Alert GCSA-25116 - Aggiornamento di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25116
Data: 15 Ottobre 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR
del client di posta Thunderbird con le quali risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 144
Firefox ESR versioni precedenti alla 115.29
Firefox ESR versioni precedenti alla 140.4
Thunderbird versioni precedenti alla 144
Thunderbird versioni precedenti alla 140.4
:: Impatto
Information Disclosure
Data Manipulation
Security Restriction Bypass
Remote Code Execution
Spoofing
Denial of Service
:: Soluzioni
Aggiornare Firefox all'ultima versione:
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione:
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-81/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-82/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-83/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-84/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-85/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11720
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11721
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaO9muA0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCXtYAn3bg/+ZDkIvbsZV2Ph4ARz59vfeZAJ95EKup5MMk
OI4hQ2CJsYt5wNrzXw==
=P/vp
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25116
Data: 15 Ottobre 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR
del client di posta Thunderbird con le quali risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 144
Firefox ESR versioni precedenti alla 115.29
Firefox ESR versioni precedenti alla 140.4
Thunderbird versioni precedenti alla 144
Thunderbird versioni precedenti alla 140.4
:: Impatto
Information Disclosure
Data Manipulation
Security Restriction Bypass
Remote Code Execution
Spoofing
Denial of Service
:: Soluzioni
Aggiornare Firefox all'ultima versione:
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione:
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-81/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-82/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-83/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-84/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-85/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11713
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11717
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11719
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11720
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11721
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaO9muA0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCXtYAn3bg/+ZDkIvbsZV2Ph4ARz59vfeZAJ95EKup5MMk
OI4hQ2CJsYt5wNrzXw==
=P/vp
-----END PGP SIGNATURE-----