[ISN] Secunia Weekly Summary - Issue: 2012-13

From: InfoSec News <alerts_at_private>
Date: Fri, 30 Mar 2012 03:11:51 -0500 (CDT)
========================================================================

                   The Secunia Weekly Advisory Summary
                         2012-03-22 - 2012-03-29

                        This week: 92 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Corporate News
5..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Secunia Achieves Record Growth - Again - and Brings US Expansion into
Focus
In 2011 Secunia continued the trend of double-digit growth exhibited
over the last nine years, delivering EURO 19.4 million in revenues and
EURO 2.4 million in operating profit for 2011 - equal to a 50 per cent
increase in revenues. "Secunia has for the ninth consecutive year
realised profitable growth. To ensure we continue this, we constantly
manage the balance between short-term execution, and focus on
strengthening the platform for further expansion." - Thomas Zeihlund,
CEO, Secunia.

Read the official announcement here:
http://secunia.com/company/blog_news/news/313

========================================================================
2) This Week in Brief:

Multiple vulnerabilities have been reported in Opera, which can be
exploited by malicious people to conduct spoofing attacks, bypass
certain security restrictions, and potentially compromise a user's
system.

http://secunia.com/advisories/48535/

IBM has acknowledged multiple vulnerabilities in IBM 31-bit SDK for
z/OS, which can be exploited by malicious people to disclose sensitive
information, manipulate certain data, cause a DoS (Denial of Service),
and compromise a vulnerable system.

http://secunia.com/advisories/48546/

Multiple vulnerabilities have been reported in Google Chrome, which can
be exploited by malicious people to bypass certain security restrictions
and compromise a user's system.

http://secunia.com/advisories/48512/

Francis Provencher has discovered a vulnerability in Adobe Photoshop,
which can be exploited by malicious people to compromise a user's
system.

http://secunia.com/advisories/48457/

A vulnerability has been reported in phpFox, which can be exploited by
malicious people to compromise a vulnerable system.

http://secunia.com/advisories/48550/

Multiple vulnerabilities have been reported in Pale Moon, which can be
exploited by malicious people to conduct cross-site scripting attacks,
bypass certain security restrictions, disclose certain sensitive
information, and compromise a user's system.

http://secunia.com/advisories/48561/

rgod has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX
Control, which can be exploited by malicious people to compromise a
user's system.

http://secunia.com/advisories/48543/

A vulnerability has been reported in Webglimpse, which can be exploited
by malicious people to compromise a vulnerable system.

http://secunia.com/advisories/48452/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA48009] Oracle Java SE Multiple Vulnerabilities
2.  [SA48494] OpenOffice.org ODF Document XML External Entity
               Processing Information Disclosure Vulnerability
3.  [SA48281] Adobe Flash Player Two Vulnerabilities
4.  [SA48457] Adobe Photoshop TIFF Image Decompression Buffer Overflow
5.  [SA48526] LibreOffice Raptor RDF XML External Entity Processing
               Information Disclosure Vulnerability
6.  [SA48512] Google Chrome Multiple Vulnerabilities
7.  [SA48543] Cisco Linksys PlayerPT ActiveX Control "SetSource()"
               Buffer Overflow
8.  [SA48479] Raptor RDF XML External Entity Processing Information
               Disclosure Vulnerability
9.  [SA48504] MediaWiki Multiple Vulnerabilities
10. [SA48500] VLC Media Player Multiple Vulnerabilities

========================================================================
4) Secunia Corporate News

Attending the Microsoft Management Summit this year (16-20 April, Las
Vegas)?
Meet the Secunia team at stand #645 to discuss how you can optimise
your handling of vulnerabilities in the most cost effective way. Learn
more about the event here: http://www.mms-2012.com/

========================================================================
5) This Week in Numbers

During the past week 92 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows             :     10 Secunia Advisories
   Unix/Linux          :     33 Secunia Advisories
   Other               :     14 Secunia Advisories
   Cross platform      :     35 Secunia Advisories

Criticality Ratings:
   Extremely Critical  :      0 Secunia Advisories
   Highly Critical     :     23 Secunia Advisories
   Moderately Critical :     24 Secunia Advisories
   Less Critical       :     42 Secunia Advisories
   Not Critical        :      3 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web     : http://secunia.com/
E-mail  : support_at_private
Tel     : +45 70 20 51 44
Fax     : +45 70 20 51 45


______________________________________________________________________________
Certified Ethical Hacker and CISSP training with Expanding Security gives
the best training and support.  Get a free live class invite weekly.  Best
program, best price. www.ExpandingSecurity.com/PainPill
Received on Fri Mar 30 2012 - 01:11:51 PDT

This archive was generated by hypermail 2.2.0 : Fri Mar 30 2012 - 01:35:49 PDT