[ISN] Secunia Weekly Summary - Issue: 2011-46

From: InfoSec News <alerts_at_private>
Date: Fri, 18 Nov 2011 04:05:30 -0600 (CST)
========================================================================

                   The Secunia Weekly Advisory Summary
                         2011-11-10 - 2011-11-17

                        This week: 52 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Corporate News
5..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

New Aberdeen Group Report: Patch Management
"Higher adoption of patch management corresponds to a lower percentage
of accepted risks."
This is just one of the interesting findings featured in Aberdeen
Group's new report: 'To Patch, or Not to Patch? (Not If, But How)'.
Read more and download it for free here: http://secunia.com/blog/281

========================================================================
2) This Week in Brief:

Secunia Research has discovered a vulnerability in DVR Remote ActiveX
Control, which can be exploited by malicious people to compromise a
user's system.
http://secunia.com/advisories/46477/

A vulnerability has been reported in ISC BIND, which can be exploited
by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/46887/

Some vulnerabilities have been reported in FreeType, which can be
exploited by malicious people to compromise an application using the
library.
http://secunia.com/advisories/46839/

A vulnerability has been reported in Hancom Office, which can be
exploited by malicious people to compromise a user's system.
http://secunia.com/advisories/46800/

Multiple vulnerabilities have been reported in Google Chrome, which can
be exploited by malicious people to bypass certain security restrictions
and compromise a user's system.
http://secunia.com/advisories/46815/

Multiple vulnerabilities have been reported in Apple iOS, which can be
exploited by malicious people with physical access to bypass certain
security restrictions and by malicious people to disclose certain
sensitive information, conduct spoofing attacks, and compromise a
user's device.
http://secunia.com/advisories/46836/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA46797] Juniper Junos MX Series "Ktree::createFourWayNode"
               Route Prefix Denial of Service
2.  [SA46818] Adobe Flash Player Multiple Vulnerabilities
3.  [SA46512] Oracle Java SE Multiple Vulnerabilities
4.  [SA46811] ProFTPD Response Pool Use-After-Free Vulnerability
5.  [SA46747] Apple iOS Multiple Vulnerabilities
6.  [SA46757] Mozilla Firefox / Thunderbird Multiple Vulnerabilities
7.  [SA46815] Google Chrome Multiple Vulnerabilities
8.  [SA46731] Microsoft Windows TCP/IP Reference Counter Overflow
               Vulnerability
9.  [SA46887] ISC BIND Recursive Query Processing Denial of Service
               Vulnerability
10. [SA46113] Adobe Flash Player Multiple Vulnerabilities

========================================================================
4) Secunia Corporate News

InformationWeek: Zero Day Exploit Millionaires
"Have you discovered a killer zero-day vulnerability in a widely used
product? Can the bug be 'weaponized,' or actively exploited?" Read
more: http://secunia.com/company/blog_news/articles/282/

Tech Awards Circle: Secunia Wins Double Gold
Best Enterprise Service for the Secunia VIM and Best SOHO/Consumer
Services for the Secunia PSI. Read more: http://secunia.com/blog/280/

Techworld: Reporting service for flaw hunters
Techworld journalist John E. Dunn discusses the new Secunia
Vulnerability Coordination Reward Program (SVCRP):
http://secunia.com/company/blog_news/articles/276/

========================================================================
5) This Week in Numbers

During the past week 52 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows             :      6 Secunia Advisories
   Unix/Linux          :     27 Secunia Advisories
   Other               :      4 Secunia Advisories
   Cross platform      :     15 Secunia Advisories

Criticality Ratings:
   Extremely Critical  :      0 Secunia Advisories
   Highly Critical     :     15 Secunia Advisories
   Moderately Critical :     13 Secunia Advisories
   Less Critical       :     22 Secunia Advisories
   Not Critical        :      2 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web     : http://secunia.com/
E-mail  : support_at_private
Tel     : +45 70 20 51 44
Fax     : +45 70 20 51 45


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
Received on Fri Nov 18 2011 - 02:05:30 PST

This archive was generated by hypermail 2.2.0 : Fri Nov 18 2011 - 02:06:32 PST