Alert GCSA-07125 Vulnerabilita' in Java per Apple Mac OS X
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*************************************************************************
Alert ID : GCSA-07125
Data : 17 dicembre 2007
Titolo : Vulnerabilita' in Java per Apple Mac OS X
*************************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Mac OS X
dovute a difetti nell'interprete Java.
:: Piattaforme interessate
Apple Macintosh OS X versioni precedenti alla 10.5
:: Impatto
Bypass delle restrizioni di sicurezza
Privilege escalation
Denial of Service
Esecuzione remota di codice e comandi arbitrari
:: Soluzione
Aggiornare Java alla versione 6 per Mac OS X 10.4:
http://www.apple.com/support/downloads/javaformacosx104release6.html
:: Riferimenti
Apple
http://docs.info.apple.com/article.html?artnum=307177
FrSirt
http://www.frsirt.com/english/advisories/2007/4224
Secunia
http://secunia.com/advisories/28115/
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6745
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5862
-----BEGIN PGP SIGNATURE-----
iQCVAwUBR2axTPOB+SpikaiRAQKGkQP/Zky2BTQGePFqMW9zomG9DD2Bq+Qs8C92
Q/YdDRiUELAemlM4tS0ezN1ZaOgrjUyjb0cUmA+D+zYfuZJ6fiMdAOp9hG1rW4PL
5v9YsxaGxx/2MHAgI2e6QJLjqFILSVVHxQOuijTZtnjflczPurQ3MbcXMhsyAlTq
577e3vTLuJY=
=quWc
-----END PGP SIGNATURE-----
Hash: SHA1
*************************************************************************
Alert ID : GCSA-07125
Data : 17 dicembre 2007
Titolo : Vulnerabilita' in Java per Apple Mac OS X
*************************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Mac OS X
dovute a difetti nell'interprete Java.
:: Piattaforme interessate
Apple Macintosh OS X versioni precedenti alla 10.5
:: Impatto
Bypass delle restrizioni di sicurezza
Privilege escalation
Denial of Service
Esecuzione remota di codice e comandi arbitrari
:: Soluzione
Aggiornare Java alla versione 6 per Mac OS X 10.4:
http://www.apple.com/support/downloads/javaformacosx104release6.html
:: Riferimenti
Apple
http://docs.info.apple.com/article.html?artnum=307177
FrSirt
http://www.frsirt.com/english/advisories/2007/4224
Secunia
http://secunia.com/advisories/28115/
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6745
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5862
-----BEGIN PGP SIGNATURE-----
iQCVAwUBR2axTPOB+SpikaiRAQKGkQP/Zky2BTQGePFqMW9zomG9DD2Bq+Qs8C92
Q/YdDRiUELAemlM4tS0ezN1ZaOgrjUyjb0cUmA+D+zYfuZJ6fiMdAOp9hG1rW4PL
5v9YsxaGxx/2MHAgI2e6QJLjqFILSVVHxQOuijTZtnjflczPurQ3MbcXMhsyAlTq
577e3vTLuJY=
=quWc
-----END PGP SIGNATURE-----