.jpg)
CVE-2015-3438, CVE-2014-9736
[º¸¾È´º½º ÁÖ¼ÒÇü] ÇöÁö ½Ã°¢À¸·Î 8¿ù 10ÀÏ, ¿ì¸®³ª¶ó ½Ã°£À¸·Î´Â ´ë·« 10ÀÏ¿¡¼ 11ÀÏ·Î ³Ñ¾î¿À´Â ¹ã »çÀÌ¿¡ ¹Ì±¹ÀÇ National Vulnerability DatabaseÀ» ÅëÇØ ¹ßÇ¥µÈ Ãë¾àÁ¡µéÀÔ´Ï´Ù.
1. CVE-2015-5962
Mozilla Firefox OS 2.2 ÀÌÀü ¹öÀüÀÇ SharedBufferManagerParent::RecvAllocateGrallocBuffer ±â´ÉÀÇ Integer signedness Ãë¾àÁ¡À¸·Î ±×·¡ÇÈ¿¡¼ ¹öÆÛ °ü¸®°¡ Á¦´ë·Î ½ÇÇàµÇÁö ¾Ê°Ô ÇØÁÝ´Ï´Ù. ÀÌ´Â °ø°ÝÀÚ°¡ »çÀÌÁî ¸Å°³º¯¼öÀÇ ºÎÁ¤ °ªÀ» ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
2. CVE-2015-4674
À©µµ¿ì »ó¿¡¼ TimeDoctor Pro 1.4.72.3 ¹öÀü¿¡¼ ¹ß°ßµÈ ÀÚµ¿¾÷µ¥ÀÌÆ® ½ÇÇà Ãë¾àÁ¡À¸·Î SSL »ç¿ë ¾øÀÌ Áß°£ °ø°ÝÀÚ°¡ Á¶ÀÛµÈ ÆÄÀÏÀ» ÅëÇØ ÀÓÀÇÀÇ Äڵ带 ½ÇÇàÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
3. CVE-2015-3438
WordPress 4.1.2 ÀÌÀü ¹öÀü¿¡¼ ¹ß°ßµÈ ´Ù¼öÀÇ XSS Ãë¾àÁ¡À¸·Î º°µµÀÇ ±î´Ù·Î¿î ¸ðµå ¾øÀÌ MySQLÀ» »ç¿ëÇÒ ¶§, °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ 1) ³× °³ ¹ÙÀÌÆ®ÀÇ UTF-8 ij¸¯ÅÍ, 2) µ¥ÀÌÅͺ£À̽º °èÃþ¿¡¼ ÀÎ½Ä ºÒ°¡´ÉÇÑ Ä³¸¯Å͸¦ ÅëÇØ ÀÓÀÇÀÇ À¥ ½ºÅ©¸³Æ®³ª HTMLÀ» ÁÖÀÔÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
4. CVE-2014-9736
GE Healthcare Centricity Clinical Archive Audit Trail Repository¿¡¼ ¹ß°ßµÈ initinitÀÇ µðÆúÆ® ¾ÏÈ£¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î 1) SSL Å° ¸Å´ÏÁ®, 2) ¼¹ö Å°½ºÅä¾î, 3) Å°½ºÅä¾î ¾ÏÈ£, 4) ÁÖ¿ä ÀúÀå µ¥ÀÌÅͺ£À̽º, 5) ¾ÆÄ«À̺ê ÀúÀå µ¥ÀÌÅͺ£À̽º¸¦ ÅëÇØ ¸í½ÃµÇÁö ¾ÊÀº Ãæ°Ý°ú °ø°Ý º¤Å͸¦ °¡ÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
Copyrighted 2015. UBM-Tech. 117153:0515BC
[±¹Á¦ºÎ ÁÖ¼ÒÇü ±âÀÚ(sochu@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(http://www.boannews.com/) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>
ÁÖ¼ÒÇü±âÀÚ ±â»çº¸±â
[2024-11-22] .jpg)
.jpg)
.jpg)
.jpg)
.jpg)
