[ISN] Secunia Weekly Summary - Issue: 2012-17

From: InfoSec News <alerts_at_private>
Date: Mon, 30 Apr 2012 02:09:20 -0500 (CDT)
========================================================================

                   The Secunia Weekly Advisory Summary
                         2012-04-22 - 2012-04-29

                        This week: 236 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Corporate News
5..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Securing a moving target with limited resources
"From a criminal's perspective, #Hosts x #Vulnerabilities =
Opportunity... Patch complexity has a measurable effect on security...
Say you have a portfolio of the 200 most prevalent programs. On
average, how many programs do you need to patch every year to get an
80% risk reduction?" - Stefan Frei, Research Analyst Director.

Download Secunia's keynote presentation from RSA 2012 and other leading
industry events, here:
http://secunia.com/resources/reports/?action=fetch&filename=Secunia_Moving%20Target_presentation_RSA2012.pdf


========================================================================
2) This Week in Brief:

Mozilla has acknowledged some vulnerabilities in Firefox Mobile, which
can be exploited by malicious people to potentially compromise a user's
system.

http://secunia.com/advisories/48973/

Luigi Auriemma has discovered two vulnerabilities in NET-i viewer,
which can be exploited by malicious people to compromise a user's
system.

http://secunia.com/advisories/48966/

Two vulnerabilities have been reported in multiple products, which can
be exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/47363/

Code Audit Labs has reported a vulnerability in Xunlei Thunder, which
can be exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/47864/

IBM has acknowledged multiple vulnerabilities in IBM Java, which can be
exploited by malicious people to disclose potentially sensitive
information, manipulate certain data, cause a DoS (Denial of Service),
and compromise a vulnerable system.

http://secunia.com/advisories/48913/

A vulnerability has been reported in IBM Rational ClearQuest, which can
be exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/48933/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA48009] Oracle Java SE Multiple Vulnerabilities
2.  [SA48847] OpenSSL "asn1_d2i_read_bio()" DER Format Data Processing
               Vulnerability
3.  [SA48913] IBM Java 6 Multiple Vulnerabilities
4.  [SA48915] IBM Java 5 Multiple Vulnerabilities
5.  [SA48849] Apache HTTP Server LD_LIBRARY_PATH Security Issue
6.  [SA48928] Comodo Internet Security PE File Processing Denial of
               Service Vulnerability
7.  [SA48623] Adobe Flash Player / AIR Two Vulnerabilities
8.  [SA48932] Mozilla Firefox / Thunderbird Multiple Vulnerabilities
9.  [SA48933] IBM Rational ClearQuest ActiveX Control Buffer Overflow
               Vulnerability
10. [SA48904] ReadyDesk Multiple Script Insertion Vulnerabilities

========================================================================
4) Secunia Corporate News

ARN: '10 commandments of Windows security'
The Secunia PSI is listed as the '2nd commandment' in this round-up of
recommendations for ensuring security on Windows notebooks and PCs:
http://www.arnnet.com.au/article/422470/10_commandments_windows_security/?fp=4&fpid=1382389953#closeme

========================================================================
5) This Week in Numbers

During the past week 236 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows             :     31 Secunia Advisories
   Unix/Linux          :     98 Secunia Advisories
   Other               :     10 Secunia Advisories
   Cross platform      :     97 Secunia Advisories

Criticality Ratings:
   Extremely Critical  :      1 Secunia Advisory
   Highly Critical     :     53 Secunia Advisories
   Moderately Critical :     60 Secunia Advisories
   Less Critical       :    105 Secunia Advisories
   Not Critical        :     17 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web     : http://secunia.com/
E-mail  : support_at_private
Tel     : +45 70 20 51 44
Fax     : +45 70 20 51 45


_______________________________________________
LayerOne Security Conference
May 26-27, Clarion Hotel, Anaheim, CA
http://www.layerone.org
Received on Mon Apr 30 2012 - 00:09:20 PDT

This archive was generated by hypermail 2.2.0 : Mon Apr 30 2012 - 00:08:52 PDT