AOH :: ISNQ5786.HTM

Secunia Weekly Summary - Issue: 2009-53




Secunia Weekly Summary - Issue: 2009-53
Secunia Weekly Summary - Issue: 2009-53



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2009-12-24 - 2009-12-31                        

                       This week: 46 advisories                        

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4..................................................This Week in Numbers

=======================================================================1) Word From Secunia:

Follow us on twitter
http://twitter.com/secunia 

 --

New blog: Microsoft IIS Multiple Extensions Security Bypass
Clarifications

The vulnerability described in SA37831 has recently raised some
questions due to Microsoft avoiding to acknowledge it as a security
risk.

Read more:
http://secunia.com/blog/70/ 

=======================================================================2) This Week in Brief:

Soroush Dalili has discovered a vulnerability in Microsoft Internet
Information Services (IIS), which can be exploited by malicious people
to potentially bypass certain security restrictions and compromise a
vulnerable system.

For more information, refer to:
http://secunia.com/advisories/37831/ 

 --

Some vulnerabilities have been reported in Sun Java System Directory
Server, which can be exploited by malicious people to gain knowledge of
potentially sensitive information or cause a DoS (Denial of Service).

For more information, refer to:
http://secunia.com/advisories/37915/ 

=======================================================================3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/ 

1.  [SA37448] Internet Explorer Layout Handling Memory Corruption
              Vulnerability
2.  [SA37318] Microsoft Windows Win32k Kernel-Mode Driver Multiple
              Vulnerabilities
3.  [SA24314] Internet Explorer Charset Inheritance Cross-Site
              Scripting Vulnerability
4.  [SA35948] Adobe Flash Player Multiple Vulnerabilities
5.  [SA37314] Windows Web Services on Devices API Memory Corruption
              Vulnerability
6.  [SA37273] Google Chrome Two Vulnerabilities
7.  [SA36983] Adobe Reader/Acrobat Multiple Vulnerabilities
8.  [SA37313] Apple Mac OS X Security Update Fixes Multiple
              Vulnerabilities
9.  [SA37277] Microsoft Office Word File Information Block Parsing
              Buffer Overflow
10. [SA37309] Microsoft Windows Win32k Kernel-Mode Driver Privilege
              Escalation

=======================================================================4) This Week in Numbers

During the past week 46 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
  Windows             :      5 Secunia Advisories
  Unix/Linux          :     13 Secunia Advisories
  Other               :      0 Secunia Advisories
  Cross platform      :     28 Secunia Advisories

Criticality Ratings:
  Extremely Critical  :      0 Secunia Advisories
  Highly Critical     :      2 Secunia Advisories
  Moderately Critical :     18 Secunia Advisories
  Less Critical       :     19 Secunia Advisories
  Not Critical        :      7 Secunia Advisories

=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/ 

Subscribe:
http://secunia.com/advisories/weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org 

Site design & layout copyright © 1986-2014 CodeGods