卡巴斯基实验室最新公布的2011年一季度计算机安全状况报告指数,微软软件的安全系数已经全面提升,即便是最大的漏洞也仅仅是出现在用户较少的OneNote中。最亮的亮点是:漏洞之王宝座已经被Adobe拿下,在十大漏洞软件排行榜中,Adobe表现近乎神勇,派出Flash和Reader哼哈二将,在榜单中连中五元,并包揽前三。
№ | Secunia ID – vulnerability’s unique ID |
Name of vulnerability and link to description |
Benefits to cybercriminal of exploiting vulnerability |
Percentage of users on whose computers the vulnerability was detected |
Date published |
Rating |
1 | SA 38805 | Adobe Reader / Acrobat SING "uniqueName" Buffer Overflow Vulnerability | Gain access to a system and execute arbitrary code with local user privileges | 40.78% | 08.09. 2010 |
Extremely Critical |
2 | SA 37255 | Adobe Flash Player Multiple Vulnerabilities | "Gain access to a system and execute arbitrary code with local user privileges Exposure of sensitive information Bypass security systems" |
31.32% | 28.10. 2010 |
Extremely Critical |
3 | SA 35377 | Adobe Flash Player Multiple Vulnerabilities | Gain access to a system and execute arbitrary code with local user privileges | 24.23% | 09.02. 2011 |
"Highly Critical " |
4 | SA 38547 | Sun Java JDK / JRE / SDK Multiple Vulnerabilities | "Gain access to a system and execute arbitrary code with local user privileges DoS attacks Exposure of sensitive information Manipulation of Data" |
23.71% | 09.02. 2011 |
"Highly Critical " |
5 | SA 31744 | Sun Java JDK / JRE / SDK Multiple Vulnerabilities | "Gain access to the system and execute arbitrary code with the local user privileges DoS attacks Exposure of sensitive information Manipulation of Data Обход системы безопасности" |
21.62% | 13.10. 2010 |
"Highly Critical " |
6 | SA 34572 | Apple QuickTime Multiple Vulnerabilities | "Gain access to a system and execute arbitrary code with local user privileges Exposure of sensitive information Manipulation of Data" |
12.16% | 11.11. 2010 |
"Highly Critical " |
7 | SA 39272 | Winamp MIDI Timestamp Parsing Buffer Overflow Vulnerability | Gain access to a system and execute arbitrary code with local user privileges | 9.40% | 07.12. 2010 |
"Highly Critical " |
8 | SA 29320 | Microsoft Office OneNote URI Handling Vulnerability | Gain access to a system and execute arbitrary code with local user privileges | 9.05% | 09.01. 2007 |
"Highly Critical " |
9 | SA 39375 | Adobe Shockwave Player Multiple Vulnerabilities | Gain access to a system and execute arbitrary code with local user privileges | 8.78% | 03.11. 2010 |
"Highly Critical " |
10 | SA 37690 | Adobe Reader / Acrobat Multiple Vulnerabilities | "Gain access to a system and execute arbitrary code with local user privileges XSS" |
8 |
本文来源:未知 作者:佚名