Alert GCSA-17025 - Vulnerabilità in Mozilla Firefox
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17025
Data: 20 Aprile 2017
Titolo: Vulnerabilità in Mozilla Firefox
**********************************************************************
:: Descrizione del problema
Sono state riscontrate varie vulnerabilità in Mozilla Firefox sfruttando
le quali un utente remoto può eseguire codice
arbitrario sul sistema utente che ne sia affetto.
Per una descrizione completa delle vulnerabilità consultare
le segnalazioni ufficiali.
:: Software interessato
Mozilla Firefox versioni precedenti la 53.0
:: Impatto
Disclosure di informazioni di autenticazione, di utenti e di sistema
Accesso ad informazioni sensibili
By-pass delle restrizioni di sicurezza
Esecuzione di codice arbitrario
:: Soluzioni
Aggiornare alle versioni:
Mozilla Firefox 53.0
:: Riferimenti
Mozilla Foundation Security Advisories
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/
Security Tracker
http://www.securitytracker.com/id/1038320
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2017-5429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlj5rvoACgkQwZxMk2USYEINUgCgmt+K82IrkYZoow1H5MSdY2yw
JzoAoNLUWoTm1bsan0rn/xFcdru8dzaz
=oFpY
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17025
Data: 20 Aprile 2017
Titolo: Vulnerabilità in Mozilla Firefox
**********************************************************************
:: Descrizione del problema
Sono state riscontrate varie vulnerabilità in Mozilla Firefox sfruttando
le quali un utente remoto può eseguire codice
arbitrario sul sistema utente che ne sia affetto.
Per una descrizione completa delle vulnerabilità consultare
le segnalazioni ufficiali.
:: Software interessato
Mozilla Firefox versioni precedenti la 53.0
:: Impatto
Disclosure di informazioni di autenticazione, di utenti e di sistema
Accesso ad informazioni sensibili
By-pass delle restrizioni di sicurezza
Esecuzione di codice arbitrario
:: Soluzioni
Aggiornare alle versioni:
Mozilla Firefox 53.0
:: Riferimenti
Mozilla Foundation Security Advisories
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/
Security Tracker
http://www.securitytracker.com/id/1038320
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2017-5429
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5437
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5448
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5454
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5462
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5463
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlj5rvoACgkQwZxMk2USYEINUgCgmt+K82IrkYZoow1H5MSdY2yw
JzoAoNLUWoTm1bsan0rn/xFcdru8dzaz
=oFpY
-----END PGP SIGNATURE-----