Alert GCSA-08093 - Vulnerabilita' in Mozilla Firefox 3.x
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-08093
Data : 25 settembre 2008
Titolo : Vulnerabilita' in Mozilla Firefox 3.x
*****************************************************************************
:: Descrizione del problema
Mozilla ha pubblicato un security advisory relativo
ad alcune vulnerabilita' presenti nel browser Firefox.
:: Piattaforme e Software interessati
Firefox versioni precedenti alla 3.0.2
:: Impatto
Security restrictions bypass
Exposure of system information
Exposure of sensitive information
System access
DoS
:: Soluzione
Aggiornare Firefox alla versione 3.0.2
http://www.mozilla.com/en-US/firefox/all.html
http://www.mozilla.com/en-US/firefox/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
http://www.mozilla.org/security/announce/2008/mfsa2008-40.html
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html
http://www.mozilla.org/security/announce/2008/mfsa2008-44.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4068
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/31346
Secunia
http://secunia.com/advisories/32011/
FrSIRT
http://www.frsirt.com/english/advisories/2008/2661
Red Hat
https://rhn.redhat.com/errata/RHSA-2008-0879.html
Ubuntu
http://www.ubuntu.com/usn/usn-645-1
http://www.ubuntu.com/usn/usn-645-2
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSNtqMvOB+SpikaiRAQJA1QP+L6dDHwSjykiLXOfGoRCl1tAfi9YQ/saP
pFDKBaVQ7CeLsHnDpljeB//FWlYoYDcoKhz3hgqqX3HYn6ui8nHaG1NTzARWG7R0
VQoCkRId/1PvBz3sopD97rUTOTMsLMWFibtlf5KbQAD/vzOLF+wKAgHHP/6K8bRQ
GqO1BHqpDuE=
=O7E0
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-08093
Data : 25 settembre 2008
Titolo : Vulnerabilita' in Mozilla Firefox 3.x
*****************************************************************************
:: Descrizione del problema
Mozilla ha pubblicato un security advisory relativo
ad alcune vulnerabilita' presenti nel browser Firefox.
:: Piattaforme e Software interessati
Firefox versioni precedenti alla 3.0.2
:: Impatto
Security restrictions bypass
Exposure of system information
Exposure of sensitive information
System access
DoS
:: Soluzione
Aggiornare Firefox alla versione 3.0.2
http://www.mozilla.com/en-US/firefox/all.html
http://www.mozilla.com/en-US/firefox/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
http://www.mozilla.org/security/announce/2008/mfsa2008-40.html
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html
http://www.mozilla.org/security/announce/2008/mfsa2008-44.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4068
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/31346
Secunia
http://secunia.com/advisories/32011/
FrSIRT
http://www.frsirt.com/english/advisories/2008/2661
Red Hat
https://rhn.redhat.com/errata/RHSA-2008-0879.html
Ubuntu
http://www.ubuntu.com/usn/usn-645-1
http://www.ubuntu.com/usn/usn-645-2
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSNtqMvOB+SpikaiRAQJA1QP+L6dDHwSjykiLXOfGoRCl1tAfi9YQ/saP
pFDKBaVQ7CeLsHnDpljeB//FWlYoYDcoKhz3hgqqX3HYn6ui8nHaG1NTzARWG7R0
VQoCkRId/1PvBz3sopD97rUTOTMsLMWFibtlf5KbQAD/vzOLF+wKAgHHP/6K8bRQ
GqO1BHqpDuE=
=O7E0
-----END PGP SIGNATURE-----