Alert GCSA-22106 - Adobe Security Bulletin - Settembre 2022

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256





******************************************************************

Alert ID: GCSA-22106
Data: 14 Settembre 2022
Titolo: Adobe Security Bulletin - Settembre 2022

******************************************************************


:: Descrizione del problema

Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:

APSB22-40 : Security update available for Adobe Experience Manager
APSB22-49 : Security update available for Adobe Bridge
APSB22-50 : Security update available for Adobe InDesign
APSB22-52 : Security update available for Adobe Photoshop
APSB22-53 : Security update available for Adobe InCopy
APSB22-54 : Security update available for Adobe Animate
APSB22-55 : Security update available for Adobe Illustrator

Maggiori informazioni sono disponibili alla sezione "Riferimenti".


:: Software interessato


Adobe Experience Manager 6.5.13.0 e AEM Cloud Service (CS)
Adobe Bridge 12.0.2 e versioni precedenti per Windows e macOS
Adobe Bridge 11.1.3 e versioni precedenti per Windows e macOS
Adobe InDesign 17.3 e versioni precedenti per Windows e macOS
Adobe InDesign 16.4.2 e versioni precedenti per Windows e macOS
Adobe Photoshop 2021 22.5.8 e versioni precedenti per Windows e macOS
Adobe Photoshop 2022 23.4.2 e versioni precedenti per Windows e macOS
Adobe InCopy 17.3 e versioni precedenti per Windows e macOS
Adobe InCopy 16.4.2 e versioni precedenti per Windows e macOS
Adobe Animate 2021 21.0.11 e versioni precedenti per Windows e macOS
Adobe Animate 2022 22.0.7 e versioni precedenti per Windows e macOS
Adobe Illustrator 2022 26.4 e versioni precedenti per Windows e macOS
Adobe Illustrator 2022 25.4.7 e versioni precedenti per Windows e macOS


:: Impatto

Remote Code Execution (RCE)
Memory leak
File system read


:: Soluzioni

Aggiornare i software alle ultime versioni


:: Riferimenti

Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html
https://helpx.adobe.com/security/products/bridge/apsb22-49.html
https://helpx.adobe.com/security/products/indesign/apsb22-50.html
https://helpx.adobe.com/security/products/photoshop/apsb22-52.html
https://helpx.adobe.com/security/products/incopy/apsb22-53.html
https://helpx.adobe.com/security/products/animate/apsb22-54.html
https://helpx.adobe.com/security/products/illustrator/apsb22-55.html

CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-adobe-al02-220914-csirt-ita

CIS - Center for Internet Security
https://www.cisecurity.org/advisory/ms-isac-cybersecurity-advisory---multiple-vulnerabilities-in-adobe-products-could-allow-for-arbitrary-code-execution_2022-114

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28851
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30671
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30672
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30674
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30677
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30680
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30681
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30682
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30682
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30683
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30684
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30685
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30686
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34218
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35664
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35699
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35701
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35702
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35703
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35705
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35706
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35707
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38401
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38409
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38427
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38429
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38430
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38431
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38432
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38433
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38434




GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEAREIAAYFAmMhorYACgkQwZxMk2USYEIpowCfTRRjknaPyGKCACL8OuVlQJkf
34MAnjRHG9GnDphKTo73uRiHGwbvu9xG
=NeiQ
-----END PGP SIGNATURE-----