Alert GCSA-10127 - Vulnerabilita' in Mozilla SeaMonkey 2.0.x
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10127
Data : 10 settembre 2010
Titolo : Vulnerabilita' in Mozilla SeaMonkey 2.0.x
******************************************************************
:: Descrizione del problema
E' stata rilasciata una nuova versione di Mozilla SeaMonkey
con aggiornamenti relativi alla stabilita' e alla sicurezza.
http://www.seamonkey-project.org/releases/seamonkey2.0.7/
:: Software interessato
SeaMonkey versioni precedenti alla 2.0.7
:: Impatto
Esecuzione remota di codice arbitrario
Cross Site Scripting
Bypass dei controlli di sicurezza
Compromissione del sistema
Esposizione di informazioni sensibili
Denial of Service
:: Soluzione
Aggiornare SeaMonkey alla versione 2.0.7
http://www.seamonkey-project.org/
:: Riferimenti
Mozilla Foundation Security Advisories
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2765
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2760
Secunia
http://secunia.com/advisories/41299/
Vupen Security
http://www.vupen.com/english/advisories/2010/2323
Red Hat Support
https://rhn.redhat.com/errata/RHSA-2010-0680.html
Debian DSA 2106-1
http://lists.debian.org/debian-security-announce/2010/msg00153.html
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTIn6QvOB+SpikaiRAQJUcwP/UMRNk9DIJK3m896rJFi4TlRBQ/n7T2e5
J66dFvWuDhuznvghLTgOBit4N/NVLFxYS23OEOmJKN3Zy5oAcFr8swsI6eNxB14H
/MXSnWb8ifHfiDlVHH93HBYrSvb3Lh7VxGgaV058O1ojQIIx/nRGm22Xvq0D03P0
ubQLE1kEk28=
=EXtC
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10127
Data : 10 settembre 2010
Titolo : Vulnerabilita' in Mozilla SeaMonkey 2.0.x
******************************************************************
:: Descrizione del problema
E' stata rilasciata una nuova versione di Mozilla SeaMonkey
con aggiornamenti relativi alla stabilita' e alla sicurezza.
http://www.seamonkey-project.org/releases/seamonkey2.0.7/
:: Software interessato
SeaMonkey versioni precedenti alla 2.0.7
:: Impatto
Esecuzione remota di codice arbitrario
Cross Site Scripting
Bypass dei controlli di sicurezza
Compromissione del sistema
Esposizione di informazioni sensibili
Denial of Service
:: Soluzione
Aggiornare SeaMonkey alla versione 2.0.7
http://www.seamonkey-project.org/
:: Riferimenti
Mozilla Foundation Security Advisories
http://www.mozilla.org/security/announce/
http://www.mozilla.org/security/known-vulnerabilities/
http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.7
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2768
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2769
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2767
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2766
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2765
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2760
Secunia
http://secunia.com/advisories/41299/
Vupen Security
http://www.vupen.com/english/advisories/2010/2323
Red Hat Support
https://rhn.redhat.com/errata/RHSA-2010-0680.html
Debian DSA 2106-1
http://lists.debian.org/debian-security-announce/2010/msg00153.html
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTIn6QvOB+SpikaiRAQJUcwP/UMRNk9DIJK3m896rJFi4TlRBQ/n7T2e5
J66dFvWuDhuznvghLTgOBit4N/NVLFxYS23OEOmJKN3Zy5oAcFr8swsI6eNxB14H
/MXSnWb8ifHfiDlVHH93HBYrSvb3Lh7VxGgaV058O1ojQIIx/nRGm22Xvq0D03P0
ubQLE1kEk28=
=EXtC
-----END PGP SIGNATURE-----