Alert GCSA-14036 - Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-14036
Data: 15 ottobre 2014
Titolo: Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
Firefox e Thunderbird che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali
per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 33.0
Thunderbird versioni precedenti alla 31.2
:: Impatto
Denial of service
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Modifica di informazioni di sistema
:: Soluzioni
Aggiornare Firefox alla versione 33.0
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 31.2
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/firefox/33.0/releasenotes/
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
https://www.mozilla.org/security/announce/2014/mfsa2014-82.html
https://www.mozilla.org/security/announce/2014/mfsa2014-81.html
https://www.mozilla.org/security/announce/2014/mfsa2014-80.html
https://www.mozilla.org/security/announce/2014/mfsa2014-79.html
https://www.mozilla.org/security/announce/2014/mfsa2014-78.html
https://www.mozilla.org/security/announce/2014/mfsa2014-77.html
https://www.mozilla.org/security/announce/2014/mfsa2014-76.html
https://www.mozilla.org/security/announce/2014/mfsa2014-75.html
https://www.mozilla.org/security/announce/2014/mfsa2014-74.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586
Ubuntu Security Notice
http://www.ubuntu.com/usn/usn-2372-1/
http://www.ubuntu.com/usn/usn-2373-1/
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFUPpk5wZxMk2USYEIRAnpnAJ9RFYfgizWZqNNJbthfY+mAJPUpVQCaA8qM
lN61lXH8xyMk2xBBQtwL4xA=
=xOv+
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-14036
Data: 15 ottobre 2014
Titolo: Vulnerabilita' nei prodotti Mozilla (firefox, thunderbird)
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni dei prodotti Mozilla
Firefox e Thunderbird che risolvono varie vulnerabilita'
potenzialmente sfruttabili da aggressori remoti e locali
per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 33.0
Thunderbird versioni precedenti alla 31.2
:: Impatto
Denial of service
Esecuzione di codice arbitrario da remoto
Accesso al sistema
Modifica di informazioni di sistema
:: Soluzioni
Aggiornare Firefox alla versione 33.0
http://www.mozilla.org/it/firefox/new/
Aggiornare Thunderbird alla versione 31.2
http://www.mozilla.org/it/thunderbird/
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/firefox/33.0/releasenotes/
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
https://www.mozilla.org/security/announce/2014/mfsa2014-82.html
https://www.mozilla.org/security/announce/2014/mfsa2014-81.html
https://www.mozilla.org/security/announce/2014/mfsa2014-80.html
https://www.mozilla.org/security/announce/2014/mfsa2014-79.html
https://www.mozilla.org/security/announce/2014/mfsa2014-78.html
https://www.mozilla.org/security/announce/2014/mfsa2014-77.html
https://www.mozilla.org/security/announce/2014/mfsa2014-76.html
https://www.mozilla.org/security/announce/2014/mfsa2014-75.html
https://www.mozilla.org/security/announce/2014/mfsa2014-74.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1575
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1582
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1584
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586
Ubuntu Security Notice
http://www.ubuntu.com/usn/usn-2372-1/
http://www.ubuntu.com/usn/usn-2373-1/
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFUPpk5wZxMk2USYEIRAnpnAJ9RFYfgizWZqNNJbthfY+mAJPUpVQCaA8qM
lN61lXH8xyMk2xBBQtwL4xA=
=xOv+
-----END PGP SIGNATURE-----