|
|
=======================================================================
The Secunia Weekly Advisory Summary
2009-12-18 - 2009-12-25
This week: 78 advisories
=======================================================================Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4..................................................This Week in Numbers
=======================================================================1) Word From Secunia:
Fortune 500 companies turn to Secunia when a vulnerability poses a
critical threat to their infrastructure, our Customer Support Center
provides our customers the best support on how to eliminate
vulnerability threats to avoid compromising network security.
Do you have a provider you can contact when the threat is already in
your network?
Click here to learn more:
http://secunia.com/advisories/business_solutions/
=======================================================================2) This Week in Brief:
Soroush Dalili has discovered a vulnerability in Microsoft Internet
Information Services (IIS), which can be exploited by malicious people
to potentially bypass certain security restrictions and compromise a
vulnerable system.
For more information, refer to:
http://secunia.com/advisories/37831/
--
Some vulnerabilities have been reported in Adobe Flash Media Server,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or compromise a vulnerable system.
For more information, refer to:
http://secunia.com/advisories/37891/
=======================================================================3) This Weeks Top Ten Most Read Advisories:
For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/
1. [SA37448] Internet Explorer Layout Handling Memory Corruption
Vulnerability
2. [SA37318] Microsoft Windows Win32k Kernel-Mode Driver Multiple
Vulnerabilities
3. [SA24314] Internet Explorer Charset Inheritance Cross-Site
Scripting Vulnerability
4. [SA35948] Adobe Flash Player Multiple Vulnerabilities
5. [SA37314] Windows Web Services on Devices API Memory Corruption
Vulnerability
6. [SA37273] Google Chrome Two Vulnerabilities
7. [SA36983] Adobe Reader/Acrobat Multiple Vulnerabilities
8. [SA37313] Apple Mac OS X Security Update Fixes Multiple
Vulnerabilities
9. [SA37277] Microsoft Office Word File Information Block Parsing
Buffer Overflow
10. [SA37309] Microsoft Windows Win32k Kernel-Mode Driver Privilege
Escalation
=======================================================================4) This Week in Numbers
During the past week 78 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.
This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:
Platforms:
Windows : 6 Secunia Advisories
Unix/Linux : 33 Secunia Advisories
Other : 1 Secunia Advisory
Cross platform : 38 Secunia Advisories
Criticality Ratings:
Extremely Critical : 0 Secunia Advisories
Highly Critical : 16 Secunia Advisories
Moderately Critical : 19 Secunia Advisories
Less Critical : 41 Secunia Advisories
Not Critical : 2 Secunia Advisories
=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Subscribe:
http://secunia.com/advisories/weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
________________________________________
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News
http://www.infosecnews.org