Alert GCSA-18068 - Vulnerabilita' in Mozilla Firefox
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18068
Data: 07 Settembre 2018
Titolo: Aggiornamento di sicurezza per Mozilla Firefox
******************************************************************
:: Descrizione del problema
Sono state rilasciate nuove versioni del browser Mozilla Firefox
che risolvono diverse vulnerabilita' potenzialmente sfruttabili
per condurre attacchi.
:: Software interessato
Firefox versioni precedenti alla 62
Firefox ESR versioni precedenti alla 60.2
:: Impatto
Esecuzione da remoto di codice arbitrario
Compromissione e controllo del sistema
Denial of Service
:: Soluzioni
Aggiornare Firefox all'ultima versione
Firefox 62
https://www.mozilla.org/it/firefox/new/
Firefox ESR 60.2
https://www.mozilla.org/en-US/firefox/organizations/
:: Riferimenti
Mozilla Foundation Security Advisory 2018-14
https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/
SecurityFocus
https://www.securityfocus.com/bid/105276
https://www.securityfocus.com/bid/105280
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12381
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAluSWcEACgkQwZxMk2USYEL3XACeIEZSf7oiMCS+fmj14Su5oJLm
TwQAoLCZNoC0uvhMnM5AIE8FwGjETbet
=Q+SP
-----END PGP SIGNATURE-----