[ISN] Secunia Weekly Summary - Issue: 2009-30

From: InfoSec News <alerts_at_private>
Date: Fri, 24 Jul 2009 02:18:54 -0500 (CDT)
========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2009-07-16 - 2009-07-23                        

                       This week: 72 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

New Blog: Adobe Insecure / Unpatched Version From Official Site

There has recently existed some confusion amongst the users of the
Secunia PSI as they puzzled as to why the latest downloaded Adobe
Reader version from Adobe.com is reported as insecure by Secunia PSI.
We have looked into this and are happy to learn that the Secunia PSI is
correct, but surprised to discover that Adobe ships insecure software to
their users!

Read More:
http://secunia.com/blog/58/

========================================================================
2) This Week in Brief:

A vulnerability has been reported in Adobe Reader and Acrobat, which
can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error in authplay.dll when
processing SWF content and can be exploited to execute arbitrary code.

This is related to: SA35948

NOTE: The vulnerability is currently being actively exploited.

For more information, refer to:
http://secunia.com/advisories/35949/
http://secunia.com/advisories/35948/

 --

Some vulnerabilities have been reported in Mozilla Firefox, which can
be exploited by malicious people to conduct cross-site scripting
attacks or compromise a user's system.

For more information, refer to:
http://secunia.com/advisories/35914/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA35798] Mozilla Firefox Two Vulnerabilities
2.  [SA35853] Sun Java JDK / JRE XML Signature HMAC Truncation Spoofing
3.  [SA34012] Adobe Flash Player Multiple Vulnerabilities
4.  [SA24314] Internet Explorer Charset Inheritance Cross-Site
              Scripting Vulnerability
5.  [SA35773] Windows Embedded OpenType Font Engine Two Vulnerabilities
6.  [SA34451] Sun Java JDK / JRE Multiple Vulnerabilities
7.  [SA35914] Mozilla Firefox Multiple Vulnerabilities
8.  [SA34580] Adobe Reader/Acrobat Multiple Vulnerabilities
9.  [SA35844] Google Chrome JavaScript Regular Expressions Memory
              Corruption
10. [SA35800] Microsoft Office Web Components Code Execution
              Vulnerability

========================================================================
4) This Week in Numbers

During the past week 72 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows             :      7 Secunia Advisories
  Unix/Linux          :     25 Secunia Advisories
  Other               :      0 Secunia Advisories
  Cross platform      :     40 Secunia Advisories

Criticality Ratings:
  Extremely Critical  :      1 Secunia Advisory  
  Highly Critical     :     14 Secunia Advisories
  Moderately Critical :     32 Secunia Advisories
  Less Critical       :     22 Secunia Advisories
  Not Critical        :      3 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support_at_private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_______________________________________________      
Attend Black Hat USA, July 25-30 in Las Vegas, 
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Fri Jul 24 2009 - 00:18:54 PDT

This archive was generated by hypermail 2.2.0 : Fri Jul 24 2009 - 00:26:47 PDT