$B%;%-%e%j%F%#%[!<%k(B memo

Last modified: Sun Jan 16 18:25:00 2011 +0900 (JST)
$BC;=L(B URL: http://goo.gl/pwSG$B!!(BQR $B%3!<%I(B: http://goo.gl/pwSG.qr

$B!!(BSecurity Watch $B$5$s$,E9$8$^$$$5$l$F$7$^$C$?$N$G!"(B $B8D?M$GDI$$$+$1$F$_$k%F%9%H$G$9!#(B $BHwK:O?$H$7$F=q$$$F$*$/$D$b$j$J$N$G!"(B Security Watch $B$5$s$N$h$&$J>\:Y$J$b$N$G$O$"$j$^$;$s!#(B $B4pK\E*$J%?!<%2%C%H$O(B UNIX$B!"(BWindows$B!"(BMac OS (priority $B=g(B) $B$H$7$^$9!#(B $B$^$?!"$3$N%Z!<%8$NFbMF$O$I$N%Z!<%8$K$bA}$7$FL5J]>Z$G$"$k$3$H$r@k8@$7$F$*$-$^$9!#A4$F$N>pJs$,=8$^$C$F$$$k$o$1$b$"$j$^$;$s!#(B

$B!!$3$3$K:\$;$k>pJs$K$D$$$F$O!"2DG=$J8B$j(B 1 $BpJs8;$X$N%j%s%/$r:n@.$7$F$*$-$^$9!#(B $B3F<+$G(B 1 $BpJs8;$NFbMF$r3NG'$7$F$/$@$5$$!#(B $B$3$N%Z!<%8$NFbMF$r$/$l$0$l$b1-0{$_$K$7$J$$$h$&$K!#(B $B4V0c$$$rH/8+$5$l$?J}!"5-:\$5$l$F$$$J$$>pJs$r$4B8CN$NJ}!"$<$R(B$B$*$7$($F$/$@$5$$(B$B!#$h$m$7$/$*4j$$$$$?$7$^$9!#(B

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B!!(B[ $BDjHV>pJs8;(B ] $B!!2a5n$N5-;v(B: 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | 1998

[SCAN Security Wire NP Prize 2001]

$B!V(BScan Security Wire$B!W(B $BSCAN Security Wire NP Prize 2001 $B$r^(B$B$7$^$7$?!#(B

$B!!(B

$B!V%M%C%H%i%s%J!o=,^$r!"%Y%9%H!&%*%V!&>o=,^$r^$7$^$7$?!#(B

www.iraqbodycount.org www.iraqbodycount.org

$BI|4)%j%/%(%9%H
$B%8%'%$%`%:(B.$B#F(B.$B%@%K%,%s!V(B $B?7!&@oAh$N%F%/%N%m%8!<(B$B!W(B($B8=:_(B46$BI<(B)
$BCf;3?.90!V(B$B%=%U%H%&%'%"$NK!E*J]8n(B$B!W(B ($B8=:_(B120$BI<(B) ($B%*%s%G%^%s%I9XF~2D(B)
$B%j%G%k!&%O!<%H!V(B$B@oN,O@!!4V@\E*%"%W%m!<%A(B$B!W(B ($B?7Lu=P$^$7$?(B: $B>e(B $B2<(B)
$BN&0f;0O:Lu!&JT!V(B$B%Y%H%J%`5"4TJ<$N>Z8@(B$B!W(B ($B8=:_(B110$BI<(B)
$BNS9nL@!V(B$B%+%U%+%9$N>.$5$J9q!!%A%'%A%'%sFHN)1?F0;OKv(B$B!W(B ($B8=:_(B176$BI<(B)

RSS $B$KBP1~$7$F$_$^$7$?!#(B $B>.%M%?$O4^$^$l$F$$$^$;$s!#!V@/<#$M$?%&%<%'!W$H$$$&?M$O(B RSS $B%Y!<%9$GFI$`$H9,$;$K$J$l$k$G$7$g$&(B ($B%&%6$/$J$$?M$O(B $B$3$C$A$N(B RSS $B$,$h$$$+$b$7$l$^$;$s(B)$B!#(B RSS 1.0 $B$G$9$N$G!"$"$/$^$G(B RDF Site Summary $B$G$9!#(B $B8=:_$O(B Really Simple Syndication $B$K$OBP1~$7$F$$$^$;$s!#(B
$B:#$9$0(B Really Simple Syndication $B$,$[$7$$?M$O!"$N$$$s$5$s$K$h$k(B Web $B%5%$%H$N(B RSS $B$r>! $B$r;2>H$7$F$/$@$5$$!#(B($B$N$$$s$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)

$B<BMQ(B SSH $BBh(B2$BHG(B: $B%;%-%e%
2 $B:~$,=P$^$7$?!#(B$B%*%i%$%j!<$GCmJ8$7(B$B!"Hw9MMw$K!VI,$:(B2$B:~$G$"$k$3$H!W$H=q$/$H(B 2 $B:~$r3N

$B"#(B 2011.01.16

$B"#(B 2011.01.14

$B"#(B $BDI5-(B

JVNVU#634956: Microsoft Internet Explorer $B$KG$0U$N%3!<%I$,

$B!!(B IE$B$N%<%m%G%$967b$r2sHr$9$k!V(BFix It$B!W$K%j%s%/8m$j!"E,MQ%f!<%6!<$O3NG'$r(B (so-net $B%;%-%e%j%F%#DL?.(B, 2011.01.14)

$B!!1Q8lHG$N%5%]!<%H5;=Q>pJs$K$D$$$F$O!"(B12$BF|(B15$B;~H>!JF|K\;~4V!K$K2~D{$5$l!"@5$7$$!V(BFix It$B!W$X$N%j%s%/$K=$@5$5$l$F$$$k$,!"F|K\8l$N%Z!<%8$O(B14$BF|8a8e8=:_$bL$=$@0$N$^$^$J$N$G!"$3$N2sHr:v$rpJs$N1Q8l%Z!<%8$+$i!V(BFix it$B!W$r%@%&%s%m!<%I$7$F$$$?$@$-$?$$!#(B

$B!!$5$-$[$I(B (19:52) $B3NG'$7$F$_$?$i!"(B$BF|K\8lHG(B 2488013 $B$H(B$B1Q8lHG(B 2488013 $B$N(B Fix it $B$OF1$8%j%s%/$K$J$C$F$$$k$h$&$G$9!#(B

Microsoft 2011 $BG/(B 1 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(B$B%^%$%/%m%=%U%H7nNc%Q%C%A!J(BMicrosoft Patch Tuesday$B!K(B- 2011 $BG/(B 1 $B7n(B ($B%7%^%s%F%C%/(B, 2011.01.12)

$B"#(B Chrome Stable Release
(Google Chrome Release blog, 2011.01.12)

$B!!(BGoogle Chrome 8.0.552.237 / Chrome OS 8.0.552.334 $BEP>l!#(B16 $B7o$N7g4Y$,=$@5$5$l$F$$$k!#(B

$B"#(B $B$$$m$$$m(B (2011.01.14)
(various)

$B"#(B 2011.01.13

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2011.01.12)

$B!!(B[SA42863] libpng "png_do_rgb_to_gray()" PNG Processing Vulnerability (secunia, 2011.01.13)$B!#(Blibpng $B$N7o!"(B1.5.1beta01 $B$G=$@5$5$l$F$$$k$=$&$G$9!#(B

$B"#(B $B$$$m$$$m(B (2011.01.13)
(various)

$B"#(B 2011.01.12

$B"#(B $B$$$m$$$m(B (2011.01.12)
(various)

2011.01.13 $BDI5-(B:

$B!!(B[SA42863] libpng "png_do_rgb_to_gray()" PNG Processing Vulnerability (secunia, 2011.01.13)$B!#(Blibpng $B$N7o!"(B1.5.1beta01 $B$G=$@5$5$l$F$$$k$=$&$G$9!#(B

$B"#(B X-Content-Type-Options: nosniff $B$D$+$o$J$$$d$D$O;`$M$P$$$$$N$K(B!
($BMU$C$QF|5-(B, 2011.01.06)

$B!!$@$=$&$G$9!#(B

IE$B$,%3%s%F%s%D$r(B sniff $B$7$F(BHTML$B0J30$N$b$N$r(BHTML$B07$$$7$F$7$^$&$3$H$rKI$0$?$a$K!"F0E*$K%3%s%F%s%D$r@8@.$7$F$$$k>l9g$K$O!"$H$K$+$/$"$i$f$k%3%s%F%s%D$N%l%9%]%s%9%X%C%@$K(B X-Content-Type-Options: nosniff $B$rIUM?$9$k$h$&$K$7$^$7$g$&!#(B

$B!!4XO"(B:

$B"#(B Microsoft 2011 $BG/(B 1 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2011.01.12)

$B!!M=9p$I$*$j(B 2 $B7o!#(B

MS11-001 - $B=EMW(B: Windows Backup Manager $B$N@H

$B!!(BWindows Vista $B$K7g4Y!#(BWindows Backup Manager $B$K!"(BDLL $BFI$_9~$_$K4X$9$k@H$B!#(B CVE-2010-3145

MS11-002 - $B6[5^(B: Microsoft Data Access Components $B$N@H

$B!!(BWindows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(BMDAC $B$K(B 2 $B7o$N7g4Y$,$"$k!#(B

  • DSN $B$N%*!<%P!<%U%m!<$N@HCVE-2011-0026

    Open Database Connectivity (ODBC) API $B$N%G!<%?%=!<%9L>(B (DSN) $B$N=hM}$N(B buffer overflow $B$9$k7g4Y$,$"$j!"96N,(B web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

  • ADO $B%l%3!<%I$N%a%b%j$N@HCVE-2011-0027

    MDAC $B$N%a%b%j4IM}$K7g4Y$,$"$j!"96N,(B web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

$B!!!V(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2488013) Internet Explorer $B$N@H$B!W$d!V(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2490606) Graphics Rendering Engine $B$N@H$B!W$OBP>]30!#$3$l$i$K$D$$$F$O2sHr:v$r

2011.01.14 $BDI5-(B:

$B!!(B$B%^%$%/%m%=%U%H7nNc%Q%C%A!J(BMicrosoft Patch Tuesday$B!K- 2011 $BG/(B 1 $B7n(B ($B%7%^%s%F%C%/(B, 2011.01.12)

$B"#(B $BDI5-(B

JVNVU#634956: Microsoft Internet Explorer $B$KG$0U$N%3!<%I$,

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2488013) Internet Explorer $B$N@H $B$,(B 2011.01.12 $BIU$G2~D{$5$l$^$7$?!#2sHr:v!V(BCSS $B%9%?%$%k(B $B%7!<%H$N:F5"E*$J%m!<%I$rKI$0!W$,DI2C$5$l!"(BFix it $B$b8x3+(B$B$5$l$F$$$^$9!#$H$$$&$+!"(BFix it $B$7$+<($5$l$F$^$;$s!#(B

$B!!!D!D(BMicrosoft SRD $B$G2r@b$5$l$F$$$?(B: New workaround included in Security Advisory 2488013 (Microsoft Security Research & Defense, 2011.01.11)

This workaround is an MSI package (Microsoft "FixIt") that uses the Windows application compatibility toolkit to make a small change to MSHTML.DLL every time it is loaded by Internet Explorer. This change causes Internet Explorer to refuse to import a CSS style sheet if it has the same URL as the CSS style sheet from which it is being loaded. Simply put, the workaround inserts a check to see if a style sheet is about to be loaded recursively, and if it so, it aborts the load of the style sheet. You can read more about the Windows infrastructure that allows this type of workaround here: http://technet.microsoft.com/en-us/library/cc748912(WS.10).aspx

$B!!>\:Y$JF0:nFbMF$b5-:\$5$l$F$$$k!#(B

$B!!$"$H!"(BNTT $B%G!<%?!&%;%-%e%j%F%#$K$h$k@HZ7k2L(B: IE$B!J(Bmshtml.dll$B!K$N(BCSS$B2r@O=hM}$K$*$1$k%a%b%jGK2u$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2011.01.12)

Outlook 2007$B$N<+F099?7%W%m%0%i%`$G%H%i%V%k$,H/@8!!(B $B%"%C%W%G!<%H$7$?7k2L!"F0:n$,CY$/$J$j!"0lIt5!G=$,MxMQITG=$K(B

$B!!IT6q9g$N860x$@$C$?(B KB 2412171 $B=$@5%W%m%0%i%`!"?7HG$,(B 2011.01.11 $BIU$1$G%j%j!<%9$5$l$F$$$k!#(B

$B"#(B 2011.01.11

$B"#(B Mac App Store$B!"!V%3%T%Z$G0cK!%3%T!<2DG=!W$NLdBj;XE&(B
(ITmedia, 2011.01.11)

$B!!NN<}=q$N%A%'%C%/$N4E$$%"%W%j$d!"MF0W$K2~JQ$G$-$k%"%W%j$,B8:_$9$kLOMM!#(B

$B!!Ej9F$5$l$? ($BCfN,(B)
$B!!F1;a$K$h$l$P!"$D$^$j(BApple$B$H(BMac App Store$B$N3+H/e$N%A%c%s%9$rF($7$F$7$^$&$3$H$K$J$k$,!"$=$l$h$j$b$5$i$KM+N8$9$Y$-$O!"M-8z@-3NG'$NJ$+$l$F$$$k$i$7$$;v $B!!$^$?F1;a$,3NG'$7$?$H$3$m$G$O!"Cf$K$O!"JL$NR2p$7$F$$$k!#%f!<%6!<$K$O!"%W%m%0%i%`$O(BAngry Birds$B$G$"$k$+$N$h$&$K8+$(!"(BOS$B$b(BAngry Birds$B$H$7$FG'<1$7$F$$$k$,!"$$$6

$B!!4XO"(B:

$B"#(B $BDI5-(B

Microsoft 2010 $BG/(B 10 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS10-081: Windows Common Control Library (Comctl32) Heap Overflow (exploit-db.com, 2011.01.10)

$B"#(B 2011.01.10

$B"#(B $BDI5-(B

CakePHP$B$N(BSecurityComponent$B$K?<9o$J%;%-%e%j%F%#%[!<%k$,8+$D$+$j$^$7$?(B

$B!!(BCakePHP$B$N(BSecurityComponent$B$N@H (dis$B$jMQ!#(B, 2011.01.04)

JVNVU#427980: Microsoft Internet Explorer 8 $B$K$*$1$k2rJ|:Q$_%a%b%j$r;HMQ$9$k@H

$B!!4XO"(B:

$B"#(B $B$$$m$$$m(B (2011.01.10)
(various)

$B"#(B VUPEN/ADV-2011-0016: GIMP Plugins Data Processing Multiple Buffer Overflow Vulnerabilities
(VUPEN, 2011.01.04)

$B!!(BGIMP 2.6.11 ($B:G?7HG(B) $B0JA0$K7g4Y!#(B LIGHTING EFFECTS > LIGHT / SPHERE DESIGNER / GFIG / Paint Shop Pro (PSP) $B%W%i%0%$%s$K(B buffer overflow $B$9$k7g4Y$,$"$j!"96N,%U%!%$%k$K$h$C$FG$0U$N%3!<%I$rCVE-2010-4540 CVE-2010-4541 CVE-2010-4542 CVE-2010-4543

$B"#(B 2011.01.09

$B"#(B 2011.01.08

$B"#(B $BDI5-(B

PHP Hangs On Numeric Value 2.2250738585072011e-308

$B!!(BPHP 5.3.5 / 5.2.17 $B$G=$@5$5$l$?$=$&$G$9!#(BCVE-2010-4645$B!#(Bramsy $B$5$s(B$B>pJs(B$B$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2011.01.07

$B"#(B JVNVU#427980: Microsoft Internet Explorer 8 $B$K$*$1$k2rJ|:Q$_%a%b%j$r;HMQ$9$k@H
(JVN, 2011.01.07)

$B!!(BIE8 $B$N(B mshtml.dll $B$K7g4Y$,$"$j!"96N,(B web $B%Z!<%8$K$h$C$FG$0U$N%3!<%I$,

2011.01.10 $BDI5-(B:

$B!!4XO"(B:

$B"#(B About the security content of Mac OS X v10.6.6
(Apple, 2011.01.06)

$B!!(BMac OS X 10.6.6 $BEP>l!#(BPackageKit $B$K4X$9$k(B 1 $B7o$N%;%-%e%j%F%#=$@5(B (format $BJ8;zNs@H

$B"#(B $BDI5-(B

PHP$B$N(Bescapeshellcmd$B$N4m81@-(B

$B!!4XO"(B:

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B - 2011 $BG/(B 1 $B7n(B
(Microsoft, 2011.01.07)

$B!!$b$&$=$s$J5(@a!#6[5^(B x 1$B!"=EMW(B x 1$B!#(B $B!V(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2488013) Internet Explorer $B$N@H$B!W$d!V(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2490606) Graphics Rendering Engine $B$N@H$B!W$O!":#2s$OBP>]30$C$]$$$J$"!#2sHr:v$r

$B"#(B $B!Z(B2$B$A$c$s$M$k=*N;![!!%-%c%C%W$N%Q%9$,O3$l$F%9%lN)$F:o=|$7J|Bj(B
($B!Z(B2ch$B![%K%e!

$B!!>iCLH4$-$G@d;?Jx2uCf$NLOMM!#(B

879 $B!'(Bsakurazaka.jpn.ph$BF|!'(B2011/01/06($BLZ(B) 22:54:37 ID:B05NruFc0

$B$^$H$a=$@5(B

$B!&ElF|K\$,:o=|?M$N:n6H;~$N%m%0$r8+$D$1$k!#(Bhttp://be.2ch.net/test/sss/hoop.dat
$B!&$3$l$OC/$,$$$D:o=|$7$?$+$,$o$+$kDxEY$@$,!"(B/test/sss/$B0J2<$NA4%U%!%$%k%j%9%H$,(BApache$B@_Dj%_%9$G1\Mw$G$-$?!#(B
$B!&$7$+$b(Bbe$B;*$N(Bsss/$B0J2<$K$O$J$<$+(Bcgi$B$,3HD%;R$J$7$GCV$+$l$F$?!#$D$^$j%=!<%9$,8+$l$k!#%U%!%$%kL>$+$i$7$F(B2005$BG/$+$iJ|CV!#(B
$B!&$=$l$r8+$D$1$?%b%Z%-%A$O85$N8=:_F0$$$F$k(Bcgi$B%9%/%j%W%H$rC5$7=P$7!"$=$l$KBP$7$F%=!<%9$r85$K%3%^%s%I $B!&$=$N(Bcgi$B$bJ5$G!"%Q%9%o!<%I$J$7$G(B2ch$B$NA4%-%c%C%W$,F~$K$b%Q%9$J$7$GHD0\E>$d%U%!%$%k0lMw $B!&$$$m$s$J?M$,$=$l$r$b$d$j$?$$J|Bj!"%-%c%C%W$bA4It$P$l$?$N$G$*;_$a$b<+M3!#(B
$B!&$7$+$b%U%!%$%k0lMw $B!&$D$^$j(Bcgi$B$N8"8B$G$"$l$P%&%$%k%9@_CV$+$i%U%!%$%k:o=|$b2DG=!#:G0-$3$NA0$N(Bbe$B$_$?$$$K;*$,??$CGr$K$J$j$+$1$?!#(B
$B!&$b$A$m$s$3$N%P%0$OA4;*6&DL$G;}$C$F$k$N$G2a5n$N;*$G$b $B!&(BFOX$B!!!z!V$o$7$c2?$b:$$C$F$$$J$$$1$I(B?$B!W$C$F$3$H$GAJ$($k5$%<%m$G5"$C$?!#$D$^$jBaJa$O$*$=$i$/$J$7!#(B
$B!&I|5l$9$k$K$O(Bbbs.cgi$B$+$iA4It=q$-49$($k$3$H$,7hDj!#$H$j$"$($:L@F|0J9_:n$jD>$9$3$H$r7h$a$F1?1D?X2r;6(B

$B7k2LE*$K$d$i$l$?$3$H$O(B
$B!&>!!#HD0\E>$N%a%C%;!<%8$rJQ$(J|Bj$@$C$?$N$G$=$3$K%0%k!<%]%s$XHt$P$9%3!<%I$d$i(BXSS$B$d$i%&%$%k%9$H$+FM$C9~$^$l$?!#(B
$B!&%-%c%C%W$,O3$l$^$/$j$J$N$G=q$-9~$_$7J|Bj!#8=:_$O%-%c%C%W$OA4ItDd;_!#(B
$B!&(Bcgi$B%j%9%H$,8+$l$?>e%-%c%C%W%Q%9$b=P$?$N$G:o=|$d0r$[$j(B($B%m%03+<((B)$B$b$7J|Bj!#$3$l$b8=:_FI$_=q$-0J30$N(Bcgi$BA4ItDd;_!#(B
$B!&A4;*$K:o=|$d2?$+$9$k%W%m%0%i%`$rCV$+$l$?2DG=@-$b$"$j$&$k!#F3F~$9$k;~4V$O==J,$"$C$?$,!"F~$C$F$J$$$3$H$r5'$k$@$1!#(B
$B!&:#2s$NHH?M$O$$$D$b$N%b%Z%-%A$HElF|K\!"B>(BROM$B$N?MB??t!#$?$@AJ$($k5$%<%m$J$N$G$[$\4V0c$$$J$/BaJa$J$7!#(B

$BD9$/$J$C$?$1$I$3$s$J$b$s$+!#(B

$B!!$H$$$&>u67$@$=$&$J$N$G!">/$J$/$H$bA{$.$,Mn$A$D$/$^$G$O!"(B2ch.net $B$K$O%"%/%;%9$7$J$$J}$,5H$+$H!#(B

$B!!4XO"(B: $B!V(B2$B$A$c$s$M$k!W$,0l;~2uLG>uBV$K!"%-%c%C%WO3$lA{$.$G%9%l%C%I$,BgMpN)!&Bg:o=|(B (gigazine, 2011.01.06)

2011.01.07 12:50 $BDI5-(B:

$B!!(B2ch$B2uLG!)(B ($B%b%Z%-%A$^$H$a(B Wiki)$B!"(B$B:#2s$NA{F0$K$D$$$F(B ($B%K%3%K%3F02h(B)

$B"#(B 2011.01.06

$B"#(B DTI VPS$B$NBgItJ,$,%*!<%W%s%W%m%-%7$K$J$C$F$$$?7o$K$D$$$F(B
(Magical Diary, 2011.01.01)

$B!!(BServersMan@VPS $BJ}LL!#(B

ProxyRequests On $B$N@_Dj$O(B12$B7n(B30$BF|$N6[5^%a%s%F%J%s%9$G%3%a%s%H%"%&%H$5$l$?$h$&$@$,!"(BProxy * $B$KBP$9$k%"%/%;%9@)8B$,(B allow from all $B$N$^$^$H$J$C$F$$$k$?$a!"85!9(BHTTP Proxy$B%5!<%P$H$7$FF0:n$5$;$F$$$k>l9g$K$O$=$N%"%/%;%9@)8B$K$+$+$o$i$:!"(Ballow from all$B$G>e=q$-$5$l$k2DG=@-$,$"$k!#(B

$B!!MxMQ

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2490606) Graphics Rendering Engine $B$N@H
(Microsoft, 2011.01.05)

$B!!(BWindows XP / Server 2003 / Vista / Server 2008 $B$K7g4Y!#(B shimgvw.dll $B$K7g4Y$,$"$j!"96N,%5%`%M%$%k2hA|$r;H$C$FG$0U$N%3!<%I$rCVE-2010-3970$B!#(B $B0J2<$N$h$&$J967bJ}K!$,9M$($i$l$k!#(B

$B!!2sHrJ}K!(B (ACL $B@_Dj$K$h$k(B shimgvw.dll $B$X$N%"%/%;%95qH](B) $B$,<($5$l$F$$$k!#(B

$B!!>\:Y(B: Windows Thumbnail Buffer Overflow: A Vulnerability in My Heart (exploit-db.com, 2011.01.04)

$B!!4XO"(B: XP/Vista$B$K@H (so-net $B%;%-%e%j%F%#DL?.(B, 2011.01.05)

$B"#(B PHP Hangs On Numeric Value 2.2250738585072011e-308
(Exploring Binary, 2011.01.03)

$B!!(Bx86 $B$J(B PHP 5.3.x $B$G(B

<?php $d = '2.2250738585072011e-308'; echo $d; ?>

$B$H$+$9$k$H!"$J$<$+(B hang $B$C$F$7$^$&$3$H$,$"$kLOMM!#(B http://news.ycombinator.com/item?id=2066352 $B$K$h$k$H!"(B

This problem occurs due to IA-32's 80-bit floating point arithmetic. The simple fix: add a "-ffloat-store" flag to your CFLAGS.

$B$@$=$&$G$9!#(B

2011.01.08 $BDI5-(B:

$B!!(BPHP 5.3.5 / 5.2.17 $B$G=$@5$5$l$?$=$&$G$9!#(BCVE-2010-4645$B!#(Bramsy $B$5$s(B$B>pJs(B$B$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2011.01.05

$B"#(B 2011.01.03

$B"#(B 2011.01.02

$B"#(B 2011.01.01

$B"#(B $B$$$m$$$m(B (2011.01.01)
(various)

$B"#(B PHP$B$N(Bescapeshellcmd$B$N4m81@-(B
($BFA4]9@$NF|5-(B, 2010.01.01)

$B!!(Bescapeshellcmd $B$O;H$C$A$cBLL\$JLOMM!#(B

2011.01.07 $BDI5-(B:

$B!!4XO"(B:

$B2a5n$N5-;v(B: 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | 1998

[$B%;%-%e%j%F%#%[!<%k(B memo]
[$B;d$K$D$$$F(B]