Alert GCSA-16039 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************
Alert ID : GCSA-16039
Data : 08 Settembre 2016
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve
alcune vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla sezione
'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 53.0.2785.89 per Windows e Mac, alla
53.0.2785.92 per Linux
:: Impatto
Esecuzione remota di codice arbitrario
Bypass di restrizioni di sicurezza
URL Spoofing
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non sia
stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-d
esktop_31.html
Security Tracker
http://www.securitytracker.com/id/1036729
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5167
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlfRM/8ACgkQwZxMk2USYEKlWQCgpklVxeZ9XXzSEw+WPyPmZwf8
D1EAoKatBpkfBdvq/Qn7lBWShfY/cTy9
=vvei
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************
Alert ID : GCSA-16039
Data : 08 Settembre 2016
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve
alcune vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla sezione
'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 53.0.2785.89 per Windows e Mac, alla
53.0.2785.92 per Linux
:: Impatto
Esecuzione remota di codice arbitrario
Bypass di restrizioni di sicurezza
URL Spoofing
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non sia
stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-d
esktop_31.html
Security Tracker
http://www.securitytracker.com/id/1036729
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5148
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5150
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5167
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlfRM/8ACgkQwZxMk2USYEKlWQCgpklVxeZ9XXzSEw+WPyPmZwf8
D1EAoKatBpkfBdvq/Qn7lBWShfY/cTy9
=vvei
-----END PGP SIGNATURE-----