[ISN] Secunia Weekly Summary - Issue: 2011-35

From: InfoSec News <alerts_at_private>
Date: Tue, 6 Sep 2011 03:42:54 -0500 (CDT)
========================================================================

                   The Secunia Weekly Advisory Summary
                         2011-08-25 - 2011-09-01

                        This week: 44 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Community News
5................................................Secunia Corporate News
6..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

The new Secunia Corporate Software Inspector (CSI) 5.0 is officially 
launched "Every business has different patch management practices and 
needs, and therefore shouldn't have to conform to solution restrictions, 
rather the solution should adapt to the needs of each business. The 
Secunia CSI 5.0 has been developed to give businesses worldwide exactly 
what they have asked for in a patch management solution. Flexibility and 
customization are words that epitomise version 5.0." Morten R. 
Stengaard, Secunia Product Manager

Watch the launch video here:
http://www.youtube.com/user/Secunia#p/a/u/1/x6H4a0f2ZkQ

Find out more here:
http://secunia.com/company/blog_news/news/250

========================================================================
2) This Week in Brief:

Secunia Research has discovered multiple vulnerabilities in InduSoft
ISSymbol ActiveX control, which can be exploited by malicious people to
compromise a user's system.

http://secunia.com/advisories/44875/

  --

Multiple security issues have been discovered in the Grapefile plugin
for WordPress, which can be exploited by malicious people to compromise
a vulnerable system.

http://secunia.com/advisories/45719/

  --

ADLab has discovered a vulnerability in KMPlayer, which can be
exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/45264/

  --

A vulnerability has been reported in Squid, which can be exploited by
malicious people to cause a DoS (Denial of Service) or potentially
compromise a vulnerable system.

http://secunia.com/advisories/45805/

  --

Xerox has acknowledged multiple vulnerabilities in Xerox FreeFlow Print
Server, which can be exploited by malicious, local users to cause a DoS
(Denial of Service) or gain escalated privileges, malicious users to
cause a DoS (Denial of Service), and malicious people to disclose
potentially sensitive information, manipulate certain data, cause a DoS
(Denial of Service) or potentially compromise a vulnerable system, and
compromise a user's system.

http://secunia.com/advisories/45803/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA45606] Apache HTTP Server ByteRange Filter Denial of Service
               Vulnerability
2.  [SA45583] Adobe Flash Player Multiple Vulnerabilities
3.  [SA45173] Sun Java JRE Insecure Executable Loading Vulnerability
4.  [SA45748] Apache Tomcat AJP Message Injection Vulnerability
5.  [SA45796] CUPS "gif_read_lzw()" Buffer Overflow Vulnerability
6.  [SA45779] RSA enVision Information and File Disclosure
               Vulnerabilities
7.  [SA44784] Sun Java JDK / JRE / SDK Multiple Vulnerabilities
8.  [SA45397] FlexNet Publisher License Server Manager Buffer Overflow
               Vulnerability
9.  [SA45713] CUPS "gif_read_lzw()" Buffer Overflow Vulnerability
10. [SA45772] Cisco Products Open Query Interface Information
               Disclosure Security Issue

========================================================================
4) Secunia Community News

Thank you to all Secunia CSI 5.0 beta testers
Your valuable feedback has helped to make the Secunia CSI 5.0 the
solution it is today. We were delighted to hear your great
endorsements.
Read more:
http://secunia.com/blog/251/

Real-world problems of CVE assignment
Carsten Eiram, Secunia's Chief Security Specialist responds to a recent
blog post by Brad Arkin, Senior Director of Product Security and Privacy
at Adobe, describing the problems of CVE assignment and explaining the
policy used by Adobe.
Read more:
http://secunia.com/blog/248/

PC World: Secunia's Patching Tool Integrated With Microsoft's WSUS
Jeremy Kirk and Secunia's CSO talk about how the Secunia CSI 5.0 makes
patch distribution easier for administrators.
Read more:
http://www.pcworld.com/businesscenter/article/239205/secunias_patching_tool_integrated_with_microsofts_wsus.html

Secunia cares
As a solid company in one of the richer parts of the world, we believe
that it is our duty to help people who are suffering in other regions,
such as the famine in Eastern Africa.
Read more:
http://secunia.com/blog/249/

========================================================================
5) Secunia Corporate News

Be tactical in your handling of vulnerability threats
The Secunia VIM enables you to take pre-emptive action against
vulnerabilities in a simple, cost effective way.
Read more and request a free trial:
http://secunia.com/products/corporate/vim/

========================================================================
6) This Week in Numbers

During the past week 44 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows             :      2 Secunia Advisories
   Unix/Linux          :     20 Secunia Advisories
   Other               :      2 Secunia Advisories
   Cross platform      :     20 Secunia Advisories

Criticality Ratings:
   Extremely Critical  :      0 Secunia Advisories
   Highly Critical     :     10 Secunia Advisories
   Moderately Critical :     16 Secunia Advisories
   Less Critical       :     16 Secunia Advisories
   Not Critical        :      2 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support_at_private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/
Received on Tue Sep 06 2011 - 01:42:54 PDT

This archive was generated by hypermail 2.2.0 : Tue Sep 06 2011 - 01:42:48 PDT