Security News > 2011 > July > Secunia Weekly Summary - Issue: 2011-27

Secunia Weekly Summary - Issue: 2011-27
2011-07-11 10:41

======================================================================== The Secunia Weekly Advisory Summary 2011-06-30 - 2011-07-07 This week: 38 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4................................................Secunia Community News 5................................................Secunia Corporate News 6..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: New Aberdeen Group Report ??? Risk Management Secunia works closely with Aberdeen Group, therefore we have exclusive access to its new report. ???Is Your Vulnerability Management Program Leaving You at Risk? (Most Likely, Yes)??? shows that companies may actually be ignoring 80-90% of their end-point security risk by not investing in the most efficient and effective risk management approach. Read more: http://secunia.com/products/corporate/csi/aberdeengroup_request_2011/ ======================================================================== 2) This Week in Brief: Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information and by malicious users and malicious people to compromise a vulnerable system. http://secunia.com/advisories/45139/ -- A security issue has been reported in vsftpd, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/45133/ -- SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and mozilla-xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. http://secunia.com/advisories/45114/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA45139] phpMyAdmin Multiple Vulnerabilities 2. [SA44964] Adobe Flash Player Unspecified Memory Corruption Vulnerability 3. [SA44784] Sun Java JDK / JRE / SDK Multiple Vulnerabilities 4. [SA45054] Apple Mac OS X Multiple Vulnerabilities 5. [SA45082] ISC BIND UPDATE Request Processing Denial of Service Vulnerability 6. [SA45098] IBM Tivoli Storage Manager Client Two Privilege Escalation Vulnerabilities 7. [SA45099] WordPress Unauthorized Access and SQL Injection Vulnerabilities 8. [SA45090] Drupal Secure Password Hashes (phpass) Module Brute Force and Security Bypass Weaknesses 9. [SA45129] HP Intelligent Management Center Products Packet Handling Buffer Overflow Vulnerability 10. [SA45053] AeroMail Cross-Site Scripting and Request Forgery Vulnerabilities ======================================================================== 4) Secunia Community News CIO: ???Better Security Needs ???More Informed Patching?????? The article draws on findings from Secunia???s latest white paper and features commentary from Secunia???s Research Analyst Director. CIO concludes that patching is an effective defence strategy combined with other defence technologies. Read more: http://secunia.com/company/blog_news/articles/233/ ======================================================================== 5) Secunia Corporate News Pre-emptive action against vulnerabilities ??? a priority for effective security strategies The Secunia Vulnerability Intelligence Manager (VIM) enables you to simplify and strategize your handling of emerging threats. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ======================================================================== 6) This Week in Numbers During the past week 38 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 8 Secunia Advisories Unix/Linux : 19 Secunia Advisories Other : 2 Secunia Advisories Cross platform : 9 Secunia Advisories Criticality Ratings: Extremely Critical : 0 Secunia Advisories Highly Critical : 6 Secunia Advisories Moderately Critical : 13 Secunia Advisories Less Critical : 16 Secunia Advisories Not Critical : 3 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support () secunia com Tel : +45 70 20 51 44 Fax : +45 70 20 51 45


News URL

http://secunia.com/products/corporate/csi/aberdeengroup_request_2011/