Security News > 2011 > July > Secunia Weekly Summary - Issue: 2011-30

Secunia Weekly Summary - Issue: 2011-30
2011-07-29 09:06

======================================================================== The Secunia Weekly Advisory Summary 2011-07-21 - 2011-07-28 This week: 105 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4................................................Secunia Community News 5................................................Secunia Corporate News 6..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: Secunia Half Year Report 2011 Identifying the right vulnerabilities to patch is like chasing a continually moving target - an organisation with 1,000 programs patching all Microsoft OS+ products misses 77.5% of the vulnerabilities. 30% of programs considered security critical in one year were not critical in the previous year. This report presents the evolution of important global trends in end-point security, software, and the entire security ecosystem; particularly the evolving threat of software portfolios typically found in organisations. Read more: http://secunia.com/resources/reports/ ======================================================================== 2) This Week in Brief: Two vulnerabilities have been discovered in Foxit Reader, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/44947/ -- A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system. http://secunia.com/advisories/45325 -- Two vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library. http://secunia.com/advisories/45297 ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA45173] Sun Java JRE Insecure Executable Loading Vulnerability 2. [SA45325] Apple Safari Multiple Vulnerabilities 3. [SA44947] Foxit Reader ActiveX Control Buffer Overflow and Insecure Library Loading Vulnerabilities 4. [SA44964] Adobe Flash Player Unspecified Memory Corruption Vulnerability 5. [SA45169] Internet Explorer EUC-JP Encoding Cross-Site Scripting Vulnerability 6. [SA45262] Joomla! "searchword" Cross-Site Scripting Vulnerability 7. [SA45224] Apple iOS Three Vulnerabilities 8. [SA45066] VLC Media Player RealMedia and AVI File Parsing Vulnerabilities 9. [SA44784] Sun Java JDK / JRE / SDK Multiple Vulnerabilities 10. [SA45337] Joomla! AlphaRegistration Component "email" and "couponcode" SQL Injection Vulnerabilities ======================================================================== 4) Secunia Community News Secunia's free webinars - quick, easy, and on-demand Find out the latest key messages from Microsoft Patch Tuesday, gain insights into the development in advisories and vulnerabilities for a specific application, system, or a plug-in; and/or stay updated with vulnerability management trends and threat mitigation strategies. Read more: http://secunia.com/resources/webinars/ ======================================================================== 5) Secunia Corporate News Be tactical in your handling of vulnerability threats The Secunia Vulnerability Intelligence Manager (VIM) enables you to take pre-emptive action against vulnerabilities in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ======================================================================== 6) This Week in Numbers During the past week 105 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 19 Secunia Advisories Unix/Linux : 55 Secunia Advisories Other : 4 Secunia Advisories Cross platform : 27 Secunia Advisories Criticality Ratings: Extremely Critical : 0 Secunia Advisories Highly Critical : 19 Secunia Advisories Moderately Critical : 35 Secunia Advisories Less Critical : 38 Secunia Advisories Not Critical : 13 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support () secunia com Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ___________________________________________________________ Attend Black Hat USA 2011, hosted at Caesars Palace in Las Vegas, Nevada July 30-Aug 4, offering over 60 training sessions and 9 tracks of Briefings from security industry elite. To sign up visit: http://www.blackhat.com


News URL

http://secunia.com/resources/reports/