Alert GCSA-11086 - Vulnerabilita' nei prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11086
Data : 21 Dicembre 2011
Titolo : Vulnerabilita' nei prodotti Mozilla
******************************************************************
:: Descrizione del problema:
Sono state riscontrate vulnerabilita' multiple nei prodotti
Mozilla Firefox, Thunderbird e Seamonkey che potrebbero essere
sfruttate per accedere al sistema, ottenere informazioni
sensibili ed eseguire codice arbitrario su un sistema che ne sia
affetto.
:: Software interessato:
Mozilla SeaMonkey 2.x
Mozilla Firefox 8.x
Mozilla Thunderbird 8.x
:: Impatto:
Accesso al sistema
Esecuzione di codice arbitrario
Rilascio di dati sensibili
:: Soluzioni:
Aggiornare Mozilla Firefox alla versione 9
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 9
http://www.mozilla.org/thunderbird/
Aggiornare Mozilla SeaMonkey alla versione 2.6
http://www.seamonkey-project.org/
:: Riferimenti:
Mozilla Security Advisory
http://www.mozilla.org/security/announce/2011/mfsa2011-53.html
http://www.mozilla.org/security/announce/2011/mfsa2011-54.html
http://www.mozilla.org/security/announce/2011/mfsa2011-55.html
http://www.mozilla.org/security/announce/2011/mfsa2011-56.html
http://www.mozilla.org/security/announce/2011/mfsa2011-57.html
http://www.mozilla.org/security/announce/2011/mfsa2011-58.html
Security Focus
http://www.securityfocus.com/bid/45347
Secunia
http://secunia.com/advisories/47302/
http://secunia.com/advisories/47334/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3665
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTvHDb/OB+SpikaiRAQIOoAP+OUwZrrdgilbqSyLX2izbY/SeyhWVOomh
8/lc8Wx+LxWjWm/B94H16yPnKZVFNiXqwVdXKENPnS41Kk4/ICOK4xulwH4Gj1rB
1v5fd/9S2vg/FtdXvigbU5Yhi6hhXVSCByhOSyMp8WnYr8rqly5UuZaQSr+Imv+u
RUIZ8N9ZHDg=
=OZoY
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11086
Data : 21 Dicembre 2011
Titolo : Vulnerabilita' nei prodotti Mozilla
******************************************************************
:: Descrizione del problema:
Sono state riscontrate vulnerabilita' multiple nei prodotti
Mozilla Firefox, Thunderbird e Seamonkey che potrebbero essere
sfruttate per accedere al sistema, ottenere informazioni
sensibili ed eseguire codice arbitrario su un sistema che ne sia
affetto.
:: Software interessato:
Mozilla SeaMonkey 2.x
Mozilla Firefox 8.x
Mozilla Thunderbird 8.x
:: Impatto:
Accesso al sistema
Esecuzione di codice arbitrario
Rilascio di dati sensibili
:: Soluzioni:
Aggiornare Mozilla Firefox alla versione 9
http://www.mozilla.com/firefox/
Aggiornare Mozilla Thunderbird alla versione 9
http://www.mozilla.org/thunderbird/
Aggiornare Mozilla SeaMonkey alla versione 2.6
http://www.seamonkey-project.org/
:: Riferimenti:
Mozilla Security Advisory
http://www.mozilla.org/security/announce/2011/mfsa2011-53.html
http://www.mozilla.org/security/announce/2011/mfsa2011-54.html
http://www.mozilla.org/security/announce/2011/mfsa2011-55.html
http://www.mozilla.org/security/announce/2011/mfsa2011-56.html
http://www.mozilla.org/security/announce/2011/mfsa2011-57.html
http://www.mozilla.org/security/announce/2011/mfsa2011-58.html
Security Focus
http://www.securityfocus.com/bid/45347
Secunia
http://secunia.com/advisories/47302/
http://secunia.com/advisories/47334/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3661
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3664
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3665
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTvHDb/OB+SpikaiRAQIOoAP+OUwZrrdgilbqSyLX2izbY/SeyhWVOomh
8/lc8Wx+LxWjWm/B94H16yPnKZVFNiXqwVdXKENPnS41Kk4/ICOK4xulwH4Gj1rB
1v5fd/9S2vg/FtdXvigbU5Yhi6hhXVSCByhOSyMp8WnYr8rqly5UuZaQSr+Imv+u
RUIZ8N9ZHDg=
=OZoY
-----END PGP SIGNATURE-----