Alert GCSA-08120 - MS08-073 Aggiornamenti Cumulativi per Internet
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-08120
Data : 11 Dicembre 2008
Titolo : MS08-073 Aggiornamenti per Internet Explorer (958215)
************************************************************************
:: Descrizione del problema
Questo aggiornamento di sicurezza risolve quattro vulnerabilita'.
Le vulnerabilita' consentono l'esecuzione da remoto di codice
arbitrario se un utente visita, tramite Internet Explorer, pagine WEB
appositamente predisposte.
:: Software e Sistemi affetti
Internet Explorer 5.01 e Internet Explorer 6 SP1:
Microsoft Windows 2000 SP4
Internet Explorer 6:
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64
Microsoft Windows XP Professional x64 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 x64
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 Itanium-based SP1
Microsoft Windows Server 2003 Itanium-based SP2
Internet Explorer 7:
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64
Microsoft Windows XP Professional x64 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 x64
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 Itanium-based SP1
Microsoft Windows Server 2003 Itanium-based SP2
Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64
Microsoft Windows Vista x64 SP1
Microsoft Windows Server 2008 32-bit
Microsoft Windows Server 2008 64-bit
Microsoft Windows Server 2008 Itanium-based
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08-073
http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx
:: Riferimenti
Microsoft Security Bulletin MS08-073
http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx
VUPEN (ex FrSirt):
http://www.vupen.com/english/advisories/2008/3385
Secunia:
http://secunia.com/advisories/33035
SecurityFocus:
http://www.securityfocus.com/bid/32596
http://www.securityfocus.com/bid/32586
http://www.securityfocus.com/bid/32593
http://www.securityfocus.com/bid/32595
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4261
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSUD5ufOB+SpikaiRAQLAqAP/bAIr31iNYxkvwA2iahGSF0uWVXSDBQZ3
P90Hz/k4SRUX6TXqwwdZBwD5TFkmiTbhuayNlft6bBAdq19wI6NoJDJoPDhJDs6D
yjlfBRFK+EhxQ2dcLdloi1GzbOKh6vRB+OgHGs6HUlNzWso5YPFqxoNo7oKEH7+B
DUAuwVANryk=
=BpCA
-----END PGP SIGNATURE-----
Hash: SHA1
************************************************************************
Alert ID : GCSA-08120
Data : 11 Dicembre 2008
Titolo : MS08-073 Aggiornamenti per Internet Explorer (958215)
************************************************************************
:: Descrizione del problema
Questo aggiornamento di sicurezza risolve quattro vulnerabilita'.
Le vulnerabilita' consentono l'esecuzione da remoto di codice
arbitrario se un utente visita, tramite Internet Explorer, pagine WEB
appositamente predisposte.
:: Software e Sistemi affetti
Internet Explorer 5.01 e Internet Explorer 6 SP1:
Microsoft Windows 2000 SP4
Internet Explorer 6:
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64
Microsoft Windows XP Professional x64 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 x64
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 Itanium-based SP1
Microsoft Windows Server 2003 Itanium-based SP2
Internet Explorer 7:
Microsoft Windows XP SP2
Microsoft Windows XP SP3
Microsoft Windows XP Professional x64
Microsoft Windows XP Professional x64 SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 x64
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 Itanium-based SP1
Microsoft Windows Server 2003 Itanium-based SP2
Microsoft Windows Vista
Microsoft Windows Vista SP1
Microsoft Windows Vista x64
Microsoft Windows Vista x64 SP1
Microsoft Windows Server 2008 32-bit
Microsoft Windows Server 2008 64-bit
Microsoft Windows Server 2008 Itanium-based
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Applicare la patch segnalata nel bollettino Microsoft MS08-073
http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx
:: Riferimenti
Microsoft Security Bulletin MS08-073
http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx
VUPEN (ex FrSirt):
http://www.vupen.com/english/advisories/2008/3385
Secunia:
http://secunia.com/advisories/33035
SecurityFocus:
http://www.securityfocus.com/bid/32596
http://www.securityfocus.com/bid/32586
http://www.securityfocus.com/bid/32593
http://www.securityfocus.com/bid/32595
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4259
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4261
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSUD5ufOB+SpikaiRAQLAqAP/bAIr31iNYxkvwA2iahGSF0uWVXSDBQZ3
P90Hz/k4SRUX6TXqwwdZBwD5TFkmiTbhuayNlft6bBAdq19wI6NoJDJoPDhJDs6D
yjlfBRFK+EhxQ2dcLdloi1GzbOKh6vRB+OgHGs6HUlNzWso5YPFqxoNo7oKEH7+B
DUAuwVANryk=
=BpCA
-----END PGP SIGNATURE-----