Alert GCSA-18014 - APSB18-02 APSB18-04 Aggiornamento di sicurezza per prodotti Adobe
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18014
Data: 16 Gennaio 2018
Titolo: Aggiornamento di sicurezza per Adobe APSB18-02 APSB18-04
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamenti di sicurezza per Adobe Experience
Manager, Acrobat, Reader, che risolvono vulnerabilita' presenti nel
software.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale, alla sezione "Riferimenti".
:: Sistemi e software interessato
Adobe Acrobat DC ed Adobe Reader DC versioni 2018.009.20050 e precedenti
per Windows e Macintosh
Adobe Acrobat 2017 e Adobe Acrobat Reader 2017 versioni 2017.011.30070 e
precedenti per Windows e Machintosh
Adobe Experience Manager versioni 6.3, 6.2, 6.1, 6.0
:: Impatto
Esecuzione di codice arbitrario, anche da remoto
Escalation di privilegi
Esposizione di informazioni sensibili
:: Soluzioni
Aggiornare il software alle ultime versioni
Per ogni software si puo' controllare dal menu' HELP - Check for Updates
Per Adobe Reader si puo' anche visitare il sito principale
https://get.adobe.com/reader/
Per quanto riguarda Adobe Experience Manager sono stati resi disponibili
degli HotFix al seguente indirizzo:
https://helpx.adobe.com/experience-manager/kb/aem6-available-hotfixes.html
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/products/acrobat/apsb18-02.html
https://helpx.adobe.com/security/products/acrobat/apsb18-04.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/02/13/Adobe-Releases-Security-Updates
SecurityTracker
https://securitytracker.com/id/1040364
https://securitytracker.com/id/1040365
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4875
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4911
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4912
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4915
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4916
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4917
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4918
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlqGvkUACgkQwZxMk2USYELRfQCgoWi9iwBqICIJ53LVqAfCxAMn
Qb0AnR+MedE8h+bDDDHhQoks4M8yUcqY
=+5v1
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18014
Data: 16 Gennaio 2018
Titolo: Aggiornamento di sicurezza per Adobe APSB18-02 APSB18-04
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamenti di sicurezza per Adobe Experience
Manager, Acrobat, Reader, che risolvono vulnerabilita' presenti nel
software.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale, alla sezione "Riferimenti".
:: Sistemi e software interessato
Adobe Acrobat DC ed Adobe Reader DC versioni 2018.009.20050 e precedenti
per Windows e Macintosh
Adobe Acrobat 2017 e Adobe Acrobat Reader 2017 versioni 2017.011.30070 e
precedenti per Windows e Machintosh
Adobe Experience Manager versioni 6.3, 6.2, 6.1, 6.0
:: Impatto
Esecuzione di codice arbitrario, anche da remoto
Escalation di privilegi
Esposizione di informazioni sensibili
:: Soluzioni
Aggiornare il software alle ultime versioni
Per ogni software si puo' controllare dal menu' HELP - Check for Updates
Per Adobe Reader si puo' anche visitare il sito principale
https://get.adobe.com/reader/
Per quanto riguarda Adobe Experience Manager sono stati resi disponibili
degli HotFix al seguente indirizzo:
https://helpx.adobe.com/experience-manager/kb/aem6-available-hotfixes.html
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/products/acrobat/apsb18-02.html
https://helpx.adobe.com/security/products/acrobat/apsb18-04.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/02/13/Adobe-Releases-Security-Updates
SecurityTracker
https://securitytracker.com/id/1040364
https://securitytracker.com/id/1040365
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4875
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4898
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4901
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4911
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4912
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4915
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4916
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4917
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4918
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlqGvkUACgkQwZxMk2USYELRfQCgoWi9iwBqICIJ53LVqAfCxAMn
Qb0AnR+MedE8h+bDDDHhQoks4M8yUcqY
=+5v1
-----END PGP SIGNATURE-----