Alert GCSA-19107 - Aggiornamento di sicurezza per prodotti Adobe
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-19107
Data: 17 Ottobre 2019
Titolo: Aggiornamenti di sicurezza per prodotti Adobe
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento di sicurezza
che risolve numerose vulnerabilita' presenti nei prodotti
Experience Manager, Acrobat and Reader, Experience Manager Forms,
Download Manager.
Per una descrizione completa della vulnerabilita' consultare
le segnalazioni ufficiali alla sezione "Riferimenti".
:: Software interessato
Adobe Experience Manager 6.5 e versioni precedenti
(MacOS & windows) Acrobat DC 2019.012.20040 e versioni precedenti
(MacOS & Windows) Acrobat Reader DC 2019.012.20040 e versioni precedenti
(MacOS & Windows) Acrobat 2017.011.30148 e versioni precedenti
(MacOS & Windows) Acrobat Reader 2017.011.30148 e versioni precedenti
(MacOS & Windows) Acrobat 2015.006.30503 e versioni precedenti
(MacOS & Windows) Acrobat Reader 2015.006.30503 e versioni precedenti
Adobe Experience Manager 6.5 e versioni precedenti
Adobe Download Manager 2.0.0363 e versioni precedenti
:: Impatto
Privilege escalation
Esecuzione remota di codice arbitrario
Esposizione informazioni sensibili
Reflected cross site scripting
:: Soluzioni
Aggiornare i software alle ultime versioni.
E' possibile utilizzare la funzione di aggiornamento automatico.
Il controllo aggiornamenti puo' essere attivato manualmente
dal menu '?' scegliere l'opzione 'Ricerca aggiornamenti' .
:: Riferimenti
Abobe Security Bulletin
https://helpx.adobe.com/security/products/experience-manager/apsb19-48.html
https://helpx.adobe.com/security/products/experience-manager/apsb19-49.html
https://helpx.adobe.com/security/products/experience-manager/apsb19-50.html
https://helpx.adobe.com/security/products/experience-manager/apsb19-51.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2019/10/15/adobe-releases-security-updates-multiple-products
CERT Nazionale
https://www.certnazionale.it/news/2019/10/16/aggiornamenti-di-sicurezza-per-acrobat-reader-experience-manager-e-altri-prodotti-adobe/
CERT-PA
https://www.cert-pa.it/notizie/adobe-rilascia-nuovi-aggiornamenti-di-sicurezza/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8176
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8196
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8199
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8200
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8201
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8208
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8211
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8217
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8234
GARR CERT Security Alert - subscribe/unsubscribe: http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCXahBVQAKCRDBnEyTZRJg
QjCSAJ9zAaxbBGtbueJ+JqNwcCYle8kHjACeKVUECvSbzs1bsPGq18ccjhioLOY=
=6NNm
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-19107
Data: 17 Ottobre 2019
Titolo: Aggiornamenti di sicurezza per prodotti Adobe
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento di sicurezza
che risolve numerose vulnerabilita' presenti nei prodotti
Experience Manager, Acrobat and Reader, Experience Manager Forms,
Download Manager.
Per una descrizione completa della vulnerabilita' consultare
le segnalazioni ufficiali alla sezione "Riferimenti".
:: Software interessato
Adobe Experience Manager 6.5 e versioni precedenti
(MacOS & windows) Acrobat DC 2019.012.20040 e versioni precedenti
(MacOS & Windows) Acrobat Reader DC 2019.012.20040 e versioni precedenti
(MacOS & Windows) Acrobat 2017.011.30148 e versioni precedenti
(MacOS & Windows) Acrobat Reader 2017.011.30148 e versioni precedenti
(MacOS & Windows) Acrobat 2015.006.30503 e versioni precedenti
(MacOS & Windows) Acrobat Reader 2015.006.30503 e versioni precedenti
Adobe Experience Manager 6.5 e versioni precedenti
Adobe Download Manager 2.0.0363 e versioni precedenti
:: Impatto
Privilege escalation
Esecuzione remota di codice arbitrario
Esposizione informazioni sensibili
Reflected cross site scripting
:: Soluzioni
Aggiornare i software alle ultime versioni.
E' possibile utilizzare la funzione di aggiornamento automatico.
Il controllo aggiornamenti puo' essere attivato manualmente
dal menu '?' scegliere l'opzione 'Ricerca aggiornamenti' .
:: Riferimenti
Abobe Security Bulletin
https://helpx.adobe.com/security/products/experience-manager/apsb19-48.html
https://helpx.adobe.com/security/products/experience-manager/apsb19-49.html
https://helpx.adobe.com/security/products/experience-manager/apsb19-50.html
https://helpx.adobe.com/security/products/experience-manager/apsb19-51.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2019/10/15/adobe-releases-security-updates-multiple-products
CERT Nazionale
https://www.certnazionale.it/news/2019/10/16/aggiornamenti-di-sicurezza-per-acrobat-reader-experience-manager-e-altri-prodotti-adobe/
CERT-PA
https://www.cert-pa.it/notizie/adobe-rilascia-nuovi-aggiornamenti-di-sicurezza/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8176
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8196
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8199
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8200
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8201
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8204
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8205
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8206
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8208
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8209
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8210
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8211
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8212
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8217
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8234
GARR CERT Security Alert - subscribe/unsubscribe: http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCXahBVQAKCRDBnEyTZRJg
QjCSAJ9zAaxbBGtbueJ+JqNwcCYle8kHjACeKVUECvSbzs1bsPGq18ccjhioLOY=
=6NNm
-----END PGP SIGNATURE-----