[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] Secunia Weekly Summary - Issue: 2011-30



========================================================================

                  The Secunia Weekly Advisory Summary
                        2011-07-21 - 2011-07-28

                       This week: 105 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Community News
5................................................Secunia Corporate News
6..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Secunia Half Year Report 2011

Identifying the right vulnerabilities to patch is like chasing a
continually moving target - an organisation with 1,000 programs
patching all Microsoft OS+ products misses 77.5% of the
vulnerabilities. 30% of programs considered security critical in one
year were not critical in the previous year.

This report presents the evolution of important global trends in
end-point security, software, and the entire security ecosystem;
particularly the evolving threat of software portfolios typically found
in organisations.

Read more:
http://secunia.com/resources/reports/

========================================================================
2) This Week in Brief:

Two vulnerabilities have been discovered in Foxit Reader, which can be
exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/44947/

 --

A weakness and multiple vulnerabilities have been reported in Apple
Safari, which can be exploited by malicious people to disclose
sensitive information, manipulate certain data, conduct cross-site
scripting and spoofing attacks, bypass certain security restrictions,
and compromise a user's system.

http://secunia.com/advisories/45325

 --

Two vulnerabilities have been reported in Oracle Outside In Technology,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and compromise an application using the library.

http://secunia.com/advisories/45297

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA45173] Sun Java JRE Insecure Executable Loading Vulnerability
2.  [SA45325] Apple Safari Multiple Vulnerabilities
3.  [SA44947] Foxit Reader ActiveX Control Buffer Overflow and
              Insecure Library Loading Vulnerabilities
4.  [SA44964] Adobe Flash Player Unspecified Memory Corruption
              Vulnerability
5.  [SA45169] Internet Explorer EUC-JP Encoding Cross-Site Scripting
              Vulnerability
6.  [SA45262] Joomla! "searchword" Cross-Site Scripting Vulnerability
7.  [SA45224] Apple iOS Three Vulnerabilities
8.  [SA45066] VLC Media Player RealMedia and AVI File Parsing
              Vulnerabilities
9.  [SA44784] Sun Java JDK / JRE / SDK Multiple Vulnerabilities
10. [SA45337] Joomla! AlphaRegistration Component "email" and
              "couponcode" SQL Injection Vulnerabilities

========================================================================
4) Secunia Community News

Secunia's free webinars - quick, easy, and on-demand

Find out the latest key messages from Microsoft Patch Tuesday, gain
insights into the development in advisories and vulnerabilities for a
specific application, system, or a plug-in; and/or stay updated with
vulnerability management trends and threat mitigation strategies.

Read more:
http://secunia.com/resources/webinars/

========================================================================
5) Secunia Corporate News

Be tactical in your handling of vulnerability threats
The Secunia Vulnerability Intelligence Manager (VIM) enables you to
take pre-emptive action against vulnerabilities in a simple, cost
effective way.

Read more and request a free trial:
http://secunia.com/products/corporate/vim/

========================================================================
6) This Week in Numbers

During the past week 105 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows             :     19 Secunia Advisories
  Unix/Linux          :     55 Secunia Advisories
  Other               :      4 Secunia Advisories
  Cross platform      :     27 Secunia Advisories

Criticality Ratings:
  Extremely Critical  :      0 Secunia Advisories
  Highly Critical     :     19 Secunia Advisories
  Moderately Critical :     35 Secunia Advisories
  Less Critical       :     38 Secunia Advisories
  Not Critical        :     13 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@xxxxxxxxxxx
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


___________________________________________________________
Attend Black Hat USA 2011, hosted at Caesars Palace in
Las Vegas, Nevada July 30-Aug 4, offering over 60 training
sessions and 9 tracks of Briefings from security industry elite.
To sign up visit: http://www.blackhat.com