Alert GCSA-16029 - Apple Security Updates APPLE-SA-2016-05-16
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-16029
Data: 19 Maggio 2016
Titolo: Apple Security Updates APPLE-SA-2016-05-16
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono alcune vulnerabilita'
presenti nei sistemi operativi OS X, Apple iOS, watchOS, tvOS, iTunes, e
nel Browser Safari:
APPLE-SA-2016-05-16-1 tvOS 9.2.1
APPLE-SA-2016-05-16-2 iOS 9.3.2
APPLE-SA-2016-05-16-3 watchOS 2.2.1
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update
APPLE-SA-2016-05-16-5 Safari 9.1.1
APPLE-SA-2016-05-16-6 iTunes 12.4
APPLE-SA-2016-05-18-1 OS X: Flash Player plug-in blocked
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Piattaforme e Software interessati
Apple iOS
Apple OS X El Capitan
Apple iTunes
Apple Safari
Apple watchOS
Apple tvOS
:: Impatto
Esposizione di informazioni sensibili
Esecuzione di codice arbitrario
Escalation di privilegi
Esposizione di informazioni sensibili
:: Soluzione
Applicare i security update:
http://www.apple.com/support/downloads/
http://www.apple.com/it/osx/apps/app-store.html
:: Riferimenti
Apple security updates
http://support.apple.com/kb/ht1222
https://support.apple.com/en-us/HT201222
APPLE-SA-2016-05-16-1 tvOS 9.2.1
https://support.apple.com/en-us/HT206564
APPLE-SA-2016-05-16-2 iOS 9.3.2
http://support.apple.com/en-us/HT206568
APPLE-SA-2016-05-16-3 watchOS 2.2.1
https://support.apple.com/en-us/HT206566
APPLE-SA-2016-05-16-4
https://support.apple.com/en-us/HT206567
APPLE-SA-2016-05-16-5 Safari 9.1.1
http://support.apple.com/en-us/HT206565
APPLE-SA-2016-05-16-6 iTunes 12.4
http://support.apple.com/en-us/HT206379
APPLE-SA-2016-05-18-1 OS X: Flash Player plug-in blocked
https://support.apple.com/en-us/HT202681
SecurityTracker
http://www.securitytracker.com/id/1035887
http://www.securitytracker.com/id/1035888
http://www.securitytracker.com/id/1035890
http://www.securitytracker.com/id/1035893
http://www.securitytracker.com/id/1035894
http://www.securitytracker.com/id/1035896
http://www.securitytracker.com/id/1035897
http://www.securitytracker.com/id/1035895
MITRE-CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1795
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1816
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1852
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1853
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1857
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1859
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlc9ql4ACgkQwZxMk2USYELLcACgvkTQiopwL2YQpWMgIb3X1Mv9
RykAoLAZYgSxsmPBj3wuZ9kHf24MWi2i
=qI6r
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-16029
Data: 19 Maggio 2016
Titolo: Apple Security Updates APPLE-SA-2016-05-16
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono alcune vulnerabilita'
presenti nei sistemi operativi OS X, Apple iOS, watchOS, tvOS, iTunes, e
nel Browser Safari:
APPLE-SA-2016-05-16-1 tvOS 9.2.1
APPLE-SA-2016-05-16-2 iOS 9.3.2
APPLE-SA-2016-05-16-3 watchOS 2.2.1
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update
APPLE-SA-2016-05-16-5 Safari 9.1.1
APPLE-SA-2016-05-16-6 iTunes 12.4
APPLE-SA-2016-05-18-1 OS X: Flash Player plug-in blocked
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Piattaforme e Software interessati
Apple iOS
Apple OS X El Capitan
Apple iTunes
Apple Safari
Apple watchOS
Apple tvOS
:: Impatto
Esposizione di informazioni sensibili
Esecuzione di codice arbitrario
Escalation di privilegi
Esposizione di informazioni sensibili
:: Soluzione
Applicare i security update:
http://www.apple.com/support/downloads/
http://www.apple.com/it/osx/apps/app-store.html
:: Riferimenti
Apple security updates
http://support.apple.com/kb/ht1222
https://support.apple.com/en-us/HT201222
APPLE-SA-2016-05-16-1 tvOS 9.2.1
https://support.apple.com/en-us/HT206564
APPLE-SA-2016-05-16-2 iOS 9.3.2
http://support.apple.com/en-us/HT206568
APPLE-SA-2016-05-16-3 watchOS 2.2.1
https://support.apple.com/en-us/HT206566
APPLE-SA-2016-05-16-4
https://support.apple.com/en-us/HT206567
APPLE-SA-2016-05-16-5 Safari 9.1.1
http://support.apple.com/en-us/HT206565
APPLE-SA-2016-05-16-6 iTunes 12.4
http://support.apple.com/en-us/HT206379
APPLE-SA-2016-05-18-1 OS X: Flash Player plug-in blocked
https://support.apple.com/en-us/HT202681
SecurityTracker
http://www.securitytracker.com/id/1035887
http://www.securitytracker.com/id/1035888
http://www.securitytracker.com/id/1035890
http://www.securitytracker.com/id/1035893
http://www.securitytracker.com/id/1035894
http://www.securitytracker.com/id/1035896
http://www.securitytracker.com/id/1035897
http://www.securitytracker.com/id/1035895
MITRE-CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1795
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1816
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1818
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1819
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1820
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1823
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1824
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1825
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1827
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1829
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1830
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1850
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1851
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1852
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1853
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1855
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1857
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1859
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlc9ql4ACgkQwZxMk2USYELLcACgvkTQiopwL2YQpWMgIb3X1Mv9
RykAoLAZYgSxsmPBj3wuZ9kHf24MWi2i
=qI6r
-----END PGP SIGNATURE-----