Alert GCSA-13036 - Vulnerabilita' in Apple Safari
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-13036
Data: 5 Giugno 2013
Titolo: Vulnerabilita' in Apple Safari
******************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Safari per
Mac OS X, che potrebbero essere sfruttate da un attaccante remoto
per rivelare informazioni sensibili, oltrepassare alcune restrizioni
di sicurezza, compromettere un sistema utente, effettuare attacchi di
tipo spoofing and cross-site scripting.
Per una descrizione completa delle vulnerabilita' fare riferimento
alla segnalazione ufficiale di Apple.
:: Piattaforme e Software interessati
Apple Safari 6.x
:: Impatto
Exposure of sensitive information
Manipolazione di dati
Denial of Service
Accesso al sistema
Spoofing
Cross site scripting
:: Soluzioni
Aggiornare Safari alla versione 6.0.5.
utilizzando l'applicazione Apple Software Update
:: Riferimenti
APPLE-SA-2013-06-04-2:
http://support.apple.com/kb/HT5785
http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html
Secunia:
http://secunia.com/advisories/53711/
http://secunia.com/SA52320/
http://secunia.com/SA52761/
http://secunia.com/SA53471/
Mitre's CVE ID:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1023
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGwTDIACgkQwZxMk2USYEL0YACgrpfZX6B7y1WYQVCP3RS+Xh8t
qkkAn3f/HBKlnPyQk7RW9ipqHyqRNKuZ
=p9lJ
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-13036
Data: 5 Giugno 2013
Titolo: Vulnerabilita' in Apple Safari
******************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Safari per
Mac OS X, che potrebbero essere sfruttate da un attaccante remoto
per rivelare informazioni sensibili, oltrepassare alcune restrizioni
di sicurezza, compromettere un sistema utente, effettuare attacchi di
tipo spoofing and cross-site scripting.
Per una descrizione completa delle vulnerabilita' fare riferimento
alla segnalazione ufficiale di Apple.
:: Piattaforme e Software interessati
Apple Safari 6.x
:: Impatto
Exposure of sensitive information
Manipolazione di dati
Denial of Service
Accesso al sistema
Spoofing
Cross site scripting
:: Soluzioni
Aggiornare Safari alla versione 6.0.5.
utilizzando l'applicazione Apple Software Update
:: Riferimenti
APPLE-SA-2013-06-04-2:
http://support.apple.com/kb/HT5785
http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html
Secunia:
http://secunia.com/advisories/53711/
http://secunia.com/SA52320/
http://secunia.com/SA52761/
http://secunia.com/SA53471/
Mitre's CVE ID:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0926
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0991
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0993
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1023
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGwTDIACgkQwZxMk2USYEL0YACgrpfZX6B7y1WYQVCP3RS+Xh8t
qkkAn3f/HBKlnPyQk7RW9ipqHyqRNKuZ
=p9lJ
-----END PGP SIGNATURE-----