Alert GCSA-11020 - Vulnerabilita' multiple nei prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11020
Data : 3 Marzo 2011
Titolo : Vulnerabilita' multiple nei prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state individuate varie vulnerabilita' nei prodotti Mozilla
Firefox, Thunderbird e SeaMonkey che se sfruttate potrebbero
permettere ad un attaccante remoto di manipolare e divulgare
informazioni, scavalcare le restrizioni di sicurezza o compromettere
un sistema vulnerabile.
:: Software interessato
Mozilla Firefox versioni precedenti alla 3.6.14
Mozilla Firefox versioni precedenti alla 3.5.17
Mozilla Thunderbird versioni precedenti alla 3.1.8
Mozilla SeaMonkey versioni precedenti alla 2.0.12
:: Impatto
Esecuzione remota di codice arbitrario
Security Bypass
:: Soluzioni
Aggiornare Mozilla Firefox alle versioni 3.6.14 o 3.5.17:
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 3.1.8 :
http://www.mozilla.com/thunderbird
Aggiornare Mozilla SeaMonkey alla versione 2.0.12 :
http://www.mozilla.org/projects/seamonkey/
:: Riferimenti
Mozilla Foundation Security Advisory
http://www.mozilla.org/security/announce/2011/mfsa2011-10.html
http://www.mozilla.org/security/announce/2011/mfsa2011-09.html
http://www.mozilla.org/security/announce/2011/mfsa2011-08.html
http://www.mozilla.org/security/announce/2011/mfsa2011-07.html
http://www.mozilla.org/security/announce/2011/mfsa2011-06.html
http://www.mozilla.org/security/announce/2011/mfsa2011-05.html
http://www.mozilla.org/security/announce/2011/mfsa2011-04.html
http://www.mozilla.org/security/announce/2011/mfsa2011-03.html
http://www.mozilla.org/security/announce/2011/mfsa2011-02.html
http://www.mozilla.org/security/announce/2011/mfsa2011-01.html
VUPEN
http://www.vupen.com/english/advisories/2011/0531
Secunia
http://secunia.com/advisories/43550
Securityfocus
http://www.securityfocus.com/bid/46368
http://www.securityfocus.com/bid/46651
http://www.securityfocus.com/bid/46647
http://www.securityfocus.com/bid/46645
http://www.securityfocus.com/bid/41174
http://www.securityfocus.com/bid/46650
http://www.securityfocus.com/bid/46643
http://www.securityfocus.com/bid/46648
http://www.securityfocus.com/bid/46652
http://www.securityfocus.com/bid/46660
http://www.securityfocus.com/bid/46661
http://www.securityfocus.com/bid/46663
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0055
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0057
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0062
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTW9zGfOB+SpikaiRAQIKLQQAogWK23O8M0lt8XeOco+QwqXTJKpKIpFZ
ZbpaG5QC5Xb1nXUMLfAggyvKoNjLpQtnuDV6ANj9hl75bhX2nI7fsm+McfZs+CwU
d5+sVezy0IucP4OuSnEvJ/HOfchQZ14yin2OBpGqgz/ZF5yhcEmiTYxQdoh+Tvzt
0EHH9Un+psU=
=wFvG
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11020
Data : 3 Marzo 2011
Titolo : Vulnerabilita' multiple nei prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state individuate varie vulnerabilita' nei prodotti Mozilla
Firefox, Thunderbird e SeaMonkey che se sfruttate potrebbero
permettere ad un attaccante remoto di manipolare e divulgare
informazioni, scavalcare le restrizioni di sicurezza o compromettere
un sistema vulnerabile.
:: Software interessato
Mozilla Firefox versioni precedenti alla 3.6.14
Mozilla Firefox versioni precedenti alla 3.5.17
Mozilla Thunderbird versioni precedenti alla 3.1.8
Mozilla SeaMonkey versioni precedenti alla 2.0.12
:: Impatto
Esecuzione remota di codice arbitrario
Security Bypass
:: Soluzioni
Aggiornare Mozilla Firefox alle versioni 3.6.14 o 3.5.17:
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 3.1.8 :
http://www.mozilla.com/thunderbird
Aggiornare Mozilla SeaMonkey alla versione 2.0.12 :
http://www.mozilla.org/projects/seamonkey/
:: Riferimenti
Mozilla Foundation Security Advisory
http://www.mozilla.org/security/announce/2011/mfsa2011-10.html
http://www.mozilla.org/security/announce/2011/mfsa2011-09.html
http://www.mozilla.org/security/announce/2011/mfsa2011-08.html
http://www.mozilla.org/security/announce/2011/mfsa2011-07.html
http://www.mozilla.org/security/announce/2011/mfsa2011-06.html
http://www.mozilla.org/security/announce/2011/mfsa2011-05.html
http://www.mozilla.org/security/announce/2011/mfsa2011-04.html
http://www.mozilla.org/security/announce/2011/mfsa2011-03.html
http://www.mozilla.org/security/announce/2011/mfsa2011-02.html
http://www.mozilla.org/security/announce/2011/mfsa2011-01.html
VUPEN
http://www.vupen.com/english/advisories/2011/0531
Secunia
http://secunia.com/advisories/43550
Securityfocus
http://www.securityfocus.com/bid/46368
http://www.securityfocus.com/bid/46651
http://www.securityfocus.com/bid/46647
http://www.securityfocus.com/bid/46645
http://www.securityfocus.com/bid/41174
http://www.securityfocus.com/bid/46650
http://www.securityfocus.com/bid/46643
http://www.securityfocus.com/bid/46648
http://www.securityfocus.com/bid/46652
http://www.securityfocus.com/bid/46660
http://www.securityfocus.com/bid/46661
http://www.securityfocus.com/bid/46663
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0055
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0057
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0062
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTW9zGfOB+SpikaiRAQIKLQQAogWK23O8M0lt8XeOco+QwqXTJKpKIpFZ
ZbpaG5QC5Xb1nXUMLfAggyvKoNjLpQtnuDV6ANj9hl75bhX2nI7fsm+McfZs+CwU
d5+sVezy0IucP4OuSnEvJ/HOfchQZ14yin2OBpGqgz/ZF5yhcEmiTYxQdoh+Tvzt
0EHH9Un+psU=
=wFvG
-----END PGP SIGNATURE-----