$B%;%-%e%j%F%#%[!<%k(B memo - 2006.05

Last modified: Sun Jul 30 22:11:19 2006 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2006.05.31

$B"#(B 2006.05.30

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2006.05.24)

$B!!(B[SA20231] PostgreSQL Encoding-Based SQL Injection Vulnerability $B$NF|K\8l2r@b5-;v$,EP>l(B:

$B!!4XO"(B: PHP $BMxMQ;~$K(B Shift_JIS $B$G(B addslashes() $B$K$h$k%(%9%1!<%W=hM}$K!!(BSQL $B%$%s%8%'%/%7%g%s2DG=$J7j(B

Opera$B$K$*$1$k%"%I%l%9%P!<$"$k$$$O%9%F!<%?%9%P!<56Au2DG=$N%]%F%s%7%c%j%F%#!<(B

$B!!$b$H5-;v$G$"$k!"(BOpera$B$K$*$1$k%"%I%l%9%P!<$"$k$$$O%9%F!<%?%9%P!<56Au2DG=$N%]%F%s%7%c%j%F%#!<(B $B$,2~D{$5$l$F$$$k!#(BOpera $B$N@_Dj%U%!%$%k(B opera6.ini (opera6.ini $B$N>l=j$K$D$$$F$O!"(BOpera $B$N(B [$B%X%k%W(B] $B%a%K%e!<$+$i(B [Opera $B$K$D$$$F(B] $B$r;2>H(B) $B$K$O(B IDNA White List $B$H$$$&@_Dj9`L\$,$"$k$N$@$,!"(BOpera 8.0 Beta 3 $B0J9_!"$J$<$+(B

  • IDNA White List $B$NCM$,6u(B (IDNA White List=) $B$J$H$-$O!"(BIDN $B$KBP1~$7$J$$(B
  • IDNA White List $B$K2?$i$+$NCM$,F~$C$F$$$k$H!"A4$F$N%I%a%$%s$KBP$7$F(B IDN $B$,M-8z(B

$B$H$$$&IT;W5D$Jorz$B!#(B $B$5$C$=$/3NG'$7$F$_$k$H!"

$B!!$H$j$"$($:!"(BIDNA White List= $B$G1?MQ$9$k$7$+$J$5$=$&$@!#(B

$B"#(B TCP/IP$B$K78$k4{CN$N@H
(IPA, 2006.05.30)

$B!!%i%C%/:n@.$N$^$H$a;qNA!#$3$&$$$&$N$O=u$+$j$^$9!#(B

$B"#(B $B!V%*!<%W%s%=!<%9$N%;%-%e%j%F%#!&%[!<%kBP:v$r6/2=!W!$(BJPCERT$B$H(BFSIJ$B$,6(NO(B
($BF|7P(B IT Pro, 2006.05.30)

$B!!$U$%$`!D!D(B

$B!!$^$?!$O"Mm$7$F$b!VA4$/H?1~$,$J$$%1!<%9$b$"$k!W!J(BJPCERT/CC$B!K!#H?1~$,$J$$M}M3$H$7$F(BJPCERT/CC$B$G$O!$G'CNEY$NDc$5$rM}M3$N0l$D$K5s$2$k!#!V!XAa4|7Y2|%Q!<%H%J!<%7%C%W!Y$O$b$A$m$s!$(BJPCERT/CC$B$K$D$$$F$bCN$i$J$$3+H//$J$/$J$$$h$&$@!W!J(BJPCERT/CC$B!K!#$=$3$G:#2s!$(BFSIJ$B$H6(NO$7$?$3$H$rH/I=$7!$Aa4|7Y2|%Q!<%H%J!<%7%C%W$d(BJPCERT/CC$B$NG'CNEY8~>e$r?^$k!#3+H/

$B!!%*!<%W%s%=!<%93+H/FSIJ $B$NG'CNEY$O!"(BJPCERT/CC $B$N$=$l$h$j$b==J,$K9b$$$N$@$m$&$+!#(B

$B!!%W%l%9%j%j!<%9(B: JPCERT/CC$B!"(BFSIJ $B$N(B 2$BAH?%$,%*!<%W%s%=!<%9%=%U%H%&%'%"$*$h$S%U%j!<%=%U%H%&%'%"$N%;%-%e%j%F%#BP:v6/2=$rL\E*$H$7$?6(NOBN@)$r9=C[(B (JPCERT/CC)

$B"#(B 2006.05.29

$B"#(B $B$$$m$$$m(B (2006.05.29)
(various)

$B"#(B SYM06-010: Symantec Client Security and Symantec AntiVirus Elevation of Privilege
(Symantec, 2006.05.25)

$B!!(BSymantec Client Security 3.0 / 3.1$B!"(B Symantec AntiVirus Corporate Edition 10.0 / 10.1 $B$K(B stack buffer overflow $B$9$k7g4Y$,$"$j!"(Bremote $B$+$iG$0U$N%3!<%I$rUpcoming Advisories: EEYEB-20060524 (eEye, 2005.05.24) $B$NOC$H;W$o$l!#(Bpatch $B$,=P$F$$$k!#(B

$B!!F|K\8lHG$N>pJs$b$=$N$&$A=P$k$G$7$g$&!#!D!D=P$^$7$?(B:

$B!!>pJs$@$1$G!"(Bpatch $B$O$^$@$"$j$^$;$s!#(B

2006.06.03 $BDI5-(B:

$B!!(B$B%7%^%s%F%C%/(B $B%"%s%A%&%#%k%9(B $B$H(B $B%/%i%$%"%s%H(B $B%;%-%e%j%F%#$N(B $B%P%C%U%!%*!<%P!<%U%m!<(B (ISSKK)$B!#(BISS $B$G$b:F8=$K@.8y$7$F$*$j!"(BProventia $BEy$GBP1~$7$F$$$k$=$&$G$9!#(B

2006.06.06 $BDI5-(B:

$B!!(BSymantec Client Security 3.1.0.394 $BF|K\8lHG!"$*$h$S(B Symantec Antivirus Corporate Edition 10.1.0.394 $BF|K\8lHGMQ$N(B patch $B$,MQ0U$5$l$?$=$&$G$9!#(B 20060529145254961 - SYM06-010$B!'(B $B@H ($B%7%^%s%F%C%/(B) $B$r;2>H!#(B Nakata $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B Symantec Client Security 3.0.2.2020 $BF|K\8lHG!"$*$h$S(B Symantec Antivirus Corporate Edition 10.0.2.2020 $BF|K\8lHGMQ$N(B patch $B$O$^$@$G$-$F$^$;$s!#(B

2006.06.13 $BDI5-(B:

$B!!(BeEye $B$+$i%"%I%P%$%6%j8x3+(B ($B9b66$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B):

$B!!$^$?!"(BSymantec Client Security 3.0.2.2020 $BF|K\8lHG!"$*$h$S(B Symantec Antivirus Corporate Edition 10.0.2.2020 $BF|K\8lHGMQ$N(B patch $B$b8x3+$5$l$^$7$?!#(B

$B!!$9$G$K=P$F$$$?!"(BSymantec Client Security 3.1.0.394 $BF|K\8lHG!"$*$h$S(B Symantec Antivirus Corporate Edition 10.1.0.394 $BF|K\8lHGMQ$N(B patch $B$O$3$A$i(B:

$B"#(B $BDI5-(B

Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (912812) (MS06-013)

$B!!(B[BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2

Security flaw in RealVNC 4.1.1

$B!!(BRealVNC Free Edition Ver.4.1.2 $BF|K\8lHG(B ([$B$"(B] UnderDone($B$"$s$G$k$I$s(B), 2006.05.29)$B!#$D$$$K=P$^$7$?!#(B $B!V4A;z%-!

Windows Media Player $B%W%i%0%$%s$N@H

$B!!(BMicrosoft cumulative updates may not be installed correctly if you change the location of the Program Files folder (Microsoft)$B!#(BProgram Files $B%U%)%k%@$N0LCV$rJQ99$7$F$$$k$H!"(BMS06-006 patch $B$r$&$^$/E,MQ$G$-$J$$>l9g$,$"$k$=$&$J!#(B $B2sHrJ}K!$,>R2p$5$l$F$$$k!#(B

$B"#(B 2006.05.28

$B"#(B 2006.05.27

$B"#(B $BDI5-(B

Targeted attack: Word exploit - Update

$B!!(BSourcefire VRT Advisory: 2006-05-26 (snort.org)$B!#(B Ginwui.B $B%&%$%k%9$r8!=P$9$k%k!<%k$H!"(BWord $B%I%-%e%a%s%H$K(B SmartTag $B%G!<%?9=B$$,B8:_$9$k$+$I$&$+$r8!::$9$k%D!<%k(B DocCheck $B$,8x3+$5$l$F$$$^$9!#(B

$B"#(B 2006.05.26

$B"#(B $B!V%^%$%/8}%=%U%H(B.JP$B!W$,EPO?2DG=!*(B
($B$($`$b$8$i(B, 2006.05.25)

$B!!$@$=$&$G$9!#%H%l%s%I%^%$%/8}(B.jp $B$H$+%f%K%/8}(B.jp $B$H$+$b$$$1$k$N$+$J!#(B

2006.06.02 $BDI5-(B:

$B!!0J2<$N(B web $B%Z!<%8$,2~D{$5$l$F$$$^$9!#(BSuzuki $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B $B9qFb(Bopen proxy$B$N8=>u(B
($B%5!<%P4IM})

$B!!$J$s$H!"9qFb$N(B open proxy $B$N(B3$BJ,$N(B2$B$O!V%3%j%c1QOB!*(B / LogoVista$B!W%7%j!<%:$G!"(B2 $BHV

$B"#(B $B$$$m$$$m(B (2006.05.26)
(various)

2006.06.06 $BDI5-(B:

$B!!(BDrupal $BOC$N(B SA:

$B"#(B $BDI5-(B

Security flaw in RealVNC 4.1.1

$B!!4XO"(B:

$B"#(B 2006.05.25

$B"#(B 2006.05.24

$B"#(B $B$$$m$$$m(B (2006.05.24)
(various)

2006.05.30 $BDI5-(B:

$B!!(B[SA20231] PostgreSQL Encoding-Based SQL Injection Vulnerability $B$NF|K\8l2r@b5-;v$,EP>l(B:

$B!!4XO"(B: PHP $BMxMQ;~$K(B Shift_JIS $B$G(B addslashes() $B$K$h$k%(%9%1!<%W=hM}$K!!(BSQL $B%$%s%8%'%/%7%g%s2DG=$J7j(B

$B"#(B $B%H%l%s%I%^%$%/%m@=IJ$N(BCGI$B%W%m%0%i%`$KB8:_$9$k@H
($B%H%l%s%I%^%$%/%m(B, 2006.05.24)

$B!!%&%$%k%9%P%9%?!<(B $B%3!<%]%l!<%H%(%G%#%7%g%s(B 5.58 / 6.5 / 7.0 / 7.3$B!"(B Trend Micro $B%&%$%k%9%P%9%?!<(B $B%S%8%M%9%;%-%e%j%F%#(B 3.0$B!"(BTrend Micro Client/Server Security 2.0 $B$N(B CGI $B%W%m%0%i%`$K(B 2 $B$D$N7g4Y!#0J27.0 $BMQ$N(B patch $B$N(B README $B$+$i0zMQ(B:

  1. $B%&%$%k%9%P%9%?!<(B Corp. CGI$B%W%m%0%i%`$r5/F0$5$;$k(BHTTP GET/POST$B%j%/%(%9%H$K$h$C$F%&%$%k%9%P%9%?!<(B Corp.$B%/%i%$%"%s%H$r:o=|$G$-$kLdBj(B
    $B$3$N@H

  2. $B%&%$%k%9%P%9%?!<(B Corp. CGI$B%W%m%0%i%`$r5/F0$5$;$k(BHTTP GET/POST$B%j%/%(%9%H$K$h$C$F%U%!%$%k$r:o=|$G$-$kLdBj(B
    $B$3$N@H

$B!!(Bpatch $B$G99?7$5$l$k$N$O!"(BcgiGetDomain.exe, cgiGetClient.exe, cgiRecvFile.exe, jdkNotify.exe, VerConn.exe (VerConn.exe $B$O(B 5.58 $B$N$_(B) $B$J$N$G!"$3$l$i$K$=$&$$$&7g4Y$,$"$k$N$@$m$&!#(B

$B!!>\:Y$K$D$$$F$O0J2<$r;2>H(B:

$B"#(B Opera$B$K$*$1$k%"%I%l%9%P!<$"$k$$$O%9%F!<%?%9%P!<56Au2DG=$N%]%F%s%7%c%j%F%#!<(B
(hoshikuzu | star_dust $B$N=q:X(B, 2006.05.23)

$B!!(BOpera 8.54 $B$K$*$$$F!"(B http://www.xn--gmail-bgd.com/ $B$r$?$I$k$H(B http://www.gmail.com $B$H$N6hJL$,(B ($B8+$?L\>e(B) $B$D$+$J$$$H$$$&OC!#(B http://mct.verisign-grs.com/conversiontool/convertServlet?input=www.xn--gmail-bgd.com&type=PUNYCODE $B$r8+$k$H!"(Bi $B$H(B l $B$N4V$K(B U+0307 $B$H$$$&J8;z$,F~$j9~$s$G$$$k!#(B $B:rG/$N(B $B!V(B$B9q:]2=%I%a%$%sL>BP1~%V%i%&%6$K(BURL$B$,!H56Au!I$5$l$kLdBj!"(BIE$B$O1F6A$J$7(B$B!W(B $B$N$H$-$K!"(BOpera $B$O(B

Opera has added a whitelist of top-level domains that are trusted to enforce a safe policy on domain names. Several top-level registrars have strict rules for domain names. Opera for Windows, Mac and UNIX will check for an updated list of trusted TLDs on a regular basis. Opera now only accepts Latin 1 characters in domain names from top-level domains that are not on the whitelist. This covers Western European languages without introducing any convincing homographs.

$B$H$$$&J}?K$K$J$C$?(B ($B;2>H(B$B!">e5-0zMQ$N2<@~$O>.Eg(B) $B$O$:$@$,!"

$B!!(BOpera $B$N8@$&(B Latin 1 characters $B$H$$$&$N$O$I$NHO0O$J$N$@$m$&!#(B Latin Extended $B$r4^$`$H$9$k$H!"$=$l$i$KJq@]$5$l$kI=8=$r(B U+0307 $B$J$I$r;H$C$F:n@.$G$-$k$N$G!">u67$K@09g$9$k$h$&$J5$$,$7$J$$$G$b$J$$!#(B

$B!!:#2s$N;v>]<+?H$O!V(BOpera $B$N(B Latin 1 $BH=Dj

Opera now only accepts Latin 1 characters in domain names from top-level domains that are not on the whitelist.

$B$K$D$$$F$b8+D>$7$?J}$,$h$5$2$J5$$,!#(BLatin 1 $B$H$$$&Nc30$OGQ;_$7$?J}$,$9$C$-$j$7$=$&!#(B

$B!!4XO"(B:

2006.05.30 $BDI5-(B:

$B!!$b$H5-;v$G$"$k!"(BOpera$B$K$*$1$k%"%I%l%9%P!<$"$k$$$O%9%F!<%?%9%P!<56Au2DG=$N%]%F%s%7%c%j%F%#!<(B $B$,2~D{$5$l$F$$$k!#(BOpera $B$N@_Dj%U%!%$%k(B opera6.ini (opera6.ini $B$N>l=j$K$D$$$F$O!"(BOpera $B$N(B [$B%X%k%W(B] $B%a%K%e!<$+$i(B [Opera $B$K$D$$$F(B] $B$r;2>H(B) $B$K$O(B IDNA White List $B$H$$$&@_Dj9`L\$,$"$k$N$@$,!"(BOpera 8.0 Beta 3 $B0J9_!"$J$<$+(B

$B$H$$$&IT;W5D$Jorz$B!#(B $B$5$C$=$/3NG'$7$F$_$k$H!"

$B!!$H$j$"$($:!"(BIDNA White List= $B$G1?MQ$9$k$7$+$J$5$=$&$@!#(B

2006.06.20 $BDI5-(B:

$B!!(BIDNA White List= $B$G1?MQ$7$h$&$H$7$F$b!"$$$D$N$^$K$+$J$<$+85$KLa$C$F$7$^$&LOMM!#(B

$B!!$=$3$G!"$U$H<+J,$N(B opera6.ini $B$r8+$F$_$k$H!D!D$,$,!<$s!"$3$l$bLa$C$F$k(B orz$B!#$J$s$8$c$3$j$c!<(B

$B"#(B [MediaWiki-announce] MediaWiki 1.6.6 released (security)
(MediaWiki, 2006.05.23)

$B!!(BMediaWiki 1.6.x $B$K(B XSS $B7g4Y$,$"$j!"(B1.6.6 $B$G=$@5$5$l$?$=$&$G$9!#(B MediaWiki 1.5.x $B0JA0$K$O$3$N7g4Y$O$"$j$^$;$s!#(B

$B!!4XO"(B: [SA20189] MediaWiki Script Insertion Vulnerabilities

$B"#(B 2006.05.23

$B"#(B $BDI5-(B

JP1/$BHkJ8!!%7%^%s%F%C%/

$B!!Bh(B 2 $BJs=P$^$7$?(B:

$B!!(BSymEvent $B%U%!%$%k$r(B 12.0.3.1 $B$K99?7$9$l$P$h$$$=$&$G$9!#(B

Targeted attack: Word exploit - Update

$B!!(BMicrosoft Security Advisory $B=P$^$7$?!#(B

$B!!$3$l$K$h$k$H!"(BWord $B$r%;!<%U%b!<%I$G5/F0$9$l$P!":#2s$N7g4Y$r2sHr$G$-$k$=$&$G$9!#(B

$B!!(BAdvisory $B$G$O!"%;!<%U%b!<%I5/F0MQ$N%7%g!<%H%+%C%H$rMQ0U$7$?$j!"%0%k!<%W%]%j%7!<$r;H$C$F6/@)$7$?$j$9$kNc$,7G:\$5$l$F$$$^$9!#(B $B$J$*!"%;!<%U%b!<%I$G5/F0$9$k$H!"0J2<$N5!G=$,;H$($^$;$s!#(B

  • $B%F%s%W%l!<%H$rJ]B8$G$-$^$;$s!#(B
  • Office $B%"%7%9%?%s%H$,<+F0E*$KI=<($5$l$^$;$s!#(B
  • $B%D!<%k(B $B%P!<$^$?$O%3%^%s%I(B $B%P!<$N%f!<%6!<@_Dj$,FI$_9~$^$l$^$;$s!#$^$?%f!<%6!<@_Dj$rJ]B8$G$-$^$;$s!#(B
  • $B%*!<%H%3%l%/%H$N0lMw$,FI$_9~$^$l$^$;$s!#$^$?!"JQ99FbMF$rJ]B8$G$-$^$;$s!#(B
  • $B=$I|$7$?J8=q$O<+F0E*$K3+$+$l$^$;$s!#(B
  • $B%9%^!<%H(B $B%?%0$,FI$_9~$^$l$^$;$s!#$^$?!"?75,$N%9%^!<%H(B $B%?%0$rJ]B8$G$-$^$;$s!#(B
  • "/a" $B$*$h$S(B "/n" $B0J30$N%3%^%s%I(B $B%i%$%s(B $B%*%W%7%g%s$,$9$Y$FL5;k$5$l$^$9!#(B
  • XLSTART $BBeBX%U%)%k%@$K%U%!%$%k$rJ]B8$G$-$^$;$s!#(B(Word 2003 $B$N$_(B)
  • $B%f!<%6!<@_Dj$rJ]B8$G$-$^$;$s!#(B
  • $BDI2C5!G=$HDI2C%W%m%0%i%`$,<+F0E*$KFI$_9~$^$l$^$;$s!#(B
  • $B%"%/%;%95v2D$,@)8B$5$l$F$$$kJ8=q$r:n@.$9$k$3$H$d3+$/$3$H$,$G$-$^$;$s!#(B(Word 2003 $B$N$_(B)

$B!!7g4Y$O!">e5-$N5!G=$N$I$l$+$K@x$s$G$$$k!"$H$$$&$3$H$G$9$+$M!#(B

$B!!(BeEye $B$+$i$b=P$F$$$^$9(B:

$B"#(B JVN#55425662: MyWeb $B$K$*$1$k(B SQL $B%$%s%8%'%/%7%g%s$N@H
(JVN, 2006.05.22)

$B!!IY;NDL;M9q%7%9%F%`%:$N%0%k!<%W%&%'%"(B MyWeb $B%7%j!<%:$K(B SQL $B%$%s%8%'%/%7%g%s$,2DG=$H$J$k7g4Y$,B8:_$9$k!#(B $BBP1~J}K!$K$D$$$F$O!"@lMQ%5%]!<%H%5%$%H$K$7$+7G:\$5$l$F$$$J$$$N$G$h$/$o$+$i$J$$!#(B $B4XO"(B:

$B"#(B $B!V(BLMO-FB1354FU2$B!W$*$h$S!V(BLMO-FB654FU2$B!W$r(BMac OS 9$B4D6-$G;HMQ$9$k>l9g$N$*4j$$(B
(logitec, 2006.05.19)

$B!!%m%8%F%C%/$N30IU$1(B MO $B%I%i%$%V!"(BLMO-FB1354FU2 $B$^$?$O(B LMO-FB654FU2 $B$r!"(BMac OS 9.1$B!A(B9.2.2 $B$K(B FireWire $B@\B3$9$k>l9g$K!"(B

B'sCrew$B4XO"$N(BFireWire$B%I%i%$%P!J(BB'sCrew mini$B!"(BB'sCrew FW$BEy!K$,%$%s%9%H!<%k$5$l$F$$$k$H!"(BMO$B%a%G%#%"$rA^F~$7$F$b%"%/%;%9%i%s%W$,E@Et$7$?$^$^%^%&%s%H$5$l$J$$$H$$$&$h$&$JIT6q9g$,H/@8$7$^$9!#(B
$B:G0-$N>l9g!"(BMO$B%a%G%#%"$,2u$l$k$3$H$,$"$j$^$9!#(B

$B!!$3$NIT6q9g$O(B USB $B@\B3$N>l9g!"$^$?$O(B Mac OS X $B$r;HMQ$9$k>l9g$K$*$$$F$OH/@8$7$J$$!#(B

$B!!(BB'sCrew $B4XO"$N(B FireWire $B%I%i%$%P$r;HMQ$7$J$$$3$H$K$h$C$F2sHr$G$-$k!#$^$?!"%m%8%F%C%/$K(B MO $B%I%i%$%V$rAwIU$7!"%U%!!<%`%&%'%"$r99?7$7$F$b$i$&$3$H$GBP1~$G$-$k(B ($BAwNA$O%m%8%F%C%/$,IiC4$7$F$/$l$k(B)$B!#(B

$B"#(B 2006.05.22

$B"#(B $B$$$m$$$m(B (2006.05.22)
(various)

$B"#(B SKYPE-SB/2006-001: Improper handling of URI arguments
(SKYPE, 2006.05.19)

$B!!(BWindows $BHG$N(B Skype 2.0.*.104 $B0JA0(B / 2.5.*.78 $B0JA0$K7g4Y!#(B Skype $BFH<+$N(B URI $B%O%s%I%i$N$N%U%!%$%k$,B>$N(B Skype $B%f!<%6$KE>Aw$5$l$F$7$^$&!#(B Mac OS X $BHG(B / Linux $BHG$K$O$3$N7g4Y$O$J$$!#(B

$B!!(BWindows $BHG$N(B Skype 2.0.*.105 / 2.5.*.79 $B0J9_$G=$@5$5$l$F$$$k!#$5$-$[$I(B Skype $B$N%@%&%s%m!<%I%Z!<%8$r3NG'$7$?$H$3$m!"(B2.0.0.105 / 2.5.0.82 $B$,G[I[$5$l$F$$$?!#(B

$B!!4XO"(B:

$B"#(B $BDI5-(B

Targeted attack: Word exploit - Update

$B!!4XO"(B:

$B"#(B 2006.05.21

$B"#(B [Reversemode] Microsoft Infotech Storage library Heap Corruption
(bugtraq, 2006.05.09)

$B!!(BMicrosoft Infotech Storage System Library (itss.dll) $B$K(B heap overflow $B$9$k7g4Y$,$"$j!"96N,(B CHM / ITS $B%U%!%$%k$r;H$C$FG$0U$N%3!<%I$rCVE-2006-2297

$B"#(B Targeted attack: Word exploit - Update
(SANS ISC, 2006.05.20)

$B!!35MW$K$D$$$F$O!"!V(BWord$B$N@H$B!W(B(ITmedia, 2006.05.20) $B$r;2>H!#$3$s$J46$8$_$?$$(B:

  1. Microsoft Word $BE:IU%U%!%$%k$D$-EE;R%a!<%k$,$d$C$F$/$k(B

  2. $BE:IU%U%!%$%k$r3+$/$H!"(BMicrosoft Word 2002 / 2003 $B$NL$CN$N7g4Y$r96N,$5$l!"%P%C%/%I%"$r@_CV$5$l$k!#(B $B$3$N7g4Y$O(B word viewer $B$K$OB8:_$7$J$$!#(B $B%P%C%/%I%"$O(B rootkit $B5;=Q$rMQ$$$F1#JC$5$l$k!#(B

  3. $B%P%C%/%I%"$,5/F0$5$l!"%3%s%H%m!<%k%5%$%H$K@\B3$5$l$k!#(B

  4. $B%3%s%H%m!<%k%5%$%H$+$i$N;XNa$K$h$j!"(B $B$"$s$J$3$H$d$3$s$J$3$H$r$5$l$^$/$k!#(B

$B!!=$@5%W%m%0%i%`$O8=:_3+H/Cf!#%"%s%A%&%$%k%9%Y%s%@!<3F

$B!!4XO"(B:

$B!!0l;~4|!V%9%T%"7?!W$H$$$&8@MU$,EP>l$7$F$$$^$7$?$,!":#$G$O(B Targeted attack $B$H8F$P$l$k$h$&$G$9!#(B

2006.05.22 $BDI5-(B:

$B!!4XO"(B:

2006.05.23 $BDI5-(B:

$B!!(BMicrosoft Security Advisory $B=P$^$7$?!#(B

$B!!$3$l$K$h$k$H!"(BWord $B$r%;!<%U%b!<%I$G5/F0$9$l$P!":#2s$N7g4Y$r2sHr$G$-$k$=$&$G$9!#(B

$B!!(BAdvisory $B$G$O!"%;!<%U%b!<%I5/F0MQ$N%7%g!<%H%+%C%H$rMQ0U$7$?$j!"%0%k!<%W%]%j%7!<$r;H$C$F6/@)$7$?$j$9$kNc$,7G:\$5$l$F$$$^$9!#(B $B$J$*!"%;!<%U%b!<%I$G5/F0$9$k$H!"0J2<$N5!G=$,;H$($J$^$;$s!#(B

  • $B%F%s%W%l!<%H$rJ]B8$G$-$^$;$s!#(B
  • Office $B%"%7%9%?%s%H$,<+F0E*$KI=<($5$l$^$;$s!#(B
  • $B%D!<%k(B $B%P!<$^$?$O%3%^%s%I(B $B%P!<$N%f!<%6!<@_Dj$,FI$_9~$^$l$^$;$s!#$^$?%f!<%6!<@_Dj$rJ]B8$G$-$^$;$s!#(B
  • $B%*!<%H%3%l%/%H$N0lMw$,FI$_9~$^$l$^$;$s!#$^$?!"JQ99FbMF$rJ]B8$G$-$^$;$s!#(B
  • $B=$I|$7$?J8=q$O<+F0E*$K3+$+$l$^$;$s!#(B
  • $B%9%^!<%H(B $B%?%0$,FI$_9~$^$l$^$;$s!#$^$?!"?75,$N%9%^!<%H(B $B%?%0$rJ]B8$G$-$^$;$s!#(B
  • "/a" $B$*$h$S(B "/n" $B0J30$N%3%^%s%I(B $B%i%$%s(B $B%*%W%7%g%s$,$9$Y$FL5;k$5$l$^$9!#(B
  • XLSTART $BBeBX%U%)%k%@$K%U%!%$%k$rJ]B8$G$-$^$;$s!#(B(Word 2003 $B$N$_(B)
  • $B%f!<%6!<@_Dj$rJ]B8$G$-$^$;$s!#(B
  • $BDI2C5!G=$HDI2C%W%m%0%i%`$,<+F0E*$KFI$_9~$^$l$^$;$s!#(B
  • $B%"%/%;%95v2D$,@)8B$5$l$F$$$kJ8=q$r:n@.$9$k$3$H$d3+$/$3$H$,$G$-$^$;$s!#(B(Word 2003 $B$N$_(B)

$B!!7g4Y$O!">e5-$N5!G=$N$I$l$+$K@x$s$G$$$k!"$H$$$&$3$H$G$9$+$M!#(B

$B!!(BeEye $B$+$i$b=P$F$$$^$9(B:

2006.05.27 $BDI5-(B:

$B!!(BSourcefire VRT Advisory: 2006-05-26 (snort.org)$B!#(B Ginwui.B $B%&%$%k%9$r8!=P$9$k%k!<%k$H!"(BWord $B%I%-%e%a%s%H$K(B SmartTag $B%G!<%?9=B$$,B8:_$9$k$+$I$&$+$r8!::$9$k%D!<%k(B DocCheck $B$,8x3+$5$l$F$$$^$9!#(B

2006.06.02 $BDI5-(B:

$B!!(B$B!V(BWord$B$N%<%m%G%$967b$r ($BF|7P(B IT Pro, 2006.06.01)

2006.06.13 $BDI5-(B:

$B!!(BDocCheck $B$N?7HG$,EP>l$7$F$$$^$9(B: New version of DocCheck tool available (snort.org)

2006.06.14 $BDI5-(B:

$B!!=$@5%W%m%0%i%`=P$^$7$?(B: Microsoft Word $B$N@H (Microsoft)

$B"#(B 2006.05.19

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2006.05.17)

$B!!(BSNS Advisory No.87: Sun Java System Web Server Default Error Page Cross-site Scripting Vulnerability (LAC, 2006.05.18)$B!#(Bupgrade $BHG$,$"$k$N$GE,MQ$9$l$P$h$$$=$&$G$9!#(B

$B!!(BSun Advisory: 102164 : Cross Site Scripting Vulnerability in Sun ONE and Sun Java System Applications (Sun, 2006.05.18)

$B"#(B 2006.05.18

$B"#(B $BDI5-(B

Microsoft Exchange $B$N@H

$B!!4XO"5-;v(B: Exchange Server$B$N%"%/%;%98";EMMJQ99$G!$JF9q$N%7%9%F%`4IM} ($BF|7P(B IT Pro, 2006.05.17)$B!#I{:nMQ$NOC$,>\=R$5$l$F$$$k!#(B

$B"#(B 2006.05.17

$B"#(B $BDI5-(B

Security flaw in RealVNC 4.1.1

$B!!$H$j$"$($:!"(BReal VNC 4.1.1 + RealVNC Ver.4.1.1 $BF|K\8lHG(B patch + $B>e5-%;%-%e%j%F%#(B patch $B$G%P%$%J%j$r$D$/$C$F$_$?!#(B$B$3$N$X$s(B$B!#$&$^$/$$$C$F$$$k$+$I$&$+3NG'$7$F$J$$$N$G(B at your own risk $B$G!#(B

$B!!$"$H!"(BJPCERT/CC $B$+$iCm0U4-5/$,=P$F$^$9(B: RealVNC $B%5!<%P$NG'>Z$,2sHr$5$l$k@H (JPCERT/CC, 2006.05.17)

$B"#(B $B$$$m$$$m(B (2006.05.17)
(various)

2006.05.19 $BDI5-(B:

$B!!(BSNS Advisory No.87: Sun Java System Web Server Default Error Page Cross-site Scripting Vulnerability (LAC, 2006.05.18)$B!#(Bupgrade $BHG$,$"$k$N$GE,MQ$9$l$P$h$$$=$&$G$9!#(B

$B!!(BSun Advisory: 102164 : Cross Site Scripting Vulnerability in Sun ONE and Sun Java System Applications (Sun, 2006.05.18)

$B"#(B [SA20123] Nagios Content-Length Integer Overflow Vulnerability
(secunia, Tue, 16 May 2006 20:02:40 +0900)

$B!!(BNagios 1.x / 2.x $B$K7g4Y!#(B CGI $B%W%m%0%i%`$K$*$$$F!"(B HTTP content_length $B%X%C%@$NCVE-2006-2489

$B!!(BNagios 2.3.1 $B$*$h$S(B 1.4.1 $B$G=$@5$5$l$F$$$k!#(B

$B"#(B 2006.05.16

$B"#(B $BDI5-(B

Security flaw in RealVNC 4.1.1

$B!!4XO"(B:

$B!!LdBj$N(B fix $B$O!"(B$B$3$&$$$&$3$H(B$B$G$$$$$s$G$9$+$M!#(B

$B"#(B 2006.05.15

$B"#(B 2006.05.14

$B"#(B 2006.05.13

$B"#(B Security flaw in RealVNC 4.1.1
(IntelliAdmin, 2006.05.08)

$B!!(BRealVNC 4.1.1 $B$K7g4Y!#(BVNC $B%5!<%P$X$N@\B3$K$*$$$F!"G'>Z$r2sHr$9$kJ}K!$,B8:_$9$k!#(B $B$3$N7g4Y$O(B TightVNC $B$d(B UltraVNC $B$K$OB8:_$7$J$$!#$^$?(B RealVNC 4.0 $B$K$bB8:_$7$J$$!#(B

$B!!(BRealVNC 4.1.2 $B$G=$@5$5$l$F$$$k!#(B $B%j%j!<%9%N!<%H(B$B!#(B

2006.05.16 $BDI5-(B:

$B!!4XO"(B:

$B!!LdBj$N(B fix $B$O!"(B$B$3$&$$$&$3$H(B$B$G$$$$$s$G$9$+$M!#(B

2006.05.17 $BDI5-(B:

$B!!$H$j$"$($:!"(BReal VNC 4.1.1 + RealVNC Ver.4.1.1 $BF|K\8lHG(B patch + $B>e5-%;%-%e%j%F%#(B patch $B$G%P%$%J%j$r$D$/$C$F$_$?!#(B$B$3$N$X$s(B$B!#$&$^$/$$$C$F$$$k$+$I$&$+3NG'$7$F$J$$$N$G(B at your own risk $B$G!#(B

$B!!$"$H!"(BJPCERT/CC $B$+$iCm0U4-5/$,=P$F$^$9(B: RealVNC $B%5!<%P$NG'>Z$,2sHr$5$l$k@H (JPCERT/CC, 2006.05.17)

$B!!4XO"(B:

2006.05.29 $BDI5-(B:

$B!!(BRealVNC Free Edition Ver.4.1.2 $BF|K\8lHG(B ([$B$"(B] UnderDone($B$"$s$G$k$I$s(B), 2006.05.29)$B!#$D$$$K=P$^$7$?!#(B $B!V4A;z%-!

2006.06.24 $BDI5-(B:

$B!!(BCisco Security Response: RealVNC Remote Authentication Bypass Vulnerability (Cisco)$B!#(BCisco CallManager $B$K%P%s%I%k$5$l$F$$$k(B RealVNC $B$K$b$3$NLdBj$,$"$j!"99?7HG$,MQ0U$5$l$F$$$k$=$&$@!#(B

$B"#(B 2006.05.12

$B"#(B Security Update 2006-003 $B$K$D$$$F(B
(Apple, 2006.05.12)

$B!!(BMac OS X 10.3.9 / 10.4.6 $BMQ$N%;%-%e%j%F%#=$@5%Q%C%1!<%8!#G$0U$N%3!<%I$N

$B"#(B APPLE-SA-2006-05-11 QuickTime 7.1
(Apple, 2006.05.12)

$B!!(BQuickTime 7.0.x $B0JA0$KJ#?t$N=EBg$J7g4Y!#96N,2hA|!&1GA|%U%!%$%k$r;H$C$F!"G$0U$N%3!<%I$r

$B!!(BQuickTime 7.1 $B$G=$@5$5$l$F$$$k!#(BQuickTime 7.1 $B$O(B QuickTime Player $B%9%?%s%I%"%m%sHG$N%@%&%s%m!<%I(B (Apple) $B$+$i%@%&%s%m!<%I$G$-$k!#(B

$B"#(B 2006.05.11

$B"#(B $B$$$m$$$m(B (2006.05.11)
(various)

$B"#(B $BDI5-(B

MSDTC $B$*$h$S(B COM+ $B$N@H

$B!!(BMicrosoft Distributed Transaction Coordinator$B%a%b%jJQ99@H ($B=;>&>pJs%7%9%F%`(B / eEye) $B$H$OJL$N7g4Y$bB8:_$7$?$N$@$=$&$@!#(B

$B!!$3$N7g4Y$O4{$K(B MS05-051 patch $B$G=$@5$5$l$F$$$k$=$&$@!#(B $B$7$+$7$3$N7g4Y$G$O(B Windows NT 4.0 $B$bBP>]$K$J$k$N$@$=$&$@!#(B NT 4.0 patch $B$J$s$F$b$N$O$b$A$m$s$J$$!#(B

$B"#(B 2006.05.10

$B"#(B Microsoft Exchange $B$N@H
(Microsoft, 2006.05.10)

$B!!(BExchange 2000 / 2003 $B$K7g4Y!#(BExchange $B$N(B Collaboration Data Objects for Exchange (CDOEX) $B$*$h$S(B Exchange Collaboration Data Objects (EXCDO) $B5!G=$K$*$1$k!"%a!<%k$N(B iCAL $B$*$h$S(B vCAL $B%W%m%Q%F%#$N=hM}$K7g4Y$,$"$j!"(BExchange $B%5!<%P>e$GG$0U$N%3!<%I$rCVE-2006-0027

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#$?$@$7!"$3$N(B patch $B$K$O(B KB912918 - Users cannot send e-mail messages from a mobile device or from a shared mailbox in Exchange 2000 Server and in Exchange Server 2003 (Microsoft) $B$NFbMF$,AH$_9~$^$l$F$$$k$?$a!"I{:nMQ$KCm0U$9$k$3$H!#(B

2006.05.18 $BDI5-(B:

$B!!4XO"5-;v(B: Exchange Server$B$N%"%/%;%98";EMMJQ99$G!$JF9q$N%7%9%F%`4IM} ($BF|7P(B IT Pro, 2006.05.17)$B!#I{:nMQ$NOC$,>\=R$5$l$F$$$k!#(B

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2006.01.08)

$B!!(Bapache 1.3.35 / 2.0.58 $B$,EP>l$7$F$$$^$9!#(BCVE-2005-3357 $B$,=$@5$5$l$F$$$^$9!#(B $BDEED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

Apache $B$N%5!<%P!<%5%$%I%$%a!<%8%^%C%W=hM}%b%8%e!<%k$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H

$B!!(Bapache 1.3.35 / 2.0.58 $B$,EP>l$7$F$$$^$9!#$3$N7g4Y$,=$@5$5$l$F$$$^$9!#DEED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B APSB06-07: SQL $B%$%s%8%'%/%7%g%s$N@HpJs!J(BDreamweaver$B!K(B
(Adobe, 2006.05.10)

$B!!(BDreamweaver 8 / MX2004 $B$K7g4Y!#(BDreamweaver $B%5!<%P%S%X%$%S%"$K$h$C$F@8@.$5$l$k%3!<%I$K(B SQL $B%$%s%8%'%/%7%g%s$,2DG=$J7g4Y$,B8:_$9$k!#(B CVE: CVE-2006-2042

$B!!(BDreamweaver 8 $B$G$O(B Dreamweaver 8.0.2 $B$G=$@5$5$l$F$$$k!#(B Dreamweaver MX 2004 $B$G$O!"@8@.$5$l$k%3!<%I$r!"(BProtecting ColdFusion server behaviors from SQL injection vulnerability (Adobe) $B$K=>$C$F=$@5$9$k$7$+$J$$!#(B

$B"#(B Microsoft Distributed Transaction Coordinator (MSDTC) $B$N@H
(Microsoft, 2006.05.10)

$B!!(BWindows 2000 / XP / Server 2003 $B$K7g4Y!#(B Microsoft Distributed Transaction Coordinator (MSDTC) $B$K(B 2 $B$D$N(B buffer overflow $B$9$k7g4Y$,$"$j!"(Bremote $B$+$i(B DoS $B967b$r

$B!!$3$N$&$A(B CVE-2006-1184 $B$O!"(BMS05-051 $B$K$*$1$k=$@5$,IT==J,$@$C$?$?$a$KH/@8$7$?$b$N$@$=$&$G$9!#(B

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#(B

$B"#(B Adobe $B$N(B Macromedia Flash Player $B$N@H
(Microsoft, 2006.05.10)

$B!!(BAPSB06-03 Flash Player Update to Address Security Vulnerabilities $B$H(B Macromedia Flash Player$BIT@5%a%b%j%"%/%;%9@H $B$NOC!#(B CVE: CVE-2006-0024 CVE-2005-2628

$B!!(BMS06-020 patch (913433) $B$O(B IE $B$KF1:-$5$l$F$$$k(B Flash Player 5 / 6 $B$KBP1~!#(BFlash Player 7 $B0J9_$r%$%s%9%H!<%k$7$F$$$k?M$O!"(BAdobe $B$+$i:G?7$r(B get $B$9$k!#(BMS06-020 patch $B$O(B Flash Player $B$N%P!<%8%g%s$r8+$F$$$k$h$&$G!">/$J$/$H$bl9g$O(B MS06-020 patch (913433) $B$O8=$l$J$$$h$&$K8+$($k!#(B

$B!!(BFlash Player 7 $B0J9_$r%$%s%9%H!<%k$7$F$"$k$K$b$+$+$o$i$:(B Windows Update $BEy$G(B MS06-020 patch (913433) $B$N%$%s%9%H!<%k$,9T$o$l$F$7$^$&(B ($B$=$7$FEvA3<:GT$7$F$7$^$&(B) $B>l9g$O!"(B KB913433 - MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe could allow remote code execution (Microsoft) $B$K4p$E$$$F!"(BFlash Player 5 / 6 $B$r:o=|$7$F$7$^$($P$h$$$h$&$@!#(B $B6qBNE*$K$O!"(B%windir%\system32\Macromed $B$K$"$k(B Flash.ocx $B$*$h$S(B/$B$^$?$O(B Swflash.ocx $B$r:o=|$9$l$P$h$$!#(B

$B!!8=:_%$%s%9%H!<%k$7$F$$$k(B Flash Player $B$N%P!<%8%g%s$O!"(B$B$3$N%Z!<%8(B$B$G3NG'$G$-$k!#(B $B$^$?!"(BMacromedia Flash Player $B$N%P!<%8%g%s%F%9%H(B (adobe) $B$G$h$j>\:Y$J>pJs$,3NG'$G$-$k(B (hideck $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)$B!#(B

$B!!$J$*!"(BFlash 7 / 8 $B$N>l9g$O!"(B7.0.63.0 $B$*$h$S(B 8.0.24.0 $B0J9_$G$J$$$H%;%-%e%j%F%#7g4Y$O=$@5$5$l$F$$$J$$$N$GCm0U!#$=$&$G$J$$>l9g$O(B Player Download Center $B$+$i:G?7$N(B Flash Player $B$rF~

2006.05.12 $BDI5-(B:

$B!!(B7.0.63.0 $B$rF~l9g$O!"(BFlash Player 8 $B$r%5%]!<%H$7$F$$$J$$%*%Z%l!<%F%#%s%0%7%9%F%`MQ$N(B Flash Player $B%"%C%W%0%l!<%IHG(B (adobe) $B$r;2>H!#(B

$B"#(B 2006.05.09

$B"#(B Crafted Microsoft CAB file can allow arbitrary code to be run
(Sophos, last update: 2006.05.08)

$B!!(B2006 $BG/(B 4 $B7nHG0JA0$N(B Sophos AntiVirus $B$K7g4Y!#(BCAB $B%U%!%$%k$NZDI-06-012: Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability (zerodayinitiative.com)

$B!!:G?7(B (2006 $BG/(B 5 $B7nHG(B) $B$N(B Sophos AntiVirus $B$G=$@5$5$l$F$$$k!#(B

$B"#(B 2006.05.08

$B"#(B [SA19920] Rsync "xattrs.diff" Patch Integer Overflow Vulnerability
(secunia, 2006.05.02)

$B!!(Brsync 2.6.7 $B0JA0$K7g4Y!#(Brsync $B$K4^$^$l$k(B patches/xattrs.diff $B$K7g4Y$,$"$j!"(B receive_xattr() $B$K$*$$$F(B integer overflow $B$,H/@8!"30It$+$iG$0U$N%3!<%I$rCVE-2006-2083

$B!!(Brsync 2.6.8 $B$G=$@5$5$l$F$$$k!#(B $B$^$?!"(Bxattrs.diff $B$rE,MQ$7$F$$$J$1$l$P$3$N7g4Y$O$J$$!#(B

$B"#(B [SA19991] Nagios Content-Length Handling Buffer Overflow Vulnerability
(secunia, 2006.05.08)

$B!!(BNagios 1.x / 2.x $B$K7g4Y!#(B CGI $B%W%m%0%i%`$K$*$$$F!"(B $BIi$N(B HTTP content_length $B%X%C%@$NCVE-2006-2162

$B!!(BNagios 2.3 $B$*$h$S(B 1.4 $B$G=$@5$5$l$F$$$k!#(B

$B"#(B $BDI5-(B

Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (912812) (MS06-013)

$B!!(BMS06-013 $B$KH<$&(B IE (ActiveX) $B;EMMJQ99$NI{:nMQ$,(B Exchange $B$GH/@8$9$k$=$&$G!"(BExchange 2003 $B$K$D$$$F$O(B patch $B$,L5=~8x3+$5$l$F$$$^$9!#(B

$B!!e5-$,$I$A$i$J$N$+$O$h$/$o$+$j$^$;$s!#(B

$B!!(BExchange 2000 $B$K$D$$$F$O!"M-=~%5%]!<%H$+$iF~

$B%5!<%P!<(B $B%a%C%;!<%8(B $B%V%m%C%/$N@H

$B!!(BKB896427 - $B%;%-%e%j%F%#99?7%W%m%0%i%`(B 885250 (MS05-011) $B$N%$%s%9%H!<%k8e!"(BWindows XP $B$^$?$O(B Windows Server 2003 $B$G%M%C%H%o!<%/6&M-$N%5%V%U%)%k%@$NFbMF$,I=<($5$l$J$$$3$H$,$"$k(B (Microsoft)$B!#(B8+3 $B%U%!%$%kL>$N@8@.$rL58z$K$7$F$$$k4D6-$K(B MS05-011 patch $B$r%$%s%9%H!<%k$9$k$H!"IT6q9g$,H/@8$9$kLOMM!#(B patch $B$,=P$F$$$^$9!#(B

$B"#(B 2006.05.07

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B
(Microsoft, 2006.05.05)

$B!!(BExchange $B$M$?$O$R$5$7$V$j$J5$$,!#(B Exchange $B$M$?$K$D$$$F$O$5$i$K!"(BKB912918 - Users cannot send e-mail messages from a mobile device or from a shared mailbox in Exchange 2000 Server and in Exchange Server 2003 (Microsoft) $B$NFbMF$,AH$_9~$^$l$k$H$$$&I{:nMQ$,$"$k$=$&$G!#(B

$B"#(B 2006.05.06

$B"#(B 2006.05.05

$B"#(B 2006.05.04

$B"#(B 2006.05.03

$B"#(B $BDI5-(B

IE$B!"(BSafari$B!"(BFirefox$B$K%Q%C%AL$8x3+$N?7$?$J@H

$B!!(BFirefox 1.5.0.3 $B$,EP>l$7$^$7$?!#(B Firefox Remote Code Execution and DoS 1.5.0.2 (CVE: CVE-2006-1993) $B$,=$@5$5$l$F$$$^$9!#(B

$B!!(BFirefox $BMxMQ

NISCC-144154: DNS $B%W%m%H%3%k$N

$B!!(BDNS$B$K4X$9$k@H ($BIY;NDL(B)$B!#(BNetShelter/FW $B%7%j!<%:$K7g4Y$,$"$k$=$&$G$9!#(B

$B"#(B $B$$$m$$$m(B
(various)

$B"#(B 2006.05.02

$B"#(B $BDI5-(B

Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (912812) (MS06-013)

$B!!(BQ629610334571: Easy-WebPrint$B$G0u:~;~$K!V%9%/%j%W%H%(%i! ($B%-%d%N%s(B) $B$,2~D{$5$l$F$$$^$9!#(B Easy-WebPrint $B$N7o!"(Bversion 2.6.3 $B$G=$@5$5$l$?$=$&$G$9!#(B

$B!!$"$H!"(BWindows Update KB912945$B$rE,MQ$7$?>l9g$N(BHOD$B$X$N1F6A$K$D$$$F(B (HostInteg-06-005) (IBM, 2006.04.21) $B$H$$$&$N$,=P$F$^$7$?!#(B

$B"#(B 2006.05.01

$B"#(B Security advisory: 0.88.2
(ClamAV, 2006.04.30)

$B!!(BClamAV 0.88.2 $BEP>l(B ($B%j%j!<%9%N!<%H(B)$B!#(BClamAV 0.80$B!A(B0.88.1 $B$K$O!"(B freshclam $B$K$*$1$k(B HTTP $B%l%9%]%s%9$NCVE-2006-1989$B!#(B 0.88.2 $B$G$O$3$l$,=$@5$5$l$F$$$k!#(B

[$B%;%-%e%j%F%#%[!<%k(B memo]
$B;d$K$D$$$F(B