Alert GCSA-14029 - Vulnerabilita' nei prodotti Mozilla (Firefox, Thunderbird)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-14029
Data: 03 settembre 2014
Titolo: Vulnerabilita' nei prodotti Mozilla (Firefox, Thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla Firefox e Thunderbird che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 32
Thunderbird versioni precedenti alla 31.1
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Rivelazione di informazioni di sistema
:: Soluzioni
Aggiornare Firefox alla versione 32
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 31.1
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/firefox/32.0/releasenotes/
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
https://www.mozilla.org/security/announce/2014/mfsa2014-67.html
https://www.mozilla.org/security/announce/2014/mfsa2014-68.html
https://www.mozilla.org/security/announce/2014/mfsa2014-69.html
https://www.mozilla.org/security/announce/2014/mfsa2014-70.html
https://www.mozilla.org/security/announce/2014/mfsa2014-71.html
https://www.mozilla.org/security/announce/2014/mfsa2014-72.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1554
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFUBxAXwZxMk2USYEIRAiYeAKCOzPZPNazXgOp3cxq9pSP41RVfQQCg4MqM
m/StfkSTKnqNQiO8jMdNrSs=
=1I3m
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-14029
Data: 03 settembre 2014
Titolo: Vulnerabilita' nei prodotti Mozilla (Firefox, Thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla Firefox e Thunderbird che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 32
Thunderbird versioni precedenti alla 31.1
:: Impatto
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Rivelazione di informazioni di sistema
:: Soluzioni
Aggiornare Firefox alla versione 32
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 31.1
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/firefox/32.0/releasenotes/
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
https://www.mozilla.org/security/announce/2014/mfsa2014-67.html
https://www.mozilla.org/security/announce/2014/mfsa2014-68.html
https://www.mozilla.org/security/announce/2014/mfsa2014-69.html
https://www.mozilla.org/security/announce/2014/mfsa2014-70.html
https://www.mozilla.org/security/announce/2014/mfsa2014-71.html
https://www.mozilla.org/security/announce/2014/mfsa2014-72.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1554
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1564
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1565
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1566
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFUBxAXwZxMk2USYEIRAiYeAKCOzPZPNazXgOp3cxq9pSP41RVfQQCg4MqM
m/StfkSTKnqNQiO8jMdNrSs=
=1I3m
-----END PGP SIGNATURE-----