Alert GCSA-14009 - Apple Security Update APPLE-SA-2014-04-22-1/2/3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-14009
Data: 28 Aprile 2014
Titolo: Apple Security Update APPLE-SA-2014-04-22-1/2/3
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update che corregge varie vulnerabilita'
presenti nel sistema operativo Mac OS X, Apple iOS, Apple TV ed in
alcune applicazioni distribuite insieme al sistema stesso.
Per una descrizione completa delle vulnerabilita' consultare
la segnalazione ufficiale.
:: Piattaforme e Software interessati
Apple Mac Os X Mountain Lion 10.8
Apple Mac Os X Lion 10.7
Apple Mac Os X Snow Leopard 10.6
Apple Mac OS X Mavericks 10.9
Apple iOS 7.1 (iPHone4, iPod touch 5th generation, iPad2 e tutti
i rispettivi successivi)
Apple TV 6.1
:: Impatto
Security Bypass
Esposizione di informazioni sensibili
Acquisizione di privilegi piu' elevati
Denial of Service
Accesso al sistema
Cross site Scripting
:: Soluzione
Applicare il Security Update:
http://www.apple.com/support/downloads/
:: Riferimenti
APPLE-SA-2014-04-22-1
http://support.apple.com/kb/HT6207
APPLE-SA-2014-04-22-2
http://support.apple.com/kb/HT6208
APPLE-SA-2014-04-22-3
http://support.apple.com/kb/HT6209
Secunia
http://secunia.com/advisories/58081/
http://secunia.com/advisories/58140/
http://secunia.com/advisories/58142/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1299
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1302
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1303
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1307
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1309
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1310
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1311
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1312
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1316
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1318
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1319
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFTXiERwZxMk2USYEIRAorIAJ9eEDBlHefdJ70vI76EOEKvC/tuyACghQig
m2WFhhAVaorYPhKaM9oCH+E=
=/BA0
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-14009
Data: 28 Aprile 2014
Titolo: Apple Security Update APPLE-SA-2014-04-22-1/2/3
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato il Security Update che corregge varie vulnerabilita'
presenti nel sistema operativo Mac OS X, Apple iOS, Apple TV ed in
alcune applicazioni distribuite insieme al sistema stesso.
Per una descrizione completa delle vulnerabilita' consultare
la segnalazione ufficiale.
:: Piattaforme e Software interessati
Apple Mac Os X Mountain Lion 10.8
Apple Mac Os X Lion 10.7
Apple Mac Os X Snow Leopard 10.6
Apple Mac OS X Mavericks 10.9
Apple iOS 7.1 (iPHone4, iPod touch 5th generation, iPad2 e tutti
i rispettivi successivi)
Apple TV 6.1
:: Impatto
Security Bypass
Esposizione di informazioni sensibili
Acquisizione di privilegi piu' elevati
Denial of Service
Accesso al sistema
Cross site Scripting
:: Soluzione
Applicare il Security Update:
http://www.apple.com/support/downloads/
:: Riferimenti
APPLE-SA-2014-04-22-1
http://support.apple.com/kb/HT6207
APPLE-SA-2014-04-22-2
http://support.apple.com/kb/HT6208
APPLE-SA-2014-04-22-3
http://support.apple.com/kb/HT6209
Secunia
http://secunia.com/advisories/58081/
http://secunia.com/advisories/58140/
http://secunia.com/advisories/58142/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1299
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1302
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1303
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1304
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1307
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1309
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1310
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1311
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1312
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1315
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1316
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1318
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1319
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1713
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFTXiERwZxMk2USYEIRAorIAJ9eEDBlHefdJ70vI76EOEKvC/tuyACghQig
m2WFhhAVaorYPhKaM9oCH+E=
=/BA0
-----END PGP SIGNATURE-----