1.3464#48 보안 취약점 개선 한/셀 20149.1.1.3431#48 보안 취약점 개선 한/쇼 20149.1.1.3533#48 보안 취약점 개선 (대상: 한컴오피스 2014 ESD[1주일용/1개월용/1년용]) 버 전업데이트 내용공통 요소 20149.1.1.3670한컴오피스 2014 정품 업데이트 내용과 동일 한/글 20149.1.1.3466한컴오피스 2014 정품 업데이트 내용과 동일 한/셀 20149.1.1.3433한컴오피스 2014 정품 업데이트 내용과 동일 한/쇼 20149.1.0.353.. 더보기 WordPress 보안 업데이트 권고 □ 개요 o WordPress社는 취약한 인증, SQL 인젝션 취약점, 크로스 사이트 스크립팅 취약점, 권한 상승 취약점 총 4종을 해결한 보안 업데이트를 발표[1] o 영향 받는 버전의 사용자는 최신 버전으로 업데이트 권고 □ 영향 받는 소프트웨어 o WordPress v4.7.1 및 이하버전 □ 해결 방안 o 영향 받는 소프트웨어 최신 버전 설치 - 대쉬보드(알림판) – 업데이트 - “Update Now” 클릭 [참고사이트] [1] https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/ 더보기 tor 업데이트 내역 Changelog: Tor Browser 6.5 -- January 24 2017 * All Platforms * Update Firefox to 45.7.0esr * Tor to 0.2.9.9 * OpenSSL to 1.0.2j * Update Torbutton to 1.9.6.12 * Bug 16622: Timezone spoofing moved to tor-browser.git * Bug 17334: Move referrer spoofing for .onion domains into tor-browser.git * Bug 8725: Block addon resource and url fingerprinting with nsIContentPolicy * Bug 20701: Allow the direc.. 더보기 업데이트 해야할 항목 ID: CVE-2016-7200 Title: Microsoft Edge Scripting Engine Memory Corruption Code Execution Vulnerability Vendor: Microsoft Description: The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability t.. 더보기 OpenSSL Update CVE-2017-3731 (OpenSSL advisory) [Moderate severity] 26th January 2017: If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. F.. 더보기 WordPress 4.7.2 Security Release WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.WordPress versions 4.7.1 and earlier are affected by three security issues:The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive.WP_Quer.. 더보기 chrome 56버전 업데이트 The Chrome team is delighted to announce the promotion of Chrome 56 to the stable channel - 56.0.2924.76 for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 56.0.2924.76 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 56.Sec.. 더보기 nginx 1.11.9 업데이트 권고 Changes with nginx 1.11.9 24 Jan 2017 *) Bugfix: nginx might hog CPU when using the stream module; the bug had appeared in 1.11.5. *) Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted even if it was not enabled in the configuration. *) Bugfix: a segmentation fault might occur in a worker process if the "ssl_verify_client" directive of the stream module was used. *) Bugfix: the.. 더보기 이전 1 ··· 25 26 27 28 29 30 31 ··· 48 다음