======================================================================== The Secunia Weekly Advisory Summary 2009-07-02 - 2009-07-09 This week: 60 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: New Blog: The Dirty Dozen You Probably Got A Dirty Dozen. And it only takes one "dirty" program to compromise your PC - but the bad guys got a dozen shots on average! It is a disturbing fact that the average PC users, not using the Secunia PSI, has a total of 12 unpatched and thus insecure programs on their PC, as we described in our blog yesterday. Read More: http://secunia.com/blog/56/ ======================================================================== 2) This Week in Brief: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. NOTE: The vulnerability is currently being actively exploited. For more information, refer to: http://secunia.com/advisories/35683/ -- Two vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to conduct cross-site scripting attacks or potentially compromise a user's system. For more information, refer to: http://secunia.com/advisories/35758/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA35683] Microsoft DirectShow Streaming Video ActiveX Control Buffer Overflow 2. [SA24314] Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability 3. [SA34012] Adobe Flash Player Multiple Vulnerabilities 4. [SA34580] Adobe Reader/Acrobat Multiple Vulnerabilities 5. [SA34451] Sun Java JDK / JRE Multiple Vulnerabilities 6. [SA20153] Microsoft Word Malformed Object Pointer Vulnerability 7. [SA34572] Microsoft PowerPoint OutlineTextRefAtom Parsing Vulnerability 8. [SA22628] Internet Explorer 7 Window Injection Vulnerability 9. [SA12055] phpBB Cross Site Scripting and Unspecified Vulnerabilities 10. [SA35331] Mozilla Firefox Multiple Vulnerabilities ======================================================================== 4) This Week in Numbers During the past week 60 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 5 Secunia Advisories Unix/Linux : 25 Secunia Advisories Other : 2 Secunia Advisories Cross platform : 28 Secunia Advisories Criticality Ratings: Extremely Critical : 1 Secunia Advisory Highly Critical : 12 Secunia Advisories Moderately Critical : 20 Secunia Advisories Less Critical : 19 Secunia Advisories Not Critical : 8 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support_at_private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _______________________________________________ Attend Black Hat USA, July 25-30 in Las Vegas, the world's premier technical event for ICT security experts. Network with 4,000+ delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.comReceived on Fri Jul 10 2009 - 01:49:39 PDT
This archive was generated by hypermail 2.2.0 : Fri Jul 10 2009 - 01:55:33 PDT