Alert GCSA-15030 - APSB15-19 Aggiornamento di sicurezza per Adobe Flash Player
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-15030
Data: 12 agosto 2015
Titolo: APSB15-19 Aggiornamento di sicurezza per Adobe Flash Player
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento del Flash Player
che risolve alcune vulnerabilita' critiche presenti nel software.
Tali difetti potrebbero consentire ad un aggressore
di prendere il controllo del sistema.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
Flash Player Desktop Runtime 18.0.0.209 e precedenti per Windows e Macintosh
Flash Player Extended Support Release 13.0.0.309 e precedenti per Windows e Macintosh
Flash Player per Google Chrome 18.0.0.209 e precedenti per Windows, Macintosh e Linux
Flash Player per Microsoft Edge e Internet Explorer 11 18.0.0.209 e precedenti Windows 10
Flash Player per Internet Explorer 10 e 11 18.0.0.209 e precedenti Windows 8.0 e 8.1
Flash Player per Linux 11.2.202.491 e precedenti Linux
AIR Desktop Runtime 18.0.0.180 e precedenti per Windows e Macintosh
AIR SDK 18.0.0.180 e precedenti per Windows, Macintosh, Android e iOS
AIR SDK & Compiler 18.0.0.180 e precedenti per Windows, Macintosh, Android e iOS
Per verificare la versione di Flash Player installata
accedere alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo
da ognuno di essi.
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Aggiornare a Flash Player 18.0.0.232 per Windows e Macintosh
Aggiornare a Flash Player 11.2.202.508 per Linux
Aggiornare a AIR 18.0.0.199
http://get.adobe.com/flashplayer/
gli utenti Windows possono anche utilizzare la funzione auto-update
presente nel prodotto, quando proposta.
:: Riferimenti
Abobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5545
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5554
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5564
Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer - Version: 46.0
https://technet.microsoft.com/en-us/library/security/2755801
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFVy2PnwZxMk2USYEIRAr4RAKCxZve5pCkoA07NTfr0aw+LtdV0QACdHLUT
dShCYvJgf+B0IkHGEWgnJls=
=pnUo
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-15030
Data: 12 agosto 2015
Titolo: APSB15-19 Aggiornamento di sicurezza per Adobe Flash Player
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento del Flash Player
che risolve alcune vulnerabilita' critiche presenti nel software.
Tali difetti potrebbero consentire ad un aggressore
di prendere il controllo del sistema.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
Flash Player Desktop Runtime 18.0.0.209 e precedenti per Windows e Macintosh
Flash Player Extended Support Release 13.0.0.309 e precedenti per Windows e Macintosh
Flash Player per Google Chrome 18.0.0.209 e precedenti per Windows, Macintosh e Linux
Flash Player per Microsoft Edge e Internet Explorer 11 18.0.0.209 e precedenti Windows 10
Flash Player per Internet Explorer 10 e 11 18.0.0.209 e precedenti Windows 8.0 e 8.1
Flash Player per Linux 11.2.202.491 e precedenti Linux
AIR Desktop Runtime 18.0.0.180 e precedenti per Windows e Macintosh
AIR SDK 18.0.0.180 e precedenti per Windows, Macintosh, Android e iOS
AIR SDK & Compiler 18.0.0.180 e precedenti per Windows, Macintosh, Android e iOS
Per verificare la versione di Flash Player installata
accedere alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo
da ognuno di essi.
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Aggiornare a Flash Player 18.0.0.232 per Windows e Macintosh
Aggiornare a Flash Player 11.2.202.508 per Linux
Aggiornare a AIR 18.0.0.199
http://get.adobe.com/flashplayer/
gli utenti Windows possono anche utilizzare la funzione auto-update
presente nel prodotto, quando proposta.
:: Riferimenti
Abobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5124
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5545
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5554
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5557
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5558
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5559
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5560
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5561
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5564
Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer - Version: 46.0
https://technet.microsoft.com/en-us/library/security/2755801
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFVy2PnwZxMk2USYEIRAr4RAKCxZve5pCkoA07NTfr0aw+LtdV0QACdHLUT
dShCYvJgf+B0IkHGEWgnJls=
=pnUo
-----END PGP SIGNATURE-----