Alert GCSA-11069 - Vulnerabilita' multiple nei prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11069
Data : 30 Settembre 2011
Titolo : Vulnerabilita' multiple nei prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state individuate varie vulnerabilita' nei prodotti Mozilla
Firefox, Thunderbird e SeaMonkey che se sfruttate potrebbero
permettere ad un attaccante remoto di manipolare e divulgare
informazioni, scavalcare le restrizioni di sicurezza o
compromettere un sistema vulnerabile.
:: Software interessato
Mozilla Firefox versioni precedenti alla 3.6.23
Mozilla Firefox versioni precedenti alla 7
Mozilla Thunderbird versioni precedenti alla 7
SeaMonkey versioni precedenti alla 2.4.1
:: Impatto
Esecuzione remota di codice arbitrario
Security Bypass
:: Soluzioni
Aggiornare Mozilla Firefox alle versioni 3.6.23 o 7:
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 7:
http://www.mozilla.com/thunderbird
Aggiornare Seamonkey alla versione 2.4.1:
http://www.seamonkey-project.org/
:: Riferimenti
Mozilla Foundation Security Advisory
http://www.mozilla.org/security/announce/2011/mfsa2011-36.html
http://www.mozilla.org/security/announce/2011/mfsa2011-37.html
http://www.mozilla.org/security/announce/2011/mfsa2011-38.html
http://www.mozilla.org/security/announce/2011/mfsa2011-39.html
http://www.mozilla.org/security/announce/2011/mfsa2011-40.html
http://www.mozilla.org/security/announce/2011/mfsa2011-41.html
http://www.mozilla.org/security/announce/2011/mfsa2011-42.html
http://www.mozilla.org/security/announce/2011/mfsa2011-43.html
http://www.mozilla.org/security/announce/2011/mfsa2011-44.html
http://www.mozilla.org/security/announce/2011/mfsa2011-45.html
Secunia
http://secunia.com/advisories/46171/
http://secunia.com/advisories/46205/
http://secunia.com/advisories/46204/
http://secunia.com/advisories/46203/
Securityfocus
http://www.securityfocus.com/bid/49811
http://www.securityfocus.com/bid/49848
http://www.securityfocus.com/bid/49810
http://www.securityfocus.com/bid/49809
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3005
-----BEGIN PGP SIGNATURE-----
iQCVAwUBToXg1fOB+SpikaiRAQJQIQQAwQUhnFEYRtXRgrtwUSGRfX9WSpgBUHsD
c+Mk2CbTczZK37fuza8wiLJLNmfFlGioVfdCGxKGhMGuC1tfzQc5RVohJXqw3vLc
fP1iAtqJffPIxBPfPIXoWLHLGGplCDVC+D/tBmF15EmAQynC8O60kCoKFqdeFmvB
y0JzsHOKvH0=
=HxEw
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11069
Data : 30 Settembre 2011
Titolo : Vulnerabilita' multiple nei prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state individuate varie vulnerabilita' nei prodotti Mozilla
Firefox, Thunderbird e SeaMonkey che se sfruttate potrebbero
permettere ad un attaccante remoto di manipolare e divulgare
informazioni, scavalcare le restrizioni di sicurezza o
compromettere un sistema vulnerabile.
:: Software interessato
Mozilla Firefox versioni precedenti alla 3.6.23
Mozilla Firefox versioni precedenti alla 7
Mozilla Thunderbird versioni precedenti alla 7
SeaMonkey versioni precedenti alla 2.4.1
:: Impatto
Esecuzione remota di codice arbitrario
Security Bypass
:: Soluzioni
Aggiornare Mozilla Firefox alle versioni 3.6.23 o 7:
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 7:
http://www.mozilla.com/thunderbird
Aggiornare Seamonkey alla versione 2.4.1:
http://www.seamonkey-project.org/
:: Riferimenti
Mozilla Foundation Security Advisory
http://www.mozilla.org/security/announce/2011/mfsa2011-36.html
http://www.mozilla.org/security/announce/2011/mfsa2011-37.html
http://www.mozilla.org/security/announce/2011/mfsa2011-38.html
http://www.mozilla.org/security/announce/2011/mfsa2011-39.html
http://www.mozilla.org/security/announce/2011/mfsa2011-40.html
http://www.mozilla.org/security/announce/2011/mfsa2011-41.html
http://www.mozilla.org/security/announce/2011/mfsa2011-42.html
http://www.mozilla.org/security/announce/2011/mfsa2011-43.html
http://www.mozilla.org/security/announce/2011/mfsa2011-44.html
http://www.mozilla.org/security/announce/2011/mfsa2011-45.html
Secunia
http://secunia.com/advisories/46171/
http://secunia.com/advisories/46205/
http://secunia.com/advisories/46204/
http://secunia.com/advisories/46203/
Securityfocus
http://www.securityfocus.com/bid/49811
http://www.securityfocus.com/bid/49848
http://www.securityfocus.com/bid/49810
http://www.securityfocus.com/bid/49809
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3005
-----BEGIN PGP SIGNATURE-----
iQCVAwUBToXg1fOB+SpikaiRAQJQIQQAwQUhnFEYRtXRgrtwUSGRfX9WSpgBUHsD
c+Mk2CbTczZK37fuza8wiLJLNmfFlGioVfdCGxKGhMGuC1tfzQc5RVohJXqw3vLc
fP1iAtqJffPIxBPfPIXoWLHLGGplCDVC+D/tBmF15EmAQynC8O60kCoKFqdeFmvB
y0JzsHOKvH0=
=HxEw
-----END PGP SIGNATURE-----