Alert GCSA-17018 - Aggiornamento di sicurezza per prodotti Adobe
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17018
Data: 15 Marzo 2017
Titolo: Aggiornamento di sicurezza per prodotti Adobe
**********************************************************************
:: Descrizione del problema
Adobe ha rilasciato 2 aggiornamenti di sicurezza relativi a
vulnerabilita' presenti in vari prodotti:
APSB17-08 Security updates available for Adobe Shockwave Player
APSB17-07 Security update available for Adobe Flash Player
Per una descrizione completa delle vulnerabilita' consultare le
segnalazioni ufficiali.
:: Sistemi e Software interessato
Adobe Shockwave Player 12.2.7.197 e precedenti su sistemi Windows
Adobe Flash Player 24.0.0.221 e precedenti
su sistemi Windows, Macintosh, Linux e Chrome OS
:: Impatto
Esecuzione remota di codice arbitrario
Accesso utente via network
Security bypass
Escalation di privilegi
:: Soluzioni
Aggiornare alle versioni:
Adobe Shockwave Player 12.2.8.198
Adobe Flash Player 25.0.0.127
:: Riferimenti
Riepilogo dei Bollettini di sicurezza Adobe
Adobe Security Bulletin
https://helpx.adobe.com/security/products/shockwave/apsb17-08.html
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
Security Tracker
http://www.securitytracker.com/id/1037993
http://www.securitytracker.com/id/1037994
US-CERT
https://www.us-cert.gov/ncas/current-activity/2017/03/14/Adobe-Releases-Security-Updates
SecurityFocus
http://www.securityfocus.com/bid/96862
http://www.securityfocus.com/bid/96861
http://www.securityfocus.com/bid/96866
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3003
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAljJZM4ACgkQwZxMk2USYEJKJQCbBZ40E6wUIi8JrxEvK0nBTa2a
aSgAoM476brVf6wSXG6KUtPtIx0u55WW
=IpRQ
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17018
Data: 15 Marzo 2017
Titolo: Aggiornamento di sicurezza per prodotti Adobe
**********************************************************************
:: Descrizione del problema
Adobe ha rilasciato 2 aggiornamenti di sicurezza relativi a
vulnerabilita' presenti in vari prodotti:
APSB17-08 Security updates available for Adobe Shockwave Player
APSB17-07 Security update available for Adobe Flash Player
Per una descrizione completa delle vulnerabilita' consultare le
segnalazioni ufficiali.
:: Sistemi e Software interessato
Adobe Shockwave Player 12.2.7.197 e precedenti su sistemi Windows
Adobe Flash Player 24.0.0.221 e precedenti
su sistemi Windows, Macintosh, Linux e Chrome OS
:: Impatto
Esecuzione remota di codice arbitrario
Accesso utente via network
Security bypass
Escalation di privilegi
:: Soluzioni
Aggiornare alle versioni:
Adobe Shockwave Player 12.2.8.198
Adobe Flash Player 25.0.0.127
:: Riferimenti
Riepilogo dei Bollettini di sicurezza Adobe
Adobe Security Bulletin
https://helpx.adobe.com/security/products/shockwave/apsb17-08.html
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
Security Tracker
http://www.securitytracker.com/id/1037993
http://www.securitytracker.com/id/1037994
US-CERT
https://www.us-cert.gov/ncas/current-activity/2017/03/14/Adobe-Releases-Security-Updates
SecurityFocus
http://www.securityfocus.com/bid/96862
http://www.securityfocus.com/bid/96861
http://www.securityfocus.com/bid/96866
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3003
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAljJZM4ACgkQwZxMk2USYEJKJQCbBZ40E6wUIi8JrxEvK0nBTa2a
aSgAoM476brVf6wSXG6KUtPtIx0u55WW
=IpRQ
-----END PGP SIGNATURE-----