Alert GCSA-09018 - Vulnerabilita' in Firefox 3.x
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-09018
Data : 06 Marzo 2009
Titolo : Vulnerabilita' in Mozilla Firefox 3.x
*****************************************************************************
:: Descrizione del problema
Mozilla ha pubblicato un avviso di sicurezza relativo
ad alcune vulnerabilita' presenti nel browser Firefox.
:: Piattaforme e Software interessati
Firefox versioni precedenti alla 3.0.7
:: Impatto
Bypass delle restrizioni di sicurezza
Esposizione di informazioni di sistema
Esposizione di informazioni sensibili
Accesso al sistema
Spoofing
:: Soluzione
Aggiornare Firefox alla versione 3.0.7
http://www.mozilla.com/firefox/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
http://www.mozilla.org/security/announce/2009/mfsa2009-07.html
http://www.mozilla.org/security/announce/2009/mfsa2009-08.html
http://www.mozilla.org/security/announce/2009/mfsa2009-09.html
http://www.mozilla.org/security/announce/2009/mfsa2009-10.html
http://www.mozilla.org/security/announce/2009/mfsa2009-11.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0777
Secunia
http://secunia.com/advisories/34145
VUPEN
http://www.vupen.com/english/advisories/2009/0599
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSbFJbfOB+SpikaiRAQKHHgP5AdDV02x6T49wtRPQFDzvouwhHpf0V5Dd
/1B4UVHKiG6Odt5HjNzZh4yuSM8JFX+/iLTdv5jHLklBD+y3aUk14ehg/aoW64p8
Q1sSCfy9Dw82MFtXKSxX68gcgoaf4dS5Pr3pbinBemkBBv9lKbW7lZc8IlK6HAaG
rT+6MChZRq0=
=Qd/4
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-09018
Data : 06 Marzo 2009
Titolo : Vulnerabilita' in Mozilla Firefox 3.x
*****************************************************************************
:: Descrizione del problema
Mozilla ha pubblicato un avviso di sicurezza relativo
ad alcune vulnerabilita' presenti nel browser Firefox.
:: Piattaforme e Software interessati
Firefox versioni precedenti alla 3.0.7
:: Impatto
Bypass delle restrizioni di sicurezza
Esposizione di informazioni di sistema
Esposizione di informazioni sensibili
Accesso al sistema
Spoofing
:: Soluzione
Aggiornare Firefox alla versione 3.0.7
http://www.mozilla.com/firefox/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
http://www.mozilla.org/security/announce/2009/mfsa2009-07.html
http://www.mozilla.org/security/announce/2009/mfsa2009-08.html
http://www.mozilla.org/security/announce/2009/mfsa2009-09.html
http://www.mozilla.org/security/announce/2009/mfsa2009-10.html
http://www.mozilla.org/security/announce/2009/mfsa2009-11.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0777
Secunia
http://secunia.com/advisories/34145
VUPEN
http://www.vupen.com/english/advisories/2009/0599
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSbFJbfOB+SpikaiRAQKHHgP5AdDV02x6T49wtRPQFDzvouwhHpf0V5Dd
/1B4UVHKiG6Odt5HjNzZh4yuSM8JFX+/iLTdv5jHLklBD+y3aUk14ehg/aoW64p8
Q1sSCfy9Dw82MFtXKSxX68gcgoaf4dS5Pr3pbinBemkBBv9lKbW7lZc8IlK6HAaG
rT+6MChZRq0=
=Qd/4
-----END PGP SIGNATURE-----