Secunia Weekly Summary - Issue: 2012-05

[InfoSec News <alerts () infosecnews org>]

========================================================================

                  The Secunia Weekly Advisory Summary
                        2012-01-26 - 2012-02-02

                       This week: 142 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Corporate News
5..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

SC Magazine awards Secunia CSI with a 5-Star rating
The Secunia CSI has been given the top rating in SC Magazine's annual
product review of vulnerability assessment tools for ease of use,
performance, documentation, support, and value for money.
"Secunia Corporate Software Inspector provides full application
vulnerability scanning that is always updated and ready to go to ensure
solid security among all applications throughout the enterprise
environment."
Read more here: http://secunia.com/blog/296

========================================================================
2) This Week in Brief:

Multiple vulnerabilities have been reported in Pale Moon, which can be
exploited by malicious people to bypass certain security restrictions,
disclose certain sensitive information, and compromise a user's system.

http://secunia.com/advisories/47751/

Zero Science Lab has discovered a vulnerability in MindManager, which
can be exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/47797/

A weakness and multiple vulnerabilities have been reported in Mozilla
Firefox and Thunderbird, which can be exploited by malicious people to
disclose certain sensitive information and compromise a user's system.

http://secunia.com/advisories/47839/

Parvez Anwar has discovered a vulnerability in LuraWave JP2 ActiveX
Control, which can be exploited by malicious people to compromise a
user's system.

http://secunia.com/advisories/47350/

A vulnerability has been reported in WHMCompleteSolution, which can be
exploited by malicious people to compromise a vulnerable system.

http://secunia.com/advisories/47782/

Some vulnerabilities have been reported in FFmpeg, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise an application using the library.

http://secunia.com/advisories/47765/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA47779] Apache HTTP Server "httpOnly" Cookie Disclosure and
              Denial of Service
2.  [SA47694] Google Chrome Multiple Vulnerabilities
3.  [SA47758] VMware ESX Server Multiple Vulnerabilities
4.  [SA47720] Cisco IronPort Appliances telnetd Buffer Overflow
              Vulnerability
5.  [SA47161] Adobe Flash Player Unspecified Code Execution
              Vulnerability
6.  [SA47816] Mozilla Firefox / Thunderbird Multiple Vulnerabilities
7.  [SA47736] Oracle Solaris Apache Tomcat Multiple Vulnerabilities
8.  [SA47839] Mozilla Firefox / Thunderbird Multiple Vulnerabilities
9.  [SA47765] FFmpeg Multiple Vulnerabilities
10. [SA47400] Mozilla Firefox Drag and Drop Handling Same Origin
              Policy Bypass Vulnerability

========================================================================
4) Secunia Corporate News

Reports on vulnerabilities, vulnerability management, and risk
management
Secunia regularly cooperates with independent analyst houses as well as
delivering in-house research reports and white papers on vulnerability
trends. Access our library here:
http://secunia.com/resources/reports/

Secunia @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March
Meet the Secunia team on stand #817 to discuss how you can enhance your
vulnerability/patch management process. Find out more:
http://www.rsaconference.com/events/2012/usa/index.htm

========================================================================
5) This Week in Numbers

During the past week 142 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows             :     15 Secunia Advisories
  Unix/Linux          :     60 Secunia Advisories
  Other               :      9 Secunia Advisories
  Cross platform      :     58 Secunia Advisories

Criticality Ratings:
  Extremely Critical  :      0 Secunia Advisories
  Highly Critical     :     33 Secunia Advisories
  Moderately Critical :     37 Secunia Advisories
  Less Critical       :     60 Secunia Advisories
  Not Critical        :     12 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web     : http://secunia.com/
E-mail  : support () secunia com
Tel     : +45 70 20 51 44
Fax     : +45 70 20 51 45


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn