Alert GCSA-11021 - Vulnerabilita' multiple in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11021
Data : 3 Marzo 2011
Titolo : Vulnerabilita' multiple in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple in Google Chrome
che potrebbero essere sfruttate da un attaccante remoto per
manipolare e divulgare informazioni, eseguire codice arbitrario,
condurre attacchi di spoofing e compromettere il sistema.
Per una descrizione completa delle 19 vulnerabilita' fare
riferimento alla segnalazione ufficiale nella sezione
"Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 9.0.597.107
:: Impatto
Attacchi di Spoofing
Exposure of sensitive information
Accesso al sistema
Compromissione del sistema
:: Soluzioni
Aggiornare Google Chrome alla versione 9.0.597.107
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito
ufficiale:
http://www.google.com/chrome/intl/en/landing_chrome.html?hl=en
:: Riferimenti
Google Chrome Original Advisory
http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html
VUPEN
http://www.vupen.com/english/advisories/2011/0525
Secunia
http://secunia.com/advisories/43519/
Securityfocus
http://www.securityfocus.com/bid/45617
http://www.securityfocus.com/bid/44779
http://www.securityfocus.com/bid/45721
http://www.securityfocus.com/bid/44215
http://www.securityfocus.com/bid/45719
http://www.securityfocus.com/bid/45718
http://www.securityfocus.com/bid/44217
http://www.securityfocus.com/bid/45720
http://www.securityfocus.com/bid/44216
http://www.securityfocus.com/bid/44204
http://www.securityfocus.com/bid/44206
http://www.securityfocus.com/bid/44200
http://www.securityfocus.com/bid/44201
http://www.securityfocus.com/bid/44199
http://www.securityfocus.com/bid/44203
http://www.securityfocus.com/bid/42044
http://www.securityfocus.com/bid/42034
http://www.securityfocus.com/bid/42036
http://www.securityfocus.com/bid/42038
http://www.securityfocus.com/bid/41575
http://www.securityfocus.com/bid/41573
http://www.securityfocus.com/bid/42037
http://www.securityfocus.com/bid/39808
http://www.securityfocus.com/bid/39804
http://www.securityfocus.com/bid/40658
http://www.securityfocus.com/bid/38690
http://www.securityfocus.com/bid/38685
http://www.securityfocus.com/bid/38372
http://www.securityfocus.com/bid/38373
http://www.securityfocus.com/bid/46614
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTW91ffOB+SpikaiRAQLcjAQAlXsM2+tC4sFoHDi4nuSZQYiVGKMQpZ8L
e6XzzwkZiSWD06NQFskh37hYL9jls+ZpnXAZaKqKZeYgsJVv9tIa2aSZAxcCsEcQ
Lh9EOrugc4B0lZyKuRHatEcuhnGtW5P6PqqRWovuruVMxeQAYiHCCmarpLl/40k7
KnGxXipX2dk=
=tt5p
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11021
Data : 3 Marzo 2011
Titolo : Vulnerabilita' multiple in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple in Google Chrome
che potrebbero essere sfruttate da un attaccante remoto per
manipolare e divulgare informazioni, eseguire codice arbitrario,
condurre attacchi di spoofing e compromettere il sistema.
Per una descrizione completa delle 19 vulnerabilita' fare
riferimento alla segnalazione ufficiale nella sezione
"Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 9.0.597.107
:: Impatto
Attacchi di Spoofing
Exposure of sensitive information
Accesso al sistema
Compromissione del sistema
:: Soluzioni
Aggiornare Google Chrome alla versione 9.0.597.107
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito
ufficiale:
http://www.google.com/chrome/intl/en/landing_chrome.html?hl=en
:: Riferimenti
Google Chrome Original Advisory
http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html
VUPEN
http://www.vupen.com/english/advisories/2011/0525
Secunia
http://secunia.com/advisories/43519/
Securityfocus
http://www.securityfocus.com/bid/45617
http://www.securityfocus.com/bid/44779
http://www.securityfocus.com/bid/45721
http://www.securityfocus.com/bid/44215
http://www.securityfocus.com/bid/45719
http://www.securityfocus.com/bid/45718
http://www.securityfocus.com/bid/44217
http://www.securityfocus.com/bid/45720
http://www.securityfocus.com/bid/44216
http://www.securityfocus.com/bid/44204
http://www.securityfocus.com/bid/44206
http://www.securityfocus.com/bid/44200
http://www.securityfocus.com/bid/44201
http://www.securityfocus.com/bid/44199
http://www.securityfocus.com/bid/44203
http://www.securityfocus.com/bid/42044
http://www.securityfocus.com/bid/42034
http://www.securityfocus.com/bid/42036
http://www.securityfocus.com/bid/42038
http://www.securityfocus.com/bid/41575
http://www.securityfocus.com/bid/41573
http://www.securityfocus.com/bid/42037
http://www.securityfocus.com/bid/39808
http://www.securityfocus.com/bid/39804
http://www.securityfocus.com/bid/40658
http://www.securityfocus.com/bid/38690
http://www.securityfocus.com/bid/38685
http://www.securityfocus.com/bid/38372
http://www.securityfocus.com/bid/38373
http://www.securityfocus.com/bid/46614
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTW91ffOB+SpikaiRAQLcjAQAlXsM2+tC4sFoHDi4nuSZQYiVGKMQpZ8L
e6XzzwkZiSWD06NQFskh37hYL9jls+ZpnXAZaKqKZeYgsJVv9tIa2aSZAxcCsEcQ
Lh9EOrugc4B0lZyKuRHatEcuhnGtW5P6PqqRWovuruVMxeQAYiHCCmarpLl/40k7
KnGxXipX2dk=
=tt5p
-----END PGP SIGNATURE-----