Alert GCSA-08127 - Vulnerabilita' nei prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-08127
Data : 17 dicembre 2008
Titolo : Vulnerabilita' nei prodotti Mozilla
*****************************************************************************
:: Descrizione del problema
Mozilla ha pubblicato un security advisory relativo a varie vulnerabilita'
presenti nei prodotti Firefox, Thunderbird e SeaMonkey.
:: Piattaforme e Software interessati
Firefox 3.0.4 e precedenti
Firefox 2.0.0.18 e precedenti
Thunderbird 2.0.0.18 e precedenti
SeaMonkey 1.1.13 e precedenti
:: Impatto
Esecuzione remota di codice arbitrario
Bypass dei controlli di sicurezza
Compromissione del sistema
Esposizione di informazioni sensibili
:: Soluzione
Aggiornare Firefox alla versione 3.0.5
http://www.mozilla.com/en-US/firefox/all.html
http://www.mozilla.com/en-US/firefox/
Aggiornare Firefox alla versione 2.0.0.19
http://www.mozilla.com/en-US/firefox/all-older.html
Aggiornare a Thunderbird 2.0.0.19 (non ancora disponibile)
http://www.mozilla.com/en-US/thunderbird/
Aggiornare SeaMonkey alla versione 1.1.14
http://www.seamonkey-project.org/releases/
:: Riferimenti
Known Vulnerabilities in Mozilla Products
http://www.mozilla.org/security/known-vulnerabilities/
Mozilla Foundation Security Advisories
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/announce/2008/mfsa2008-69.html
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
http://www.mozilla.org/security/announce/2008/mfsa2008-62.html
http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5502
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/32882
Secunia
http://secunia.com/advisories/33205/
http://secunia.com/advisories/33204/
http://secunia.com/advisories/33203/
http://secunia.com/advisories/33184/
Red Hat
http://rhn.redhat.com/errata/RHSA-2008-1036.html
http://rhn.redhat.com/errata/RHSA-2008-1037.html
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSUjgf/OB+SpikaiRAQJHVQP9EFpmHGp2/P1yDVefcb+a6rRocDJ+TnZf
s9o0bkVHgjRyQEq3ZPQ5hzSQdrIkxzjnGOqFOKxp66Hn1eoq4c1SMkZhD83z7e9o
hc9dPZdETrNBIN1sANNdQ+ncJNY63+krmUpC12KadJ3JHkNRjnDJ+/Et0kubWIIg
dET8KMEbLdY=
=OCME
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-08127
Data : 17 dicembre 2008
Titolo : Vulnerabilita' nei prodotti Mozilla
*****************************************************************************
:: Descrizione del problema
Mozilla ha pubblicato un security advisory relativo a varie vulnerabilita'
presenti nei prodotti Firefox, Thunderbird e SeaMonkey.
:: Piattaforme e Software interessati
Firefox 3.0.4 e precedenti
Firefox 2.0.0.18 e precedenti
Thunderbird 2.0.0.18 e precedenti
SeaMonkey 1.1.13 e precedenti
:: Impatto
Esecuzione remota di codice arbitrario
Bypass dei controlli di sicurezza
Compromissione del sistema
Esposizione di informazioni sensibili
:: Soluzione
Aggiornare Firefox alla versione 3.0.5
http://www.mozilla.com/en-US/firefox/all.html
http://www.mozilla.com/en-US/firefox/
Aggiornare Firefox alla versione 2.0.0.19
http://www.mozilla.com/en-US/firefox/all-older.html
Aggiornare a Thunderbird 2.0.0.19 (non ancora disponibile)
http://www.mozilla.com/en-US/thunderbird/
Aggiornare SeaMonkey alla versione 1.1.14
http://www.seamonkey-project.org/releases/
:: Riferimenti
Known Vulnerabilities in Mozilla Products
http://www.mozilla.org/security/known-vulnerabilities/
Mozilla Foundation Security Advisories
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/announce/2008/mfsa2008-69.html
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
http://www.mozilla.org/security/announce/2008/mfsa2008-62.html
http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5502
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/32882
Secunia
http://secunia.com/advisories/33205/
http://secunia.com/advisories/33204/
http://secunia.com/advisories/33203/
http://secunia.com/advisories/33184/
Red Hat
http://rhn.redhat.com/errata/RHSA-2008-1036.html
http://rhn.redhat.com/errata/RHSA-2008-1037.html
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSUjgf/OB+SpikaiRAQJHVQP9EFpmHGp2/P1yDVefcb+a6rRocDJ+TnZf
s9o0bkVHgjRyQEq3ZPQ5hzSQdrIkxzjnGOqFOKxp66Hn1eoq4c1SMkZhD83z7e9o
hc9dPZdETrNBIN1sANNdQ+ncJNY63+krmUpC12KadJ3JHkNRjnDJ+/Et0kubWIIg
dET8KMEbLdY=
=OCME
-----END PGP SIGNATURE-----