======================================================================== The Secunia Weekly Advisory Summary 2012-05-03 - 2012-05-10 This week: 24 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4................................................Secunia Corporate News 5..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: Want help coordinating vulnerabilities? "The fun part of vulnerability research is the actual process of discovering and understanding the vulnerabilities as well as creating proof of concepts or exploits; and not the sometimes extensive coordination and liaison process that follows with the vendor in order to fix the problem. Under the new program we will both confirm vulnerability discoveries and handle the coordination process, allowing researchers to focus on the more exciting aspects of vulnerability research." Carsten Eiram, Chief Security Specialist. Learn more about SVCRP, Secunia's reward program for researchers, here: http://secunia.com/community/research/svcrp ======================================================================== 2) This Week in Brief: This week there was security updates from Microsoft, Adobe, and Apple covering over 75 vulns! Patch now! Advisories SA47118 and SA47116 fixes vulnerabilities coordinated via SVCRP. -- Microsoft -- Microsoft Silverlight Multiple Vulnerabilities http://secunia.com/advisories/49122/ Microsoft Office Multiple Vulnerabilities http://secunia.com/advisories/49121/ Microsoft Windows Multiple Vulnerabilities http://secunia.com/advisories/49120/ Microsoft .NET Framework Multiple Vulnerabilities http://secunia.com/advisories/49119/ Microsoft .NET Framework Two Serialization Vulnerabilities http://secunia.com/advisories/49117/ Microsoft Windows Partition Manager Privilege Escalation Vulnerability http://secunia.com/advisories/49115/ Microsoft Windows TCP/IP Stack Two Vulnerabilities http://secunia.com/advisories/49114/ Microsoft Visio Viewer VSD File Format Memory Corruption Vulnerability http://secunia.com/advisories/49113/ Microsoft Office Excel Multiple Vulnerabilities http://secunia.com/advisories/49112/ Microsoft Office Word RTF Data Parsing Vulnerability http://secunia.com/advisories/49111/ -- Apple -- Apple Safari Multiple Vulnerabilities http://secunia.com/advisories/47292/ Apple Mac OS X Multiple Vulnerabilities http://secunia.com/advisories/49039/ Apple iOS Multiple Vulnerabilities http://secunia.com/advisories/48454/ -- Adobe -- Adobe Photoshop Two TIFF Processing Memory Corruption Vulnerabilities http://secunia.com/advisories/48457/ Adobe Illustrator Multiple Vulnerabilities http://secunia.com/advisories/47118/ Adobe Flash Professional JPG Processing Integer Overflow Vulnerability http://secunia.com/advisories/47116/ Adobe Shockwave Player Multiple Vulnerabilities http://secunia.com/advisories/49086/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA48009] Oracle Java SE Multiple Vulnerabilities 2. [SA49096] Adobe Flash Player Object Confusion Vulnerability 3. [SA49021] Microsoft Windows win32k.sys Denial of Service Vulnerability 4. [SA49019] VMware ESX Server / ESXi Multiple Vulnerabilities 5. [SA49014] PHP PHP-CGI QUERY_STRING Parameter Vulnerability 6. [SA49032] VMware Workstation / Player / Fusion Two Privilege Escalation Vulnerabilities 7. [SA48992] Google Chrome Multiple Vulnerabilities 8. [SA49022] FFmpeg Multiple Vulnerabilities 9. [SA49054] HP Insight Management Agents Multiple Vulnerabilities 10. [SA48978] HP SNMP Agents URL Redirect and Cross-Site Scripting Vulnerabilities ======================================================================== 4) Secunia Corporate News Attending IT security events in May & June? Join Secunia at the FS-ISAC & BITS Annual Summit (14-17 May, Miami), ISF Nordic Spring Conference (31 May-01 June, Oslo), or Gartner Security & Risk Management Summit (11-14 June, Washington DC): http://secunia.com/resources/events/ ======================================================================== 5) This Week in Numbers During the past week 24 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 9 Secunia Advisories Unix/Linux : 6 Secunia Advisories Other : 0 Secunia Advisories Cross platform : 8 Secunia Advisories Criticality Ratings: Extremely Critical : 1 Secunia Advisory Highly Critical : 14 Secunia Advisories Moderately Critical : 3 Secunia Advisories Less Critical : 6 Secunia Advisories Not Critical : 0 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support_at_private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _______________________________________________ LayerOne Security Conference May 26-27, Clarion Hotel, Anaheim, CA http://www.layerone.orgReceived on Fri May 11 2012 - 01:09:14 PDT
This archive was generated by hypermail 2.2.0 : Fri May 11 2012 - 01:17:06 PDT