[ISN] Secunia Weekly Summary - Issue: 2009-17

From: InfoSec News <alerts_at_private>
Date: Fri, 24 Apr 2009 03:47:40 -0500 (CDT)
========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2009-04-16 - 2009-04-23                        

                       This week: 95 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Monthly Binary Analysis Update (March)

March is over with 20 binary analyses issued and due to yet another
busy month, I'm again late on issuing this blog.

When tallying up the number of issued binary analyses this month, I was
surprised by all the interesting vulnerabilities analysed. You can't
help but loose track of them due to the very high number of
vulnerabilities being processed every day.

Therefore, selecting two or three interesting analyses issued by the
Secunia BA team has been quite difficult. So, instead of the usual rant
about a few issues, I will do a lot of shorter rants on many of the
issued analyses.

Read More:
http://secunia.com/blog/49/


========================================================================
2) This Week in Brief:

Some vulnerabilities have been reported in KDE KPDF, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

For more information, refer to:
http://secunia.com/advisories/34754/

 --

Some vulnerabilities, security issues, and a weakness have been
reported in Mozilla Firefox, which can be exploited by malicious people
to disclose potentially sensitive information, bypass certain security
restrictions, conduct cross-site scripting and cross-site request
forgery attacks, and potentially compromise a user's system.

For more information, refer to:
http://secunia.com/advisories/34758/

 --

Some vulnerabilities have been reported in Xpdf, which can be exploited
by malicious people to potentially compromise a user's system.

For more information, refer to:
http://secunia.com/advisories/34291/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA34451] Sun Java JDK / JRE Multiple Vulnerabilities
2.  [SA34012] Adobe Flash Player Multiple Vulnerabilities
3.  [SA34677] Microsoft Windows HTTP Services Multiple Vulnerabilities
4.  [SA33901] Adobe Reader/Acrobat Multiple Vulnerabilities
5.  [SA33954] Microsoft Excel Two Vulnerabilities
6.  [SA34537] SABnzbd Cross-Site Request Forgery Vulnerabilities
7.  [SA34678] Microsoft Internet Explorer Multiple Vulnerabilities
8.  [SA20153] Microsoft Word Malformed Object Pointer Vulnerability
9.  [SA34665] Microsoft DirectShow MJPEG Decompression Vulnerability
10. [SA33196] DivX Web Player Stream Format Chunk Buffer Overflow

========================================================================
4) This Week in Numbers

During the past week 95 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows             :      9 Secunia Advisories
  Unix/Linux          :     51 Secunia Advisories
  Other               :      1 Secunia Advisory  
  Cross platform      :     34 Secunia Advisories

Criticality Ratings:
  Extremely Critical  :      0 Secunia Advisories
  Highly Critical     :     24 Secunia Advisories
  Moderately Critical :     34 Secunia Advisories
  Less Critical       :     30 Secunia Advisories
  Not Critical        :      7 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support_at_private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


--
LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information
Received on Fri Apr 24 2009 - 01:47:40 PDT

This archive was generated by hypermail 2.2.0 : Fri Apr 24 2009 - 01:54:31 PDT