NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > InfoSec News> 2009-q3

[ISN] Secunia Weekly Summary - Issue: 2009-28

From: InfoSec News (alertsinfosecnews.org)
Date: Fri Jul 10 2009 - 03:49:39 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

========================================================================

The Secunia Weekly Advisory Summary
2009-07-02 - 2009-07-09

This week: 60 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

New Blog: The Dirty Dozen

You Probably Got A Dirty Dozen.

And it only takes one "dirty" program to compromise your PC - but the
bad guys got a dozen shots on average!

It is a disturbing fact that the average PC users, not using the
Secunia PSI, has a total of 12 unpatched and thus insecure programs on
their PC, as we described in our blog yesterday.

Read More:
http://secunia.com/blog/56/

========================================================================
2) This Week in Brief:

A vulnerability has been discovered in Microsoft Windows, which can be
exploited by malicious people to compromise a user's system.

NOTE: The vulnerability is currently being actively exploited.

For more information, refer to:
http://secunia.com/advisories/35683/

Two vulnerabilities have been reported in Apple Safari, which can be
exploited by malicious people to conduct cross-site scripting attacks
or potentially compromise a user's system.

For more information, refer to:
http://secunia.com/advisories/35758/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1. [SA35683] Microsoft DirectShow Streaming Video ActiveX Control
              Buffer Overflow
2. [SA24314] Internet Explorer Charset Inheritance Cross-Site
              Scripting Vulnerability
3. [SA34012] Adobe Flash Player Multiple Vulnerabilities
4. [SA34580] Adobe Reader/Acrobat Multiple Vulnerabilities
5. [SA34451] Sun Java JDK / JRE Multiple Vulnerabilities
6. [SA20153] Microsoft Word Malformed Object Pointer Vulnerability
7. [SA34572] Microsoft PowerPoint OutlineTextRefAtom Parsing
              Vulnerability
8. [SA22628] Internet Explorer 7 Window Injection Vulnerability
9. [SA12055] phpBB Cross Site Scripting and Unspecified
              Vulnerabilities
10. [SA35331] Mozilla Firefox Multiple Vulnerabilities

========================================================================
4) This Week in Numbers

During the past week 60 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows : 5 Secunia Advisories
  Unix/Linux : 25 Secunia Advisories
  Other : 2 Secunia Advisories
  Cross platform : 28 Secunia Advisories

Criticality Ratings:
  Extremely Critical : 1 Secunia Advisory
  Highly Critical : 12 Secunia Advisories
  Moderately Critical : 20 Secunia Advisories
  Less Critical : 19 Secunia Advisories
  Not Critical : 8 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web : http://secunia.com/
E-mail : supportsecunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45

_______________________________________________
Attend Black Hat USA, July 25-30 in Las Vegas,
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]