[ISN] Secunia Weekly Summary - Issue: 2011-30

From: InfoSec News <alerts_at_private>
Date: Fri, 29 Jul 2011 04:06:37 -0500 (CDT)
========================================================================

                   The Secunia Weekly Advisory Summary
                         2011-07-21 - 2011-07-28

                        This week: 105 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Community News
5................................................Secunia Corporate News
6..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Secunia Half Year Report 2011

Identifying the right vulnerabilities to patch is like chasing a
continually moving target - an organisation with 1,000 programs
patching all Microsoft OS+ products misses 77.5% of the
vulnerabilities. 30% of programs considered security critical in one
year were not critical in the previous year.

This report presents the evolution of important global trends in
end-point security, software, and the entire security ecosystem;
particularly the evolving threat of software portfolios typically found
in organisations.

Read more:
http://secunia.com/resources/reports/

========================================================================
2) This Week in Brief:

Two vulnerabilities have been discovered in Foxit Reader, which can be
exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/44947/

  --

A weakness and multiple vulnerabilities have been reported in Apple
Safari, which can be exploited by malicious people to disclose
sensitive information, manipulate certain data, conduct cross-site
scripting and spoofing attacks, bypass certain security restrictions,
and compromise a user's system.

http://secunia.com/advisories/45325

  --

Two vulnerabilities have been reported in Oracle Outside In Technology,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and compromise an application using the library.

http://secunia.com/advisories/45297

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA45173] Sun Java JRE Insecure Executable Loading Vulnerability
2.  [SA45325] Apple Safari Multiple Vulnerabilities
3.  [SA44947] Foxit Reader ActiveX Control Buffer Overflow and
               Insecure Library Loading Vulnerabilities
4.  [SA44964] Adobe Flash Player Unspecified Memory Corruption
               Vulnerability
5.  [SA45169] Internet Explorer EUC-JP Encoding Cross-Site Scripting
               Vulnerability
6.  [SA45262] Joomla! "searchword" Cross-Site Scripting Vulnerability
7.  [SA45224] Apple iOS Three Vulnerabilities
8.  [SA45066] VLC Media Player RealMedia and AVI File Parsing
               Vulnerabilities
9.  [SA44784] Sun Java JDK / JRE / SDK Multiple Vulnerabilities
10. [SA45337] Joomla! AlphaRegistration Component "email" and
               "couponcode" SQL Injection Vulnerabilities

========================================================================
4) Secunia Community News

Secunia's free webinars - quick, easy, and on-demand

Find out the latest key messages from Microsoft Patch Tuesday, gain
insights into the development in advisories and vulnerabilities for a
specific application, system, or a plug-in; and/or stay updated with
vulnerability management trends and threat mitigation strategies.

Read more:
http://secunia.com/resources/webinars/

========================================================================
5) Secunia Corporate News

Be tactical in your handling of vulnerability threats
The Secunia Vulnerability Intelligence Manager (VIM) enables you to
take pre-emptive action against vulnerabilities in a simple, cost
effective way.

Read more and request a free trial:
http://secunia.com/products/corporate/vim/

========================================================================
6) This Week in Numbers

During the past week 105 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows             :     19 Secunia Advisories
   Unix/Linux          :     55 Secunia Advisories
   Other               :      4 Secunia Advisories
   Cross platform      :     27 Secunia Advisories

Criticality Ratings:
   Extremely Critical  :      0 Secunia Advisories
   Highly Critical     :     19 Secunia Advisories
   Moderately Critical :     35 Secunia Advisories
   Less Critical       :     38 Secunia Advisories
   Not Critical        :     13 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support_at_private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


___________________________________________________________
Attend Black Hat USA 2011, hosted at Caesars Palace in
Las Vegas, Nevada July 30-Aug 4, offering over 60 training
sessions and 9 tracks of Briefings from security industry elite.
To sign up visit: http://www.blackhat.com
Received on Fri Jul 29 2011 - 02:06:37 PDT

This archive was generated by hypermail 2.2.0 : Fri Jul 29 2011 - 02:05:18 PDT