Urchin WebAnalytics Software is discontinued and is no longer supported. All Urchin documentation applies only to the Urchin product as it was at the time of discontinuation, and does not apply to any Google Analytics products or services.

Vulnerability in Adobe SVG Viewer: Upgrade recommended for Urchin 5 Customers

Overview

Urchin 5 uses Adobe's SVG viewer for enhanced report displays when the proper Adobe SVG Viewer has been installed on the user's computer and a browser that supports SVG is being used.

Several vulnerabilities have been discovered in the Adobe SVG Viewer application for the Windows platform. Please see the notes regarding these vulnerabilities on the Adobe SVG Viewer download area web page at:

Impact on Urchin Customers

While there is no flaw in the Urchin 5 software itself, most Urchin 5 users will have installed the Adobe SVG Viewer to enable the enhanced reporting graphics of Urchin 5, and thereby are open to the vulnerabilies described above. Urchin Software Corporation strongly recommends that all customers upgrade to SVG Viewer 3.01 or later to mitigate the vulnerabilities.

It should also be noted that Urchin 5 uses only EMBED tags when using SVG graphics, which is in compliance with Adobe's recommendation on this issue.

Determining the Adobe SVG Viewer version

In order to determine what version of Adobe's SVG Viewer is on a Windows computer, bring up an Urchin 5 report in Internet Explorer. Right-click on the graph area of the Urchin report, and select "About Adobe SVG Viewer...". At the top of the resulting pop-up window, a version will be printed. If the version is "3.0 Build 76", an upgrade is needed. As of the writing of this security notice, "3.01 Build 81" is the current SVG Viewer that addresses the vulnerabilities.

See Also

Search
Clear search
Close search
Google apps
Main menu
Search Help Center
false