[ISN] Secunia Weekly Summary - Issue: 2012-10

From: InfoSec News <alerts_at_private>
Date: Mon, 12 Mar 2012 03:09:55 -0500 (CDT)
========================================================================

                   The Secunia Weekly Advisory Summary
                         2012-03-04 - 2012-03-11

                        This week: 179 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Corporate News
5..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Coordinating Vulnerability Disclosures with Apple
http://secunia.com/blog/310/

========================================================================
2) This Week in Brief:

A vulnerability has been reported in RSA SecurID Software Token
Converter, which can be exploited by malicious people to compromise a
user's system.

http://secunia.com/advisories/48297/

Multiple vulnerabilities have been reported in FreeType, which can be
exploited by malicious people to potentially compromise an application
using the library.

http://secunia.com/advisories/48268/

A vulnerability has been reported in BlackBerry OS and BlackBerry
Tablet OS, which can be exploited by malicious people to compromise a
vulnerable device.

http://secunia.com/advisories/48263/

Symantec has acknowledged multiple vulnerabilities in Symantec
Enterprise Vault, which can be exploited to malicious people to
compromise a vulnerable system.

http://secunia.com/advisories/48280/

Some vulnerabilities have been reported in Adobe Flash Player, which
can be exploited by malicious people to gain knowledge of potentially
sensitive information or compromise a user's system.

http://secunia.com/advisories/48281/

Some vulnerabilities have been reported in Google Chrome, where one has
an unknown impact and others can be exploited by malicious people to
conduct cross-site scripting attacks, bypass certain security
restrictions, and compromise a user's system.

http://secunia.com/advisories/48265/

Multiple vulnerabilities have been reported in IBM Tivoli Provisioning
Manager Express for Software Distribution, which can be exploited by
malicious people to conduct SQL injection attacks and compromise a
user's system.

http://secunia.com/advisories/48216/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA48009] Oracle Java SE Multiple Vulnerabilities
2.  [SA48281] Adobe Flash Player Two Vulnerabilities
3.  [SA48265] Google Chrome Multiple Vulnerabilities
4.  [SA48241] Ruby on Rails Two Cross-Site Scripting Vulnerabilities
5.  [SA48216] IBM Tivoli Provisioning Manager Express for Software
               Distribution Multiple Vulnerabilities
6.  [SA48033] Adobe Flash Player Multiple Vulnerabilities
7.  [SA48199] Novell GroupWise Client Address Book Processing Buffer
               Overflow Vulnerability
8.  [SA48214] IBM WebSphere Application Server for z/OS Multiple
               Vulnerabilities
9.  [SA48263] BlackBerry OS / Tablet OS Unspecified WebKit
               Vulnerability
10. [SA48232] Cisco Wireless LAN Controllers Security Bypass and Denial
               of Service Vulnerabilities

========================================================================
4) Secunia Corporate News

PCWorld: How will vendors react to Secunia repackaging their updates?
Secunia.s CSO is interviewed about the rationale behind the new Secunia
PSI 3.0 Beta:
http://www.pcworld.com/businesscenter/article/250902/secunia_we_dont_know_how_vendors_will_react_to_our_repackaging_their_updates.html


Meet Secunia @ key industry events throughout March & April 2012
The Future of Cyber Security (19 March, London), Microsoft Management
Summit (16-20 April, Las Vegas), Infosecurity Europe (24-26 April,
London), plus others: http://secunia.com/resources/events/

Kick-start new adventures
Are you seeking a challenging position in Product Development or
Research? We are on the lookout for talented individuals who want to
work within IT security and help businesses/private users manage and
eliminate vulnerabilities. See our opportunities here:
http://secunia.com/company/jobs/

========================================================================
5) This Week in Numbers

During the past week 179 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows             :     17 Secunia Advisories
   Unix/Linux          :     82 Secunia Advisories
   Other               :     14 Secunia Advisories
   Cross platform      :     66 Secunia Advisories

Criticality Ratings:
   Extremely Critical  :      0 Secunia Advisories
   Highly Critical     :     30 Secunia Advisories
   Moderately Critical :     60 Secunia Advisories
   Less Critical       :     81 Secunia Advisories
   Not Critical        :      8 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web     : http://secunia.com/
E-mail  : support_at_private
Tel     : +45 70 20 51 44
Fax     : +45 70 20 51 45


______________________________________________________________________________
Learn how to be a Pen Tester or a CISSP with Expanding Security online. Get
a free class invitation and see how good and fun the program really is.
http://www.expandingsecurity.com/PainPill
Received on Mon Mar 12 2012 - 01:09:55 PDT

This archive was generated by hypermail 2.2.0 : Mon Mar 12 2012 - 01:28:53 PDT