Alert GCSA-17008 - Vulnerabilità multiple in Mozilla Firefox
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17008
Data: 27 Gennaio 2017
Titolo: Vulnerabilità multiple in Mozilla Firefox
**********************************************************************
:: Descrizione del problema
Sono state riscontrate varie vulnerabilità in Mozilla Firefox
sfruttando le quali un utente remoto può eseguire codice arbitrario
sul sistema utente che ne sia affetto.
Per una descrizione completa delle vulnerabilità consultare
le segnalazioni ufficiali.
:: Software interessato
Mozilla Firefox e Firefox ESR versioni precedenti la 51.0, 45.7
:: Impatto
Spoofing di URL
Accesso ad informazioni sensibili
By-pass delle restrizioni di sicurezza
Esecuzione di codice arbitrario
:: Soluzioni
Aggiornare alle versioni:
Mozilla Firefox 51.0
Mozilla Firefox ESR 45.7
:: Riferimenti
Mozilla Foundation Security Advisories
https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/
Security Tracker
http://www.securitytracker.com/id/1037693
http://www.securitytracker.com/id/1037695
http://www.securitytracker.com/id/1037700
http://www.securitytracker.com/id/1037721
Security Focus
http://www.securityfocus.com/bid/95769
http://www.securityfocus.com/bid/95758
http://www.securityfocus.com/bid/95757
http://www.securityfocus.com/bid/95762
http://www.securityfocus.com/bid/95763
http://www.securityfocus.com/bid/95761
http://www.securityfocus.com/bid/95759
http://www.securityfocus.com/bid/94884
http://www.securityfocus.com/bid/94341
http://www.securityfocus.com/bid/94885
http://www.securityfocus.com/bid/92260
http://www.securityfocus.com/bid/94335
http://www.securityfocus.com/bid/94339
http://www.securityfocus.com/bid/94336
http://www.securityfocus.com/bid/94591
http://www.securityfocus.com/bid/93049
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAliLMQYACgkQwZxMk2USYELZkACdFPh3WBCYinvTJ3Q1rwslg5AO
L/oAn1vB11aOkHvJru4ouNZEneurilgi
=zjPS
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17008
Data: 27 Gennaio 2017
Titolo: Vulnerabilità multiple in Mozilla Firefox
**********************************************************************
:: Descrizione del problema
Sono state riscontrate varie vulnerabilità in Mozilla Firefox
sfruttando le quali un utente remoto può eseguire codice arbitrario
sul sistema utente che ne sia affetto.
Per una descrizione completa delle vulnerabilità consultare
le segnalazioni ufficiali.
:: Software interessato
Mozilla Firefox e Firefox ESR versioni precedenti la 51.0, 45.7
:: Impatto
Spoofing di URL
Accesso ad informazioni sensibili
By-pass delle restrizioni di sicurezza
Esecuzione di codice arbitrario
:: Soluzioni
Aggiornare alle versioni:
Mozilla Firefox 51.0
Mozilla Firefox ESR 45.7
:: Riferimenti
Mozilla Foundation Security Advisories
https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/
Security Tracker
http://www.securitytracker.com/id/1037693
http://www.securitytracker.com/id/1037695
http://www.securitytracker.com/id/1037700
http://www.securitytracker.com/id/1037721
Security Focus
http://www.securityfocus.com/bid/95769
http://www.securityfocus.com/bid/95758
http://www.securityfocus.com/bid/95757
http://www.securityfocus.com/bid/95762
http://www.securityfocus.com/bid/95763
http://www.securityfocus.com/bid/95761
http://www.securityfocus.com/bid/95759
http://www.securityfocus.com/bid/94884
http://www.securityfocus.com/bid/94341
http://www.securityfocus.com/bid/94885
http://www.securityfocus.com/bid/92260
http://www.securityfocus.com/bid/94335
http://www.securityfocus.com/bid/94339
http://www.securityfocus.com/bid/94336
http://www.securityfocus.com/bid/94591
http://www.securityfocus.com/bid/93049
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5374
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5391
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5393
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAliLMQYACgkQwZxMk2USYELZkACdFPh3WBCYinvTJ3Q1rwslg5AO
L/oAn1vB11aOkHvJru4ouNZEneurilgi
=zjPS
-----END PGP SIGNATURE-----