Alert GCSA-10030 - Vulnerabilita' multiple in Apple Safari
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10030
Data : 15 marzo 2010
Titolo : Vulnerabilita' multiple in Apple Safari
******************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Safari, che
potrebbero essere sfruttate da un attaccante remoto per ottenere
informazioni sensibili, condurre attacchi per compromettere un
sistema vulnerabile e bypassare le restrizioni di sicurezza.
Per una descrizione completa delle vulnerabilita' fare riferimento
alla segnalazione ufficiale di Apple.
:: Software interessato
Apple Safari versioni precedenti alla 4.0.5
:: Impatto
Security Bypass
Accesso al sistema
Esposizione di informazioni sensibili
:: Soluzioni
Aggiornare Apple Safari alla versione 4.0.5 :
http://support.apple.com/downloads/
:: Riferimenti
Security Update Apple Safari 4.0.5
http://support.apple.com/kb/HT4070
VUPEN
http://www.vupen.com/english/advisories/2010/0599
Secunia
http://secunia.com/advisories/38932/
Securityfocus
http://www.securityfocus.com/bid/35451
http://www.securityfocus.com/bid/38674
http://www.securityfocus.com/bid/38676
http://www.securityfocus.com/bid/38677
http://www.securityfocus.com/bid/38673
http://www.securityfocus.com/bid/38675
http://www.securityfocus.com/bid/38683
http://www.securityfocus.com/bid/38684
http://www.securityfocus.com/bid/38687
http://www.securityfocus.com/bid/38688
http://www.securityfocus.com/bid/38689
http://www.securityfocus.com/bid/38685
http://www.securityfocus.com/bid/38692
http://www.securityfocus.com/bid/38686
http://www.securityfocus.com/bid/38690
http://www.securityfocus.com/bid/38691
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
-----BEGIN PGP SIGNATURE-----
iQCVAwUBS54Nx/OB+SpikaiRAQKA6QP+OkRjE/AXNvbPbwLSyLsgzUA1tgnSZ/k2
y38iT+iGPpKimCJaCB6tEN/ZdTKhN6dVCq6yxVjocyNPTaaoRLCmOwJJza/mPqZj
h0V20zX4GYM36HtX5yuiBxGGA66aUe/8Lj8cp0fyBBqae54FE3eZFcIIq4CcmWtj
YR0veDv8ekI=
=TpDB
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10030
Data : 15 marzo 2010
Titolo : Vulnerabilita' multiple in Apple Safari
******************************************************************
:: Descrizione del problema
Sono state identificate varie vulnerabilita' in Apple Safari, che
potrebbero essere sfruttate da un attaccante remoto per ottenere
informazioni sensibili, condurre attacchi per compromettere un
sistema vulnerabile e bypassare le restrizioni di sicurezza.
Per una descrizione completa delle vulnerabilita' fare riferimento
alla segnalazione ufficiale di Apple.
:: Software interessato
Apple Safari versioni precedenti alla 4.0.5
:: Impatto
Security Bypass
Accesso al sistema
Esposizione di informazioni sensibili
:: Soluzioni
Aggiornare Apple Safari alla versione 4.0.5 :
http://support.apple.com/downloads/
:: Riferimenti
Security Update Apple Safari 4.0.5
http://support.apple.com/kb/HT4070
VUPEN
http://www.vupen.com/english/advisories/2010/0599
Secunia
http://secunia.com/advisories/38932/
Securityfocus
http://www.securityfocus.com/bid/35451
http://www.securityfocus.com/bid/38674
http://www.securityfocus.com/bid/38676
http://www.securityfocus.com/bid/38677
http://www.securityfocus.com/bid/38673
http://www.securityfocus.com/bid/38675
http://www.securityfocus.com/bid/38683
http://www.securityfocus.com/bid/38684
http://www.securityfocus.com/bid/38687
http://www.securityfocus.com/bid/38688
http://www.securityfocus.com/bid/38689
http://www.securityfocus.com/bid/38685
http://www.securityfocus.com/bid/38692
http://www.securityfocus.com/bid/38686
http://www.securityfocus.com/bid/38690
http://www.securityfocus.com/bid/38691
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0054
-----BEGIN PGP SIGNATURE-----
iQCVAwUBS54Nx/OB+SpikaiRAQKA6QP+OkRjE/AXNvbPbwLSyLsgzUA1tgnSZ/k2
y38iT+iGPpKimCJaCB6tEN/ZdTKhN6dVCq6yxVjocyNPTaaoRLCmOwJJza/mPqZj
h0V20zX4GYM36HtX5yuiBxGGA66aUe/8Lj8cp0fyBBqae54FE3eZFcIIq4CcmWtj
YR0veDv8ekI=
=TpDB
-----END PGP SIGNATURE-----