Alert GCSA-13040 - Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-13040
Data: 28 giugno 2013
Titolo: Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
Firefox e Thunderbird che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali
per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 22
Thunderbird versioni precedenti alla 17.0.7
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Security Bypass
Cross Site Scripting
Spoofing
Esposizione di dati sensibili
Denial of service
:: Soluzioni
Aggiornare Firefox alla versione 22
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 17.0.7
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/en-US/firefox/22.0/releasenotes/
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/security/announce/2013/mfsa2013-62.html
http://www.mozilla.org/security/announce/2013/mfsa2013-61.html
http://www.mozilla.org/security/announce/2013/mfsa2013-60.html
http://www.mozilla.org/security/announce/2013/mfsa2013-59.html
http://www.mozilla.org/security/announce/2013/mfsa2013-58.html
http://www.mozilla.org/security/announce/2013/mfsa2013-57.html
http://www.mozilla.org/security/announce/2013/mfsa2013-56.html
http://www.mozilla.org/security/announce/2013/mfsa2013-55.html
http://www.mozilla.org/security/announce/2013/mfsa2013-54.html
http://www.mozilla.org/security/announce/2013/mfsa2013-53.html
http://www.mozilla.org/security/announce/2013/mfsa2013-52.html
http://www.mozilla.org/security/announce/2013/mfsa2013-51.html
http://www.mozilla.org/security/announce/2013/mfsa2013-50.html
http://www.mozilla.org/security/announce/2013/mfsa2013-49.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1683
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1694
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1696
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1699
Red Hat Security Advisory
https://rhn.redhat.com/errata/RHSA-2013-0981.html
https://rhn.redhat.com/errata/RHSA-2013-0982.html
Ubuntu
http://www.ubuntu.com/usn/usn-1890-1
http://www.ubuntu.com/usn/usn-1891-1
Debian
http://www.debian.org/security/2013/dsa-2716
Mandriva
http://www.mandriva.com/en/support/security/advisories/mes5/MDVSA-2013:179/
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFRzadbwZxMk2USYEIRAu1mAJ9hdiaE/hn5HcjdKBogMfh9XDQuvACfXIDU
T0i/pwzK/C+BTbHCC7AjF0c=
=pSuK
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-13040
Data: 28 giugno 2013
Titolo: Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
Firefox e Thunderbird che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali
per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 22
Thunderbird versioni precedenti alla 17.0.7
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Security Bypass
Cross Site Scripting
Spoofing
Esposizione di dati sensibili
Denial of service
:: Soluzioni
Aggiornare Firefox alla versione 22
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 17.0.7
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/en-US/firefox/22.0/releasenotes/
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/security/announce/2013/mfsa2013-62.html
http://www.mozilla.org/security/announce/2013/mfsa2013-61.html
http://www.mozilla.org/security/announce/2013/mfsa2013-60.html
http://www.mozilla.org/security/announce/2013/mfsa2013-59.html
http://www.mozilla.org/security/announce/2013/mfsa2013-58.html
http://www.mozilla.org/security/announce/2013/mfsa2013-57.html
http://www.mozilla.org/security/announce/2013/mfsa2013-56.html
http://www.mozilla.org/security/announce/2013/mfsa2013-55.html
http://www.mozilla.org/security/announce/2013/mfsa2013-54.html
http://www.mozilla.org/security/announce/2013/mfsa2013-53.html
http://www.mozilla.org/security/announce/2013/mfsa2013-52.html
http://www.mozilla.org/security/announce/2013/mfsa2013-51.html
http://www.mozilla.org/security/announce/2013/mfsa2013-50.html
http://www.mozilla.org/security/announce/2013/mfsa2013-49.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1682
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1683
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1684
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1688
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1692
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1693
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1694
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1696
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1699
Red Hat Security Advisory
https://rhn.redhat.com/errata/RHSA-2013-0981.html
https://rhn.redhat.com/errata/RHSA-2013-0982.html
Ubuntu
http://www.ubuntu.com/usn/usn-1890-1
http://www.ubuntu.com/usn/usn-1891-1
Debian
http://www.debian.org/security/2013/dsa-2716
Mandriva
http://www.mandriva.com/en/support/security/advisories/mes5/MDVSA-2013:179/
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFRzadbwZxMk2USYEIRAu1mAJ9hdiaE/hn5HcjdKBogMfh9XDQuvACfXIDU
T0i/pwzK/C+BTbHCC7AjF0c=
=pSuK
-----END PGP SIGNATURE-----