[ISN] Secunia Weekly Summary - Issue: 2009-10

From: InfoSec News <alerts_at_private>
Date: Fri, 6 Mar 2009 01:01:59 -0600 (CST)
========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2009-02-26 - 2009-03-05                        

                       This week: 67 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Adobe Reader/Acrobat 0-day Clarification

By now, most people should hopefully be aware of the 0-day
vulnerability currently being actively exploited in Adobe
Reader/Acrobat.

We initially heard rumours about this 0-day vulnerability on 16th
February 2009 and began digging for something more concrete over the
following days. Three days later, Adobe confirmed the existence of the
0-day vulnerability and Secunia issued an advisory. Later, a more
in-depth analysis was provided to customers on our Secunia Binary
Analysis Service.

Disabling JavaScript does not prevent exploitation

Over the last couple of days, we have seen many sources recommend users
to disable support for JavaScript in Adobe Reader/Acrobat to prevent
exploitation. While this does prevent many of the currently seen
exploits from successfully executing arbitrary code (as they rely on
JavaScript), it does not protect against the actual vulnerability.

Read More:
http://secunia.com/blog/44/

 --

Secunia 2008 Report

Secunia is pleased to announce the release of the annual Secunia report
for 2008.

We hope you will enjoy reading the report, and that it will enlighten
you upon some of the immense work performed by Secunia on a daily
basis, in order to bring you and our customers the best available
Vulnerability Intelligence.

Highlights from the 2008 report:
 * Vulnerability Research
 * Software Inspection Results
 * Secunia Research Highlights
 * Secunia Advisory Statistics

Read More:
http://secunia.com/blog/45/

========================================================================
2) This Week in Brief:

Secunia Research has discovered a vulnerability in Winamp, which can be
exploited by malicious people to compromise a user's system.

For more information, refer to:
http://secunia.com/advisories/33981/

 --

Some vulnerabilities have been reported in Opera, where one has an
unknown impact and others can be exploited by malicious people to
conduct cross-site scripting attacks and compromise a user's system.

For more information, refer to:
http://secunia.com/advisories/34135/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA34012] Adobe Flash Player Multiple Vulnerabilities
2.  [SA33901] Adobe Reader/Acrobat JBIG2 Stream Array Indexing
              Vulnerability
3.  [SA33954] Microsoft Excel Invalid Object Reference Vulnerability
4.  [SA34135] Opera Multiple Vulnerabilities
5.  [SA20153] Microsoft Word Malformed Object Pointer Vulnerability
6.  [SA32991] Sun Java JDK / JRE Multiple Vulnerabilities
7.  [SA34081] PHP Multiple Vulnerabilities
8.  [SA34096] Mozilla Firefox IDN Spoofing Security Issue
9.  [SA33981] Winamp libsndfile.dll CAF Processing Integer Overflow
              Vulnerability
10. [SA32270] Adobe Flash Player Multiple Security Issues and
              Vulnerabilities

========================================================================
4) This Week in Numbers

During the past week 67 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows             :     10 Secunia Advisories
  Unix/Linux          :     24 Secunia Advisories
  Other               :      3 Secunia Advisories
  Cross platform      :     30 Secunia Advisories

Criticality Ratings:
  Extremely Critical  :      0 Secunia Advisories
  Highly Critical     :      9 Secunia Advisories
  Moderately Critical :     28 Secunia Advisories
  Less Critical       :     22 Secunia Advisories
  Not Critical        :      8 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support_at_private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Thu Mar 05 2009 - 23:01:59 PST

This archive was generated by hypermail 2.2.0 : Thu Mar 05 2009 - 23:09:09 PST