Alert GCSA-07104 - Vulnerabilita' nei prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-07104
Data : 22 Ottobre 2007
Titolo : Vulnerabilita' nei prodotti Mozilla
*****************************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla Firefox,
Thunderbird e Seamonkey per risolvere varie vulnerabilita'.
:: Piattaforme e Software interessati
Firefox 2.0.0.7 e precedenti
Thunderbird 2.0.0.6 e precedenti
SeaMonkey 1.1.4 e precedenti
:: Impatto
Spoofing
DoS
Manipulation of data
Exposure of sensitive information
:: Soluzione
Aggiornare Firefox alla versione 2.0.0.8
http://www.mozilla.com/en-US/firefox/
Aggiornare Thunderbird alla versione 2.0.0.8 (disponibile a breve)
http://www.mozilla.com/en-US/thunderbird/
Aggiornare SeaMonkey alla versione 1.1.5
http://www.mozilla.org/projects/seamonkey/
:: Riferimenti
Mozilla Foundation Security Advisory
http://www.mozilla.org/projects/security/known-vulnerabilities.html
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
http://www.mozilla.org/security/announce/2007/mfsa2007-30.html
http://www.mozilla.org/security/announce/2007/mfsa2007-31.html
http://www.mozilla.org/security/announce/2007/mfsa2007-32.html
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
http://www.mozilla.org/security/announce/2007/mfsa2007-34.html
http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
http://www.mozilla.org/security/announce/2007/mfsa2007-36.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340
FrSirt
http://www.frsirt.com/english/advisories/2007/3544
http://www.frsirt.com/english/advisories/2007/3545
Secunia
http://secunia.com/advisories/27311/
http://secunia.com/advisories/27313/
http://secunia.com/advisories/27315/
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/22688
http://www.securityfocus.com/bid/23668
http://www.securityfocus.com/bid/24725
http://www.securityfocus.com/bid/25053
http://www.securityfocus.com/bid/26132
Red Hat Security Advisory
https://rhn.redhat.com/errata/RHSA-2007-0979.html
https://rhn.redhat.com/errata/RHSA-2007-0980.html
https://rhn.redhat.com/errata/RHSA-2007-0981.html
SUSE Linux
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
-----BEGIN PGP SIGNATURE-----
iQCVAwUBRxyIyfOB+SpikaiRAQIHuwP/abW3k1PxdwPs+lzq82MIIcJ2ZTQM+eyc
fxKRkcKnrEiE5sIJRnCHAtmYBL8XeZzPXtEHVDA2IqJC9makJTWAxhcHzYnOpMb8
a7exdb4W2Xb0/vXSNxGZpyq4NwSm+CEbWuL2bHcGrcTpQniFbDCAa5EiNT1OYepJ
CJATRj2Wiyg=
=LdIC
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-07104
Data : 22 Ottobre 2007
Titolo : Vulnerabilita' nei prodotti Mozilla
*****************************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla Firefox,
Thunderbird e Seamonkey per risolvere varie vulnerabilita'.
:: Piattaforme e Software interessati
Firefox 2.0.0.7 e precedenti
Thunderbird 2.0.0.6 e precedenti
SeaMonkey 1.1.4 e precedenti
:: Impatto
Spoofing
DoS
Manipulation of data
Exposure of sensitive information
:: Soluzione
Aggiornare Firefox alla versione 2.0.0.8
http://www.mozilla.com/en-US/firefox/
Aggiornare Thunderbird alla versione 2.0.0.8 (disponibile a breve)
http://www.mozilla.com/en-US/thunderbird/
Aggiornare SeaMonkey alla versione 1.1.5
http://www.mozilla.org/projects/seamonkey/
:: Riferimenti
Mozilla Foundation Security Advisory
http://www.mozilla.org/projects/security/known-vulnerabilities.html
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
http://www.mozilla.org/security/announce/2007/mfsa2007-30.html
http://www.mozilla.org/security/announce/2007/mfsa2007-31.html
http://www.mozilla.org/security/announce/2007/mfsa2007-32.html
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
http://www.mozilla.org/security/announce/2007/mfsa2007-34.html
http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
http://www.mozilla.org/security/announce/2007/mfsa2007-36.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3844
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5334
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340
FrSirt
http://www.frsirt.com/english/advisories/2007/3544
http://www.frsirt.com/english/advisories/2007/3545
Secunia
http://secunia.com/advisories/27311/
http://secunia.com/advisories/27313/
http://secunia.com/advisories/27315/
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/22688
http://www.securityfocus.com/bid/23668
http://www.securityfocus.com/bid/24725
http://www.securityfocus.com/bid/25053
http://www.securityfocus.com/bid/26132
Red Hat Security Advisory
https://rhn.redhat.com/errata/RHSA-2007-0979.html
https://rhn.redhat.com/errata/RHSA-2007-0980.html
https://rhn.redhat.com/errata/RHSA-2007-0981.html
SUSE Linux
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
-----BEGIN PGP SIGNATURE-----
iQCVAwUBRxyIyfOB+SpikaiRAQIHuwP/abW3k1PxdwPs+lzq82MIIcJ2ZTQM+eyc
fxKRkcKnrEiE5sIJRnCHAtmYBL8XeZzPXtEHVDA2IqJC9makJTWAxhcHzYnOpMb8
a7exdb4W2Xb0/vXSNxGZpyq4NwSm+CEbWuL2bHcGrcTpQniFbDCAa5EiNT1OYepJ
CJATRj2Wiyg=
=LdIC
-----END PGP SIGNATURE-----