Alert GCSA-13045 - Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird, seamonkey)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-13045
Data: 08 agosto 2013
Titolo: Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird, seamonkey)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
Firefox, Thunderbird e Seamonkey che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali
per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 23.0
Thunderbird versioni precedenti alla 17.0.8
Seamonkey versioni precedenti alla 2.20
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Security Bypass
Cross Site Scripting
Spoofing
Esposizione di dati sensibili
Denial of service
:: Soluzioni
Aggiornare Firefox alla versione 23
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 17.0.8
http://www.mozilla.org/it/thunderbird/
Aggiornare Seamonkey alla versione 2.20
http://www.seamonkey-project.org/releases/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/en-US/firefox/23.0/releasenotes/
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html
http://www.mozilla.org/security/announce/2013/mfsa2013-63.html
http://www.mozilla.org/security/announce/2013/mfsa2013-64.html
http://www.mozilla.org/security/announce/2013/mfsa2013-65.html
http://www.mozilla.org/security/announce/2013/mfsa2013-66.html
http://www.mozilla.org/security/announce/2013/mfsa2013-67.html
http://www.mozilla.org/security/announce/2013/mfsa2013-68.html
http://www.mozilla.org/security/announce/2013/mfsa2013-69.html
http://www.mozilla.org/security/announce/2013/mfsa2013-70.html
http://www.mozilla.org/security/announce/2013/mfsa2013-71.html
http://www.mozilla.org/security/announce/2013/mfsa2013-72.html
http://www.mozilla.org/security/announce/2013/mfsa2013-73.html
http://www.mozilla.org/security/announce/2013/mfsa2013-74.html
http://www.mozilla.org/security/announce/2013/mfsa2013-75.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1701
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1706
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1708
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1714
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1717
Red Hat Security Advisory
http://rhn.redhat.com/errata/RHSA-2013-1140.html
http://rhn.redhat.com/errata/RHSA-2013-1142.html
Ubuntu
http://www.ubuntu.com/usn/usn-1924-1/
http://www.ubuntu.com/usn/usn-1924-2/
http://www.ubuntu.com/usn/usn-1925-1/
Mandriva
http://www.mandriva.com/en/support/security/advisories/mes5/MDVSA-2013:210/
Slackware
http://www.slackware.com/security/list.php?l=slackware-security&y=2013
SecurityFocus
http://www.securityfocus.com/bid/61641
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFSA8FLwZxMk2USYEIRAtffAKDXIuCp5FWBgpm7127yUqL3zMPdfgCghM0E
j4B3xV7OVHK6Q6upop5n4Yw=
=ojZN
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-13045
Data: 08 agosto 2013
Titolo: Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird, seamonkey)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
Firefox, Thunderbird e Seamonkey che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali
per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 23.0
Thunderbird versioni precedenti alla 17.0.8
Seamonkey versioni precedenti alla 2.20
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Security Bypass
Cross Site Scripting
Spoofing
Esposizione di dati sensibili
Denial of service
:: Soluzioni
Aggiornare Firefox alla versione 23
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 17.0.8
http://www.mozilla.org/it/thunderbird/
Aggiornare Seamonkey alla versione 2.20
http://www.seamonkey-project.org/releases/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/en-US/firefox/23.0/releasenotes/
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbirdESR.html
http://www.mozilla.org/security/announce/2013/mfsa2013-63.html
http://www.mozilla.org/security/announce/2013/mfsa2013-64.html
http://www.mozilla.org/security/announce/2013/mfsa2013-65.html
http://www.mozilla.org/security/announce/2013/mfsa2013-66.html
http://www.mozilla.org/security/announce/2013/mfsa2013-67.html
http://www.mozilla.org/security/announce/2013/mfsa2013-68.html
http://www.mozilla.org/security/announce/2013/mfsa2013-69.html
http://www.mozilla.org/security/announce/2013/mfsa2013-70.html
http://www.mozilla.org/security/announce/2013/mfsa2013-71.html
http://www.mozilla.org/security/announce/2013/mfsa2013-72.html
http://www.mozilla.org/security/announce/2013/mfsa2013-73.html
http://www.mozilla.org/security/announce/2013/mfsa2013-74.html
http://www.mozilla.org/security/announce/2013/mfsa2013-75.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1701
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1706
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1707
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1708
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1709
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1712
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1713
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1714
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1717
Red Hat Security Advisory
http://rhn.redhat.com/errata/RHSA-2013-1140.html
http://rhn.redhat.com/errata/RHSA-2013-1142.html
Ubuntu
http://www.ubuntu.com/usn/usn-1924-1/
http://www.ubuntu.com/usn/usn-1924-2/
http://www.ubuntu.com/usn/usn-1925-1/
Mandriva
http://www.mandriva.com/en/support/security/advisories/mes5/MDVSA-2013:210/
Slackware
http://www.slackware.com/security/list.php?l=slackware-security&y=2013
SecurityFocus
http://www.securityfocus.com/bid/61641
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFSA8FLwZxMk2USYEIRAtffAKDXIuCp5FWBgpm7127yUqL3zMPdfgCghM0E
j4B3xV7OVHK6Q6upop5n4Yw=
=ojZN
-----END PGP SIGNATURE-----