Alert GCSA-15042 - APSB15-23 Aggiornamento di sicurezza per Adobe Flash Player
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-15042
Data: 22 Settembre 2015
Titolo: APSB15-23 Aggiornamento di sicurezza per Adobe Flash Player
**********************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento del Flash Player che risolve
alcune vulnerabilita' critiche presenti nel software.
Tali difetti potrebbero consentire ad un aggressore di prendere il
controllo del sistema e causare l'esecuzione di codice arbitrario
in un sistema affetto.
Per una descrizione completa delle vulnerabilita' consultare le
segnalazioni ufficiali.
:: Piattaforme e Software interessati
Flash Player Desktop Runtime 18.0.0.232 e precedenti per
Windows e Macintosh
Flash Player Extended Support Release 18.0.0.232 e precedenti per
Windows e Macintosh
Flash Player for Google Chrome 18.0.0.233 e precedenti per
Windows, Macintosh, Linux e ChromeOS
Flash Player for Microsoft Edge and Internet Explorer 11 18.0.0.232
e precedenti per Windows 10
Flash Player for Internet Explorer 10 and 11 18.0.0.232 e precedenti
per Windows 8.0 and 8.1
Flash Player for Linux 11.2.202.508 e precedenti per Linux
AIR Desktop Runtime 18.0.0.199 e precedenti per Windows e Macintosh
AIR SDK 18.0.0.199 e precedenti per Windows, Macintosh, Android e iOS
AIR SDK & Compiler 18.0.0.180 e precedenti perWindows, Macintosh,
Android e iOS
AIR for Android 18.0.0.143 e precedenti perAndroid
Per verificare la versione di Flash Player installata
accedere alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo
da ognuno di essi.
:: Impatto
Esecuzione remota di codice arbitrario
Accesso al sistema
:: Soluzione
Aggiornare a Flash Player 19.0.0.185 per Windows e Macintosh
Aggiornare a Flash Player 11.2.202.521 per Linux
Aggiornare a AIR 19.0.0.190
http://get.adobe.com/flashplayer/
gli utenti Windows possono anche utilizzare la funzione auto-update
presente nel prodotto, quando proposta.
:: Riferimenti
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb15-23.html
Security Tracker
http://securitytracker.com/id/1033629
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5579
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5588
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6682
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlYC0GQACgkQwZxMk2USYELDnwCeOWDSU5NI+phWM+Hs2e9mJ2AP
iIEAn1tOOAJaNlPdOYbXwwN9sw5LG8t6
=FJGe
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-15042
Data: 22 Settembre 2015
Titolo: APSB15-23 Aggiornamento di sicurezza per Adobe Flash Player
**********************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento del Flash Player che risolve
alcune vulnerabilita' critiche presenti nel software.
Tali difetti potrebbero consentire ad un aggressore di prendere il
controllo del sistema e causare l'esecuzione di codice arbitrario
in un sistema affetto.
Per una descrizione completa delle vulnerabilita' consultare le
segnalazioni ufficiali.
:: Piattaforme e Software interessati
Flash Player Desktop Runtime 18.0.0.232 e precedenti per
Windows e Macintosh
Flash Player Extended Support Release 18.0.0.232 e precedenti per
Windows e Macintosh
Flash Player for Google Chrome 18.0.0.233 e precedenti per
Windows, Macintosh, Linux e ChromeOS
Flash Player for Microsoft Edge and Internet Explorer 11 18.0.0.232
e precedenti per Windows 10
Flash Player for Internet Explorer 10 and 11 18.0.0.232 e precedenti
per Windows 8.0 and 8.1
Flash Player for Linux 11.2.202.508 e precedenti per Linux
AIR Desktop Runtime 18.0.0.199 e precedenti per Windows e Macintosh
AIR SDK 18.0.0.199 e precedenti per Windows, Macintosh, Android e iOS
AIR SDK & Compiler 18.0.0.180 e precedenti perWindows, Macintosh,
Android e iOS
AIR for Android 18.0.0.143 e precedenti perAndroid
Per verificare la versione di Flash Player installata
accedere alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo
da ognuno di essi.
:: Impatto
Esecuzione remota di codice arbitrario
Accesso al sistema
:: Soluzione
Aggiornare a Flash Player 19.0.0.185 per Windows e Macintosh
Aggiornare a Flash Player 11.2.202.521 per Linux
Aggiornare a AIR 19.0.0.190
http://get.adobe.com/flashplayer/
gli utenti Windows possono anche utilizzare la funzione auto-update
presente nel prodotto, quando proposta.
:: Riferimenti
Adobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb15-23.html
Security Tracker
http://securitytracker.com/id/1033629
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5567
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5572
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5573
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5579
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5587
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5588
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6677
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6682
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlYC0GQACgkQwZxMk2USYELDnwCeOWDSU5NI+phWM+Hs2e9mJ2AP
iIEAn1tOOAJaNlPdOYbXwwN9sw5LG8t6
=FJGe
-----END PGP SIGNATURE-----