Alert GCSA-12059 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12059
Data : 26 Settembre 2012
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riportate vulnerabilita' multiple in Google Chrome, alcune delle
quali hanno un impatto sconosciuto mentre altre potrebbero essere sfruttate da
utenti malevoli per condurre attacchi di tipo cross-site scripting,
oltrepassare restrizioni di sicurezza e compromettere un sistema che ne sia affetto.
Per una descrizione completa delle vulnerabilita' si rimanda alla sezione
"Riferimenti".
:: Software interessato
Google Chrome 21.x
:: Impatto
Sconosciuto
Security bypass
Cross Site Scripting
Accesso al sistema in modalita' remota
Possibile compromissione del sistema
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
Per l'installazione manuale scaricare il software dal sito
ufficiale: http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Releases:
http://googlechromereleases.blogspot.dk/2012/09/stable-channel-update_25.html
Secunia:
http://secunia.com/advisories/50759/
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2875
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2877
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2896
-----BEGIN PGP SIGNATURE-----
iD8DBQFQYtlrwZxMk2USYEIRAqcPAJ9xnFTVqBd80lt2RORi9QV9t6G7/gCfTa8n
S4DnkH5UjAcJoR5JFmW0tZU=
=2P/Z
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12059
Data : 26 Settembre 2012
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Sono state riportate vulnerabilita' multiple in Google Chrome, alcune delle
quali hanno un impatto sconosciuto mentre altre potrebbero essere sfruttate da
utenti malevoli per condurre attacchi di tipo cross-site scripting,
oltrepassare restrizioni di sicurezza e compromettere un sistema che ne sia affetto.
Per una descrizione completa delle vulnerabilita' si rimanda alla sezione
"Riferimenti".
:: Software interessato
Google Chrome 21.x
:: Impatto
Sconosciuto
Security bypass
Cross Site Scripting
Accesso al sistema in modalita' remota
Possibile compromissione del sistema
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
Per l'installazione manuale scaricare il software dal sito
ufficiale: http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Releases:
http://googlechromereleases.blogspot.dk/2012/09/stable-channel-update_25.html
Secunia:
http://secunia.com/advisories/50759/
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2874
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2875
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2877
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2881
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2885
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2895
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2896
-----BEGIN PGP SIGNATURE-----
iD8DBQFQYtlrwZxMk2USYEIRAqcPAJ9xnFTVqBd80lt2RORi9QV9t6G7/gCfTa8n
S4DnkH5UjAcJoR5JFmW0tZU=
=2P/Z
-----END PGP SIGNATURE-----