Security News > 2012 > February > Secunia Weekly Summary - Issue: 2012-05
======================================================================== The Secunia Weekly Advisory Summary 2012-01-26 - 2012-02-02 This week: 142 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4................................................Secunia Corporate News 5..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: SC Magazine awards Secunia CSI with a 5-Star rating The Secunia CSI has been given the top rating in SC Magazine's annual product review of vulnerability assessment tools for ease of use, performance, documentation, support, and value for money. "Secunia Corporate Software Inspector provides full application vulnerability scanning that is always updated and ready to go to ensure solid security among all applications throughout the enterprise environment." Read more here: http://secunia.com/blog/296 ======================================================================== 2) This Week in Brief: Multiple vulnerabilities have been reported in Pale Moon, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system. http://secunia.com/advisories/47751/ Zero Science Lab has discovered a vulnerability in MindManager, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/47797/ A weakness and multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system. http://secunia.com/advisories/47839/ Parvez Anwar has discovered a vulnerability in LuraWave JP2 ActiveX Control, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/47350/ A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47782/ Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. http://secunia.com/advisories/47765/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA47779] Apache HTTP Server "httpOnly" Cookie Disclosure and Denial of Service 2. [SA47694] Google Chrome Multiple Vulnerabilities 3. [SA47758] VMware ESX Server Multiple Vulnerabilities 4. [SA47720] Cisco IronPort Appliances telnetd Buffer Overflow Vulnerability 5. [SA47161] Adobe Flash Player Unspecified Code Execution Vulnerability 6. [SA47816] Mozilla Firefox / Thunderbird Multiple Vulnerabilities 7. [SA47736] Oracle Solaris Apache Tomcat Multiple Vulnerabilities 8. [SA47839] Mozilla Firefox / Thunderbird Multiple Vulnerabilities 9. [SA47765] FFmpeg Multiple Vulnerabilities 10. [SA47400] Mozilla Firefox Drag and Drop Handling Same Origin Policy Bypass Vulnerability ======================================================================== 4) Secunia Corporate News Reports on vulnerabilities, vulnerability management, and risk management Secunia regularly cooperates with independent analyst houses as well as delivering in-house research reports and white papers on vulnerability trends. Access our library here: http://secunia.com/resources/reports/ Secunia @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Meet the Secunia team on stand #817 to discuss how you can enhance your vulnerability/patch management process. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm ======================================================================== 5) This Week in Numbers During the past week 142 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 15 Secunia Advisories Unix/Linux : 60 Secunia Advisories Other : 9 Secunia Advisories Cross platform : 58 Secunia Advisories Criticality Ratings: Extremely Critical : 0 Secunia Advisories Highly Critical : 33 Secunia Advisories Moderately Critical : 37 Secunia Advisories Less Critical : 60 Secunia Advisories Not Critical : 12 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support () secunia com Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _____________________________________________________ Did a friend send you this article? Make it your New Year's Resolution to subscribe to InfoSec News! http://www.infosecnews.org/mailman/listinfo/isn