Information Security News mailing list archives

Secunia Weekly Summary - Issue: 2012-03

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 24 Jan 2012 03:03:27 -0600 (CST)

========================================================================

                  The Secunia Weekly Advisory Summary
                        2012-01-13 - 2012-01-20

                       This week: 96 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Corporate News
5..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Secunia Research Sets Half Year Coordination Deadline
Secunia Research has per 2012 changed the disclosure policy for
vulnerabilities being coordinated - both internally discovered and
coordinated on behalf of researchers via the Secunia Vulnerability
Coordination Research Program (SVCRP).

Carsten Eiram, Secunia's Chief Security Specialist explains the new
deadline and disclosure policy in his blog post here:
https://secunia.com/blog/292/

========================================================================
2) This Week in Brief:

A vulnerability has been reported in McAfee GroupShield, which can be
exploited by malicious people to compromise a vulnerable system.

http://secunia.com/advisories/47584/

Two vulnerabilities have been reported in XnView, which can be
exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/47600/

A vulnerability has been reported in MarkLogic Server, which can be
exploited by malicious people to compromise a vulnerable system.

http://secunia.com/advisories/47583/

A vulnerability has been reported in Lucion FileCenter, which can be
exploited by malicious people to compromise a user's system.

http://secunia.com/advisories/47581/

Three vulnerabilities have been reported in Oracle Outside In
Technology, which can be exploited to malicious people to compromise an
application using the library.

https://secunia.com/advisories/47617/

Two vulnerabilities have been reported in IBM SPSS SamplePower, which
can be exploited by malicious people to compromise a user's system.

https://secunia.com/advisories/47605/

A vulnerability has been reported in McAfee SaaS Endpoint Protection,
which can be exploited by malicious people to compromise a user's
system.

https://secunia.com/advisories/47520/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA47041] Yahoo Messenger JPG Photo Sharing Integer Overflow
              Vulnerability
2.  [SA47555] ISC DHCP DHCPv6 Dynamic DNS Lease Status Updating Denial
              of Service Vulnerability
3.  [SA47410] Apache HTTP Server Scoreboard Invalid Free Security
              Bypass
4.  [SA45852] Adobe Reader/Acrobat Multiple Vulnerabilities
5.  [SA47533] Drupal Date Module Event Node Conversion SQL Injection
              Vulnerability
6.  [SA47559] Moodle Multiple Security Bypass Vulnerabilities
7.  [SA47485] Microsoft Windows Media Two Vulnerabilities
8.  [SA47569] IBM WebSphere Application Server Two Vulnerabilities
9.  [SA47482] Linux Kernel KVM "syscall" Emulation Denial of Service
              Vulnerability
10. [SA47557] IBM WebSphere Application Server Hash Collision Denial
              of Service Vulnerability

========================================================================
4) Secunia Corporate News

Frost & Sullivan: Analysis of the Global Vulnerability Market in Q3 2011The report covers key market trends, vulnerabilities by severity andaffected applications, and leading market participants. Find out moreand download the report here: https://secunia.com/blog/293


========================================================================
5) This Week in Numbers

During the past week 96 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows             :     19 Secunia Advisories
  Unix/Linux          :     35 Secunia Advisories
  Other               :      2 Secunia Advisories
  Cross platform      :     40 Secunia Advisories

Criticality Ratings:
  Extremely Critical  :      0 Secunia Advisories
  Highly Critical     :     16 Secunia Advisories
  Moderately Critical :     40 Secunia Advisories
  Less Critical       :     34 Secunia Advisories
  Not Critical        :      6 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web     : http://secunia.com/
E-mail  : support () secunia com
Tel     : +45 70 20 51 44
Fax     : +45 70 20 51 45


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn

Current thread:

Secunia Weekly Summary - Issue: 2012-03 InfoSec News (Jan 24)