Alert GCSA-12029 - Vulnerabilita' nei prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12029
Data : 7 Giugno 2012
Titolo : Vulnerabilita' nei prodotti Mozilla
******************************************************************
:: Descrizione del problema:
Sono state riscontrate vulnerabilita' multiple nei prodotti
Mozilla Firefox, Thunderbird e Seamonkey che potrebbero essere
sfruttate da attaccanti remoti e locali per accedere al sistema
con privilegi piu' elevati, ottenere informazioni sensibili e
compromettere un sistema che ne sia affetto.
:: Software interessato:
Mozilla SeaMonkey 2.x
Mozilla Firefox 10.x
Mozilla Thunderbird 10.x
Mozilla Firefox 12.x
Mozilla Thunderbird 12.x
:: Impatto:
Accesso al sistema
Acquisizione di privilegi piu' elevati
Rilascio di dati sensibili
Security Bypass
:: Soluzioni:
Aggiornare Mozilla Firefox alla versione 13.0, o 10.0.5
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 13.0 o 10.0.5
http://www.mozilla.org/thunderbird/
Aggiornare Mozilla SeaMonkey alla versione 2.10
http://www.seamonkey-project.org/
:: Riferimenti:
Mozilla Security Advisory
http://www.mozilla.org/security/announce/2012/mfsa2012-34.html
http://www.mozilla.org/security/announce/2012/mfsa2012-35.html
http://www.mozilla.org/security/announce/2012/mfsa2012-36.html
http://www.mozilla.org/security/announce/2012/mfsa2012-37.html
http://www.mozilla.org/security/announce/2012/mfsa2012-38.html
http://www.mozilla.org/security/announce/2012/mfsa2012-39.html
http://www.mozilla.org/security/announce/2012/mfsa2012-40.html
Security Focus
http://www.securityfocus.com/bid/53791
http://www.securityfocus.com/bid/53792
http://www.securityfocus.com/bid/53793
http://www.securityfocus.com/bid/53794
http://www.securityfocus.com/bid/53796
http://www.securityfocus.com/bid/53797
http://www.securityfocus.com/bid/53798
http://www.securityfocus.com/bid/53799
http://www.securityfocus.com/bid/53800
http://www.securityfocus.com/bid/53801
Secunia
http://secunia.com/advisories/49368/
http://secunia.com/advisories/49366/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1944
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1946
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1947
-----BEGIN PGP SIGNATURE-----
iD8DBQFP0Ia+wZxMk2USYEIRAtfsAKCJNWdpkMx2DYw84IbquSBenflq+ACeLQIC
33yTSHccUpDhJ6BEQW1ynrA=
=dNGn
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12029
Data : 7 Giugno 2012
Titolo : Vulnerabilita' nei prodotti Mozilla
******************************************************************
:: Descrizione del problema:
Sono state riscontrate vulnerabilita' multiple nei prodotti
Mozilla Firefox, Thunderbird e Seamonkey che potrebbero essere
sfruttate da attaccanti remoti e locali per accedere al sistema
con privilegi piu' elevati, ottenere informazioni sensibili e
compromettere un sistema che ne sia affetto.
:: Software interessato:
Mozilla SeaMonkey 2.x
Mozilla Firefox 10.x
Mozilla Thunderbird 10.x
Mozilla Firefox 12.x
Mozilla Thunderbird 12.x
:: Impatto:
Accesso al sistema
Acquisizione di privilegi piu' elevati
Rilascio di dati sensibili
Security Bypass
:: Soluzioni:
Aggiornare Mozilla Firefox alla versione 13.0, o 10.0.5
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 13.0 o 10.0.5
http://www.mozilla.org/thunderbird/
Aggiornare Mozilla SeaMonkey alla versione 2.10
http://www.seamonkey-project.org/
:: Riferimenti:
Mozilla Security Advisory
http://www.mozilla.org/security/announce/2012/mfsa2012-34.html
http://www.mozilla.org/security/announce/2012/mfsa2012-35.html
http://www.mozilla.org/security/announce/2012/mfsa2012-36.html
http://www.mozilla.org/security/announce/2012/mfsa2012-37.html
http://www.mozilla.org/security/announce/2012/mfsa2012-38.html
http://www.mozilla.org/security/announce/2012/mfsa2012-39.html
http://www.mozilla.org/security/announce/2012/mfsa2012-40.html
Security Focus
http://www.securityfocus.com/bid/53791
http://www.securityfocus.com/bid/53792
http://www.securityfocus.com/bid/53793
http://www.securityfocus.com/bid/53794
http://www.securityfocus.com/bid/53796
http://www.securityfocus.com/bid/53797
http://www.securityfocus.com/bid/53798
http://www.securityfocus.com/bid/53799
http://www.securityfocus.com/bid/53800
http://www.securityfocus.com/bid/53801
Secunia
http://secunia.com/advisories/49368/
http://secunia.com/advisories/49366/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1938
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1944
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1945
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1946
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1947
-----BEGIN PGP SIGNATURE-----
iD8DBQFP0Ia+wZxMk2USYEIRAtfsAKCJNWdpkMx2DYw84IbquSBenflq+ACeLQIC
33yTSHccUpDhJ6BEQW1ynrA=
=dNGn
-----END PGP SIGNATURE-----