Alert GCSA-22088 - Adobe Security Bulletin - Agosto 2022
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-22088
Data: 10 Agosto 2022
Titolo: Adobe Security Bulletin - Agosto 2022
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:
APSB22-38 : Security updates available for Adobe Commerce
APSB22-39 : Security Updates Available for Adobe Acrobat and Reader
APSB22-41 : Security Updates Available for Adobe Illustrator
APSB22-42 : Security Update Available for Adobe FrameMaker
APSB22-43 : Security Update Available for Adobe Premiere Elements
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe Commerce 2.4.3-p2 e versioni precedenti
Magento Open Source 2.4.3-p2 e versioni precedenti
Adobe Acrobat DC e Acrobat Reader DC 22.001.20169 per Windows e macOS e versioni precedenti
Adobe Acrobat e Acrobat Reader 2020 20.005.30362 per Windows e macOS e versioni precedenti
Adobe Acrobat e Acrobat Reader 2017 17.012.30249 per Windows e macOS e versioni precedenti
Adobe Illustrator 2022 26.3.1 per Windows e macOS e versioni precedenti
Adobe Illustrator 2021 25.4.6 per Windows e nacOS e versioni precedenti
Adobe FrameMaker 2019 Release update 8 per Windows e versioni precedenti
Adobe FrameMaker 2020 Release Update 4 per Windows e versioni precedenti
Adobe Premiere Elements 2022 20.0 per Windows e macOS e versioni precedenti
:: Impatto
Remote Code Execution (RCE)
Information Disclosure (ID)
Acquisizione di privilegi piu' elevati (PoE)
Bypass restrizioni di sicurezza
Cross-site Scripting
:: Soluzioni
Aggiornare i software alle ultime versioni
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/products/magento/apsb22-38.html
https://helpx.adobe.com/security/products/acrobat/apsb22-39.html
https://helpx.adobe.com/security/products/illustrator/apsb22-41.html
https://helpx.adobe.com/security/products/framemaker/apsb22-42.html
https://helpx.adobe.com/security/products/premiere_elements/apsb22-43.html
CSIRT Italia
https://www.csirt.gov.it/contenuti/adobe-rilascia-aggiornamenti-per-sanare-diverse-vulnerabilita-al03-220810-csirt-ita
US-CERT
https://www.cisa.gov/uscert/ncas/current-activity/2022/08/09/adobe-releases-security-updates-multiple-products
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34253
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34255
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34256
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34260
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35666
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35667
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35674
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35677
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmLzn0sACgkQwZxMk2USYEL6eQCdFSi90wT49iOzQa/elUAvgljf
qBAAoMcTrZc5wdFLLYiX6C9oJu/HI0N8
=qErp
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-22088
Data: 10 Agosto 2022
Titolo: Adobe Security Bulletin - Agosto 2022
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:
APSB22-38 : Security updates available for Adobe Commerce
APSB22-39 : Security Updates Available for Adobe Acrobat and Reader
APSB22-41 : Security Updates Available for Adobe Illustrator
APSB22-42 : Security Update Available for Adobe FrameMaker
APSB22-43 : Security Update Available for Adobe Premiere Elements
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe Commerce 2.4.3-p2 e versioni precedenti
Magento Open Source 2.4.3-p2 e versioni precedenti
Adobe Acrobat DC e Acrobat Reader DC 22.001.20169 per Windows e macOS e versioni precedenti
Adobe Acrobat e Acrobat Reader 2020 20.005.30362 per Windows e macOS e versioni precedenti
Adobe Acrobat e Acrobat Reader 2017 17.012.30249 per Windows e macOS e versioni precedenti
Adobe Illustrator 2022 26.3.1 per Windows e macOS e versioni precedenti
Adobe Illustrator 2021 25.4.6 per Windows e nacOS e versioni precedenti
Adobe FrameMaker 2019 Release update 8 per Windows e versioni precedenti
Adobe FrameMaker 2020 Release Update 4 per Windows e versioni precedenti
Adobe Premiere Elements 2022 20.0 per Windows e macOS e versioni precedenti
:: Impatto
Remote Code Execution (RCE)
Information Disclosure (ID)
Acquisizione di privilegi piu' elevati (PoE)
Bypass restrizioni di sicurezza
Cross-site Scripting
:: Soluzioni
Aggiornare i software alle ultime versioni
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/products/magento/apsb22-38.html
https://helpx.adobe.com/security/products/acrobat/apsb22-39.html
https://helpx.adobe.com/security/products/illustrator/apsb22-41.html
https://helpx.adobe.com/security/products/framemaker/apsb22-42.html
https://helpx.adobe.com/security/products/premiere_elements/apsb22-43.html
CSIRT Italia
https://www.csirt.gov.it/contenuti/adobe-rilascia-aggiornamenti-per-sanare-diverse-vulnerabilita-al03-220810-csirt-ita
US-CERT
https://www.cisa.gov/uscert/ncas/current-activity/2022/08/09/adobe-releases-security-updates-multiple-products
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34253
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34255
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34256
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34260
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35666
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35667
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35674
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35677
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmLzn0sACgkQwZxMk2USYEL6eQCdFSi90wT49iOzQa/elUAvgljf
qBAAoMcTrZc5wdFLLYiX6C9oJu/HI0N8
=qErp
-----END PGP SIGNATURE-----