Alert GCSA-13033 - Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13033
Data : 21 Maggio 2013
Titolo : Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
che risolvono varie vulnerabilita' presenti in Firefox e Thunderbird.
Tali vulnerabilita' potrebbero essere sfruttate
da remoto o in locale per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 21
Thunderbird versioni precedenti alla 17.0.6
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Security Bypass
:: Soluzioni
Aggiornare Firefox alla versione 21
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 17.0.6
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/en-US/firefox/20.0/releasenotes/buglist.html
http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
http://www.mozilla.org/security/announce/2013/mfsa2013-42.html
http://www.mozilla.org/security/announce/2013/mfsa2013-43.html
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
http://www.mozilla.org/security/announce/2013/mfsa2013-45.html
http://www.mozilla.org/security/announce/2013/mfsa2013-46.html
http://www.mozilla.org/security/announce/2013/mfsa2013-47.html
http://www.mozilla.org/security/announce/2013/mfsa2013-48.html
Secunia
http://secunia.com/advisories/53400/
http://secunia.com/advisories/53410/
http://secunia.com/advisories/53443/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1681
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGbb4gACgkQwZxMk2USYELgfQCfXnwK2lTuS2u8u0uebDLXm5Sf
FEcAnRPFiL9CkG/ekFnx5u2MxijTfAd/
=wYQr
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13033
Data : 21 Maggio 2013
Titolo : Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
che risolvono varie vulnerabilita' presenti in Firefox e Thunderbird.
Tali vulnerabilita' potrebbero essere sfruttate
da remoto o in locale per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 21
Thunderbird versioni precedenti alla 17.0.6
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Security Bypass
:: Soluzioni
Aggiornare Firefox alla versione 21
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 17.0.6
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
http://www.mozilla.org/en-US/firefox/20.0/releasenotes/buglist.html
http://www.mozilla.org/security/announce/2013/mfsa2013-41.html
http://www.mozilla.org/security/announce/2013/mfsa2013-42.html
http://www.mozilla.org/security/announce/2013/mfsa2013-43.html
http://www.mozilla.org/security/announce/2013/mfsa2013-44.html
http://www.mozilla.org/security/announce/2013/mfsa2013-45.html
http://www.mozilla.org/security/announce/2013/mfsa2013-46.html
http://www.mozilla.org/security/announce/2013/mfsa2013-47.html
http://www.mozilla.org/security/announce/2013/mfsa2013-48.html
Secunia
http://secunia.com/advisories/53400/
http://secunia.com/advisories/53410/
http://secunia.com/advisories/53443/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1669
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1670
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1672
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1673
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1674
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1678
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1679
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1680
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1681
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlGbb4gACgkQwZxMk2USYELgfQCfXnwK2lTuS2u8u0uebDLXm5Sf
FEcAnRPFiL9CkG/ekFnx5u2MxijTfAd/
=wYQr
-----END PGP SIGNATURE-----