Security News > 2011 > November > Secunia Weekly Summary - Issue: 2011-44

Secunia Weekly Summary - Issue: 2011-44
2011-11-04 06:44

======================================================================== The Secunia Weekly Advisory Summary 2011-10-27 - 2011-11-03 This week: 47 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4................................................Secunia Community News 5................................................Secunia Corporate News 6..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: Want help coordinating vulnerabilities? The new Secunia Vulnerability Coordination Reward Program (SVCRP) rewards researchers for coordinating software vulnerabilities. "The fun part of vulnerability research is the actual process of discovering and understanding the vulnerabilities as well as creating proof of concepts or exploits; and not the sometimes extensive coordination and liaison process that follows with the vendor in order to fix the problem. Under the new program we will both confirm vulnerability discoveries and handle the coordination process, allowing researchers to focus on the more exciting aspects of vulnerability research." Carsten Eiram, Chief Security Specialist. Read more: http://secunia.com/company/blog_news/news/271 ======================================================================== 2) This Week in Brief: VMware has acknowledged multiple vulnerabilities in multiple VMware vCenter products, which can be exploited by malicious, local users to disclose potentially sensitive information, by malicious users to cause a DoS (Denial of Service), and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, conduct spoofing attacks, conduct DNS cache poisoning attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. http://secunia.com/advisories/46651/ Multiple vulnerabilities have been reported in Apple Quicktime, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/46618/ Cisco has acknowledged two vulnerabilities in Cisco Security Agent, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/46631/ A vulnerability has been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/46606/ Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, conduct cross-site scripting attacks, and potentially compromise a user's system. http://secunia.com/advisories/46594/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA46512] Oracle Java SE Multiple Vulnerabilities 2. [SA46529] VMware ESX Server Multiple Vulnerabilities 3. [SA46618] Apple QuickTime Multiple Vulnerabilities 4. [SA46637] D-Link Products SSH Server Buffer Overflow Vulnerability 5. [SA46651] VMware vCenter Products JRE Multiple Vulnerabilities 6. [SA45279] Winamp Multiple Vulnerabilities 7. [SA46650] VMware ESXi Server "sblim-sfcb" Integer Overflow Vulnerability 8. [SA46641] IBM AIX BIND Multiple Vulnerabilities 9. [SA46652] Oracle Hyperion Enterprise Performance Management arsqls24.dll Buffer Overflow Vulnerability 10. [SA46113] Adobe Flash Player Multiple Vulnerabilities ======================================================================== 4) Secunia Community News Borsen: Super Gazelle (Danish article) Secunia is recognised by the leading Danish financial newspaper as one of the few Danish companies that has experienced growth for five consecutive years: http://secunia.com/company/blog_news/articles/269/ Join Secunia @ Infosecurity Europe, 02-03 November, Utrecht, the Netherlands Book a one-to-one meeting with the Secunia team and learn how you can enhance your patch management process: http://secunia.com/resources/events/infosec_nl_2011/ Gartner Symposium/ITxpo 2011, 07-10 November, Barcelona, Spain Secunia will be exhibiting (stand ET14) at arguably the industry's largest and most important annual gathering of CIOs and senior IT leaders: http://www.gartner.com/technology/symposium/barcelona/ ======================================================================== 5) Secunia Corporate News Gartner Symposium/ITxpo 2011, 07-10 November, Barcelona, Spain Secunia will be exhibiting (stand ET14) at arguably the industry's largest and most important annual gathering of CIOs and senior IT leaders: http://www.gartner.com/technology/symposium/barcelona/ Pre-emptive action against vulnerabilities . a priority for effective security strategies The Secunia VIM enables you to simplify and strategize your handling of emerging threats. Read more and request a free trial: http://secunia.com/products/corporate/vim/ Attending Finance Forum in Zurich, Switzerland this year (09 November)? If so, visit the Secunia team at Stand 3.6 and learn how to stay secure the most efficient and cost effective way by enhancing your vulnerability/patch management process: http://www.finance-forum.com/en/ ======================================================================== 6) This Week in Numbers During the past week 47 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 11 Secunia Advisories Unix/Linux : 16 Secunia Advisories Other : 2 Secunia Advisories Cross platform : 18 Secunia Advisories Criticality Ratings: Extremely Critical : 0 Secunia Advisories Highly Critical : 14 Secunia Advisories Moderately Critical : 13 Secunia Advisories Less Critical : 19 Secunia Advisories Not Critical : 1 Secunia Advisory ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support () secunia com Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isn


News URL

http://secunia.com/company/blog_news/news/271