Alert GCSA-10084 - Vulnerabilita' multiple in Apple Safari
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10084
Data : 3 Agosto 2010
Titolo : Vulnerabilita' multiple in Apple Safari
******************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Safari, che
potrebbero essere sfruttate da un attaccante remoto per ottenere
informazioni sensibili, condurre attacchi per compromettere un
sistema vulnerabile e bypassare le restrizioni di sicurezza.
Per una descrizione completa delle vulnerabilita' fare riferimento
alla segnalazione ufficiale di Apple.
:: Software interessato
Apple Safari versioni precedenti alla 5.0.1
Apple Safari versioni precedenti alla 4.1.1
:: Impatto
Security Bypass
Accesso al sistema
Esposizione di informazioni sensibili
:: Soluzioni
Aggiornare Apple Safari alla versione 5.0.1 e 4.1.1 :
http://support.apple.com/downloads/
http://www.apple.com/download/
:: Riferimenti
Security Update Apple Safari 4.0.5
http://support.apple.com/kb/HT4276
VUPEN
http://www.vupen.com/english/advisories/2010/1945
Secunia
http://secunia.com/advisories/40664/
Securityfocus
http://www.securityfocus.com/bid/41884
http://www.securityfocus.com/bid/42034
http://www.securityfocus.com/bid/42035
http://www.securityfocus.com/bid/42036
http://www.securityfocus.com/bid/42037
http://www.securityfocus.com/bid/42038
http://www.securityfocus.com/bid/42039
http://www.securityfocus.com/bid/42041
http://www.securityfocus.com/bid/42042
http://www.securityfocus.com/bid/42043
http://www.securityfocus.com/bid/42044
http://www.securityfocus.com/bid/42045
http://www.securityfocus.com/bid/42046
http://www.securityfocus.com/bid/42048
http://www.securityfocus.com/bid/42049
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1796
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTFgPqPOB+SpikaiRAQKYOAP9GWTLn3YfrTWSCFWDTHv91OP//iVSnMwD
WOisZYmBAnSIojPhWOP8igcbxKUnFpQtHRzHKes7A+LJ1GRVM0xL3RZOiwTeYS6+
rdqAXioFOqAvzVqoY4kJ2gR3zS6ypdyFhdVfcyiz8QO1LlO+Hl9PHl9w0sh2bJvi
V/J36UzRA5k=
=4SAF
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10084
Data : 3 Agosto 2010
Titolo : Vulnerabilita' multiple in Apple Safari
******************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Safari, che
potrebbero essere sfruttate da un attaccante remoto per ottenere
informazioni sensibili, condurre attacchi per compromettere un
sistema vulnerabile e bypassare le restrizioni di sicurezza.
Per una descrizione completa delle vulnerabilita' fare riferimento
alla segnalazione ufficiale di Apple.
:: Software interessato
Apple Safari versioni precedenti alla 5.0.1
Apple Safari versioni precedenti alla 4.1.1
:: Impatto
Security Bypass
Accesso al sistema
Esposizione di informazioni sensibili
:: Soluzioni
Aggiornare Apple Safari alla versione 5.0.1 e 4.1.1 :
http://support.apple.com/downloads/
http://www.apple.com/download/
:: Riferimenti
Security Update Apple Safari 4.0.5
http://support.apple.com/kb/HT4276
VUPEN
http://www.vupen.com/english/advisories/2010/1945
Secunia
http://secunia.com/advisories/40664/
Securityfocus
http://www.securityfocus.com/bid/41884
http://www.securityfocus.com/bid/42034
http://www.securityfocus.com/bid/42035
http://www.securityfocus.com/bid/42036
http://www.securityfocus.com/bid/42037
http://www.securityfocus.com/bid/42038
http://www.securityfocus.com/bid/42039
http://www.securityfocus.com/bid/42041
http://www.securityfocus.com/bid/42042
http://www.securityfocus.com/bid/42043
http://www.securityfocus.com/bid/42044
http://www.securityfocus.com/bid/42045
http://www.securityfocus.com/bid/42046
http://www.securityfocus.com/bid/42048
http://www.securityfocus.com/bid/42049
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1787
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1789
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1790
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1792
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1793
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1796
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTFgPqPOB+SpikaiRAQKYOAP9GWTLn3YfrTWSCFWDTHv91OP//iVSnMwD
WOisZYmBAnSIojPhWOP8igcbxKUnFpQtHRzHKes7A+LJ1GRVM0xL3RZOiwTeYS6+
rdqAXioFOqAvzVqoY4kJ2gR3zS6ypdyFhdVfcyiz8QO1LlO+Hl9PHl9w0sh2bJvi
V/J36UzRA5k=
=4SAF
-----END PGP SIGNATURE-----