Alert GCSA-11082 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11082
Data : 11 Novembre 2011
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple in Google Chrome che
potrebbero essere sfruttate per oltrepassare restrizioni di sicurezza e
per compromettere un sistema che ne sia affetto.
Per una descrizione completa delle vulnerabilita' si rimanda
alla sezione "Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 15.0.874.120.
:: Impatto
Security Bypass
Possibile compromissione del sistema
:: Soluzioni
Aggiornare Google Chrome alla versione 15.0.874.120.
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
Secunia
http://secunia.com/advisories/46815/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3898
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTr08PvOB+SpikaiRAQLQTwP/XAStWnp7ohvaKTKGbyD2+Rj98pXrSdqY
ADgCUl4GggjBHyA3TyHgWXyExDZZSmbcPIdA1Jo+lt2nfIMNyAj5Y6YZl+zYSZG4
UPabYA9Pze8w+53CVfYo+mtGSWgcIPO5zOoLNJ68z8JedpoLLQ7h9FZIlpuQw1sA
gIGtRdA3/N4=
=8uOB
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11082
Data : 11 Novembre 2011
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple in Google Chrome che
potrebbero essere sfruttate per oltrepassare restrizioni di sicurezza e
per compromettere un sistema che ne sia affetto.
Per una descrizione completa delle vulnerabilita' si rimanda
alla sezione "Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 15.0.874.120.
:: Impatto
Security Bypass
Possibile compromissione del sistema
:: Soluzioni
Aggiornare Google Chrome alla versione 15.0.874.120.
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
Secunia
http://secunia.com/advisories/46815/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3896
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3897
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3898
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTr08PvOB+SpikaiRAQLQTwP/XAStWnp7ohvaKTKGbyD2+Rj98pXrSdqY
ADgCUl4GggjBHyA3TyHgWXyExDZZSmbcPIdA1Jo+lt2nfIMNyAj5Y6YZl+zYSZG4
UPabYA9Pze8w+53CVfYo+mtGSWgcIPO5zOoLNJ68z8JedpoLLQ7h9FZIlpuQw1sA
gIGtRdA3/N4=
=8uOB
-----END PGP SIGNATURE-----