Alert GCSA-12057 - Apple Security Update 2012-004 / Mac OS X v10.7.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID : GCSA-12057
Data : 21 Settembre 2012
Titolo : Apple Security Update 2012-004 / Mac OS X v10.7.5 e 10.8.2
**********************************************************************
:: Descrizione del problema:
Apple ha rilasciato il Security Update 2012-004 che corregge
varie vulnerabilita' presenti nel sistema operativo Mac OS X
ed in alcune applicazioni distribuite insieme al sistema stesso.
Contemporaneamente e' stata rilasciata la versione 10.7.5
del sistema operativo OS X Lion e la versione 10.8.2 di OS X
Mountain Lion che risolvono le stesse vulnerabilita'.
Per una descrizione completa delle vulnerabilita' consultare
la segnalazione ufficiale.
:: Piattaforme e Software interessati:
Apple Mac Os X Server 10.8.1
Apple Mac Os X Server 10.8
Apple Mac Os X Server 10.7.4
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.2
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X Server 10.6.8
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7
Apple Mac Os X 10.6.8
:: Impatto:
Security Bypass
Esposizione di informazioni sensibili
Acquisizione di privilegi piu' elevati
Denial of Service
Accesso al sistema
:: Soluzione:
Applicare il Security Update 2012-004:
http://www.apple.com/support/downloads/
:: Riferimenti:
Security Update 2012-004 / OS X Mountain Lion v10.8.2 / OS X Lion v10.7.5
http://support.apple.com/kb/HT5501
OCIO - Energy.GOV
http://energy.gov/cio/articles/u-264-apple-os-x-lets-remote-users-execute-arbitrary-code-and-local-users-gain-elevated
Security Focus
http://www.securityfocus.com/bid/55623
Secunia: Apple Mac OS X Multiple Vulnerabilities
http://secunia.com/advisories/50628/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0650
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3723
-----BEGIN PGP SIGNATURE-----
iD8DBQFQXIhkwZxMk2USYEIRAvJAAJ0e+wLOlcXNa1gMUl9Gy1c+D66bpwCgzHhM
jE4Qf6QR5kciUY3Gv26A33M=
=RHl2
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID : GCSA-12057
Data : 21 Settembre 2012
Titolo : Apple Security Update 2012-004 / Mac OS X v10.7.5 e 10.8.2
**********************************************************************
:: Descrizione del problema:
Apple ha rilasciato il Security Update 2012-004 che corregge
varie vulnerabilita' presenti nel sistema operativo Mac OS X
ed in alcune applicazioni distribuite insieme al sistema stesso.
Contemporaneamente e' stata rilasciata la versione 10.7.5
del sistema operativo OS X Lion e la versione 10.8.2 di OS X
Mountain Lion che risolvono le stesse vulnerabilita'.
Per una descrizione completa delle vulnerabilita' consultare
la segnalazione ufficiale.
:: Piattaforme e Software interessati:
Apple Mac Os X Server 10.8.1
Apple Mac Os X Server 10.8
Apple Mac Os X Server 10.7.4
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.2
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X Server 10.6.8
Apple Mac Os X 10.8.1
Apple Mac Os X 10.8
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7
Apple Mac Os X 10.6.8
:: Impatto:
Security Bypass
Esposizione di informazioni sensibili
Acquisizione di privilegi piu' elevati
Denial of Service
Accesso al sistema
:: Soluzione:
Applicare il Security Update 2012-004:
http://www.apple.com/support/downloads/
:: Riferimenti:
Security Update 2012-004 / OS X Mountain Lion v10.8.2 / OS X Lion v10.7.5
http://support.apple.com/kb/HT5501
OCIO - Energy.GOV
http://energy.gov/cio/articles/u-264-apple-os-x-lets-remote-users-execute-arbitrary-code-and-local-users-gain-elevated
Security Focus
http://www.securityfocus.com/bid/55623
Secunia: Apple Mac OS X Multiple Vulnerabilities
http://secunia.com/advisories/50628/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0650
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3716
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3719
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3720
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3721
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3723
-----BEGIN PGP SIGNATURE-----
iD8DBQFQXIhkwZxMk2USYEIRAvJAAJ0e+wLOlcXNa1gMUl9Gy1c+D66bpwCgzHhM
jE4Qf6QR5kciUY3Gv26A33M=
=RHl2
-----END PGP SIGNATURE-----