infosec-news January 2012 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: [ISN] Secunia Weekly Summary - Issue: 2012-01

[ISN] Secunia Weekly Summary - Issue: 2012-01

From: InfoSec News <alerts_at_nospam>
Date: Fri Jan 06 2012 - 09:20:45 GMT
To: isn@infosecnews.org

========================================================================

                   The Secunia Weekly Advisory Summary
                         2011-12-29 - 2012-01-05

                        This week: 19 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Corporate News
5..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

Ovum Technology Audit: Secunia Corporate Software Inspector (CSI) 5.0
"Organizations need to be risk aware. Facing targeted and persistent
threats against their business systems, organizations must improve
their approach to security and the delivery of security management
services. Business systems are regularly breached because of existing
vulnerabilities. Therefore, an important part of redressing the balance
and keeping organizations safe involves identifying program and
application vulnerabilities and addressing them before an attack takes
place"
Ovum therefore reviews the Secunia CSI 5.0. Learn more and download
report: http://secunia.com/blog/291

========================================================================
2) This Week in Brief:

Some vulnerabilities have been reported in Apache Struts, which can be
exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/47393/

A vulnerability has been discovered in the Simple File Upload module
for Joomla!, which can be exploited by malicious people to compromise a
vulnerable system.
http://secunia.com/advisories/47370/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1. [SA47323] Microsoft .NET Framework Multiple Vulnerabilities
2. [SA47412] Apache Geronimo Web Form Hash Collision Denial of
               Service Vulnerability
3. [SA47237] Microsoft Windows win32k.sys Memory Corruption
               Vulnerability
4. [SA47411] Apache Tomcat Web Form Hash Collision Denial of Service
               Vulnerability
5. [SA47404] PHP Web Form Hash Collision Denial of Service
               Vulnerability
6. [SA46512] Oracle Java SE Multiple Vulnerabilities
7. [SA47391] Winn Guestbook "name" Script Insertion Vulnerability
8. [SA47425] MaraDNS Hash Collision Denial of Service Vulnerability
9. [SA47161] Adobe Flash Player Unspecified Code Execution
               Vulnerability
10. [SA47434] Rapidleech Cross-Site Scripting and Script Insertion
               Vulnerabilities

========================================================================
4) Secunia Corporate News

Events 2012 - RSA Conference, San Francisco, USA, 27 Feb-02 March
Planning on attending RSA this year? If so, visit the Secunia team on
stand # 817 to discuss how you can enhance your vulnerability/patch
management process. Find out more:
http://www.rsaconference.com/events/2012/usa/index.htm

========================================================================
5) This Week in Numbers

During the past week 19 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows : 0 Secunia Advisories
   Unix/Linux : 3 Secunia Advisories
   Other : 0 Secunia Advisories
   Cross platform : 16 Secunia Advisories

Criticality Ratings:
   Extremely Critical : 0 Secunia Advisories
   Highly Critical : 1 Secunia Advisory
   Moderately Critical : 6 Secunia Advisories
   Less Critical : 12 Secunia Advisories
   Not Critical : 0 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web : http://secunia.com/
E-mail : support@secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45

_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn