======================================================================== The Secunia Weekly Advisory Summary 2010-10-21 - 2010-10-28 This week: 76 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: The threat intelligence you are receiving from the Secunia advisories is limited. Request a trial of the Secunia VIM, and get access to the full feed along with: - Complete threat intelligence on each vulnerability alert - POC and Working exploits - Extended analysis and Extended solution - Guidance regarding alternative mitigation strategies http://secunia.com/products/corporate/vim/ ======================================================================== 2) This Week in Brief: Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. -- A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system. NOTE: The vulnerability is currently being actively exploited. http://secunia.com/advisories/41917 -- A vulnerability has been reported in Adobe Reader / Acrobat, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/42030 -- A vulnerability has been discovered in Shockwave Player, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/41932/ -- A vulnerability has been reported in Mozilla Firefox and SeaMonkey, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/41957/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA41434] Adobe Flash Player / AIR Code Execution Vulnerability 2. [SA41340] Adobe Reader / Acrobat SING "uniqueName" Buffer Overflow Vulnerability 3. [SA41409] Microsoft ASP.NET Cryptographic Padding Oracle Information Disclosure 4. [SA41791] Sun Java JDK / JRE / SDK Multiple Vulnerabilities 5. [SA41244] Mozilla Firefox NSS Certificate IP Address Wildcard Matching Vulnerability 6. [SA41656] Foxit Reader Title Parsing Buffer Overflow Vulnerability 7. [SA41700] Microsoft Windows LPC Message Handling Buffer Overflow Vulnerability 8. [SA37255] Sun Java JDK / JRE Multiple Vulnerabilities 9. [SA41740] Opera Multiple Vulnerabilities 10. [SA24314] Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability ======================================================================== 4) This Week in Numbers During the past week 76 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 16 Secunia Advisories Unix/Linux : 23 Secunia Advisories Other : 3 Secunia Advisories Cross platform : 34 Secunia Advisories Criticality Ratings: Extremely Critical : 2 Secunia Advisories Highly Critical : 17 Secunia Advisories Moderately Critical : 20 Secunia Advisories Less Critical : 27 Secunia Advisories Not Critical : 10 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support_at_private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Thu Oct 28 2010 - 23:42:51 PDT
This archive was generated by hypermail 2.2.0 : Thu Oct 28 2010 - 23:48:26 PDT