Vulnerabilita’ in Mozilla Firefox 3.x

Descrizione del problema

Mozilla ha pubblicato un security advisory relativo
ad alcune vulnerabilita’ presenti nel browser Firefox.

:: Piattaforme e Software interessati

Firefox versioni precedenti alla 3.0.2

:: Impatto

Security restrictions bypass
Exposure of system information
Exposure of sensitive information
System access
DoS

:: Soluzione

Aggiornare Firefox alla versione 3.0.2
http://www.mozilla.com/en-US/firefox/all.html
http://www.mozilla.com/en-US/firefox/

:: Riferimenti

Mozilla Security Advisory
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
http://www.mozilla.org/security/announce/2008/mfsa2008-40.html
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html
http://www.mozilla.org/security/announce/2008/mfsa2008-44.html

Mitre’s CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4068

Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/31346

Secunia
http://secunia.com/advisories/32011/

FrSIRT
http://www.frsirt.com/english/advisories/2008/2661

Red Hat
https://rhn.redhat.com/errata/RHSA-2008-0879.html

Ubuntu
http://www.ubuntu.com/usn/usn-645-1
http://www.ubuntu.com/usn/usn-645-2

Questa voce è stata pubblicata in Sicurezza e contrassegnata con , , , , , , , , , , , , , , , , , , . Contrassegna il permalink.