Alert GCSA-13032 - Aggiornamenti di sicurezza per Adobe
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13032
Data : 21 Maggio 2013
Titolo : Aggiornamenti di sicurezza per Adobe
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato due aggiornamenti di sicurezza che risolvono
alcune vulnerabilita' critiche presenti in Adobe AIR, Flash Player,
Shockwave Player e ColdFusion.
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Adobe Reader 11.x
Adobe Acrobat 11.x
Adobe Flash Player 11.x
Adobe AIR
Adobe ColdFusion 10 e precedenti
Per verificare la versione di Flash Player installata accedere
alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo da ognuno
di essi.
:: Impatto
Esecuzione di codice in modalita' remota
Bypass di impostazioni di sicurezza
Esposizione di informazioni sensibili
:: Soluzioni
Applicare le soluzioni consigliate nei bollettini Adobe.
:: Riferimenti
Bollettini Adobe sulla sicurezza
http://www.adobe.com/support/security/bulletins/apsb13-13.html
http://www.adobe.com/support/security/bulletins/apsb13-14.html
http://www.adobe.com/support/security/bulletins/apsb13-15.html
SANS ISC Diary
https://isc.sans.edu/diary/Adobe+May+2013+Black+Tuesday+Overview/15797
Secunia
http://secunia.com/advisories/53337/
http://secunia.com/advisories/53419/
http://secunia.com/advisories/53420/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3326
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3327
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3328
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3329
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3332
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3342
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGbbjoACgkQwZxMk2USYEKrGwCcCPDTZW8qcSInJzpYcPJQlMV9
VRAAn3WE7ibGWtqKOPCNZaUh2ikk2vXS
=KSpI
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13032
Data : 21 Maggio 2013
Titolo : Aggiornamenti di sicurezza per Adobe
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato due aggiornamenti di sicurezza che risolvono
alcune vulnerabilita' critiche presenti in Adobe AIR, Flash Player,
Shockwave Player e ColdFusion.
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Adobe Reader 11.x
Adobe Acrobat 11.x
Adobe Flash Player 11.x
Adobe AIR
Adobe ColdFusion 10 e precedenti
Per verificare la versione di Flash Player installata accedere
alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo da ognuno
di essi.
:: Impatto
Esecuzione di codice in modalita' remota
Bypass di impostazioni di sicurezza
Esposizione di informazioni sensibili
:: Soluzioni
Applicare le soluzioni consigliate nei bollettini Adobe.
:: Riferimenti
Bollettini Adobe sulla sicurezza
http://www.adobe.com/support/security/bulletins/apsb13-13.html
http://www.adobe.com/support/security/bulletins/apsb13-14.html
http://www.adobe.com/support/security/bulletins/apsb13-15.html
SANS ISC Diary
https://isc.sans.edu/diary/Adobe+May+2013+Black+Tuesday+Overview/15797
Secunia
http://secunia.com/advisories/53337/
http://secunia.com/advisories/53419/
http://secunia.com/advisories/53420/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2723
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2724
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2725
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2726
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3326
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3327
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3328
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3329
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3332
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3342
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGbbjoACgkQwZxMk2USYEKrGwCcCPDTZW8qcSInJzpYcPJQlMV9
VRAAn3WE7ibGWtqKOPCNZaUh2ikk2vXS
=KSpI
-----END PGP SIGNATURE-----