Alert GCSA-13034 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13034
Data : 22 Maggio 2013
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riscontrate diverse vulnerabilita' in Google Chrome che
potrebbero essere sfruttate per compromettere un sistema che ne sia
affetto, oppure divulgare informazioni sensibili, o per effettuare
attacchi di tipo cross-site scripting.
:: Software interessato
Google Chrome versioni precedenti alla 27.0.1453.93
:: Impatto
Esecuzione di codice arbitrario
Compromissione del sistema
cross-site scripting
divulgazione di dati sensibili
:: Soluzioni
Aggiornare Chrome alla versione 27.0.1453.93
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome and Original Advisory
http://googlechromereleases.blogspot.dk/2013/05/stable-channel-release.html
Secunia
http://secunia.com/advisories/53430/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2845
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3326
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3327
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3328
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3329
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3332
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3335
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGcxmgACgkQwZxMk2USYEIYKQCdEAB0a74YUQN0ZkWwRfBfIfdw
bRQAnjHfkmCbRGvRhom3ghyoXZtfnYFD
=nw67
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13034
Data : 22 Maggio 2013
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riscontrate diverse vulnerabilita' in Google Chrome che
potrebbero essere sfruttate per compromettere un sistema che ne sia
affetto, oppure divulgare informazioni sensibili, o per effettuare
attacchi di tipo cross-site scripting.
:: Software interessato
Google Chrome versioni precedenti alla 27.0.1453.93
:: Impatto
Esecuzione di codice arbitrario
Compromissione del sistema
cross-site scripting
divulgazione di dati sensibili
:: Soluzioni
Aggiornare Chrome alla versione 27.0.1453.93
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome and Original Advisory
http://googlechromereleases.blogspot.dk/2013/05/stable-channel-release.html
Secunia
http://secunia.com/advisories/53430/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2839
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2842
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2845
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2846
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2848
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3324
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3325
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3326
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3327
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3328
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3329
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3332
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3333
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3335
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGcxmgACgkQwZxMk2USYEIYKQCdEAB0a74YUQN0ZkWwRfBfIfdw
bRQAnjHfkmCbRGvRhom3ghyoXZtfnYFD
=nw67
-----END PGP SIGNATURE-----