—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
******************************************************************
Alert ID : GCSA-08021
Data : 21 febbraio 2008
Titolo : Vulnerabilita’ multiple in Netscape
******************************************************************
: Descrizione del problema
Sono state riscontrate alcune vulnerabilita’ in Netscape Navigator
che potrebbero essere sfruttate da un attaccante per ottenere l’accesso
ad informazioni sensibili, eludere alcune restrizioni di sicurezza,
condurre attacchi di tipo spoofing, e potenzialmente per compromettere
il sistema vulnerabile.
: Piattaforme e software interessati
Netscape: versioni precedenti alla 9.0.0.6
: Impatto
Spoofing
DoS
Cross Site Scripting
Bypass delle restrizioni di sicurezza
: Soluzioni
Aggiornare Netscape alla versione 9.0.0.6 :
http://browser.netscape.com/downloads
: Riferimenti
Netscape:
http://browser.netscape.com/releasenotes/
FrSIRT:
http://www.frsirt.com/english/advisories/2008/0627
Secunia:
http://secunia.com/advisories/29049/
CVE Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593
—–BEGIN PGP SIGNATURE—–
iQCVAwUBR7199vOB+SpikaiRAQKX2wP9FJim7kaSPtxw7GB6TPJnDrCy7ujAYXzo
Iv4vGV3FOJLJ0QrBQHhEtRnfkRYAjR0Kbmb663JUpoJ94U4svAs9AIs/hLgdBV0l
aRH+p5qcg3LUS9J2f5slo5RdYVkKGnBmtY/HwAdCIYGo4AoBK4Ddxq7Yzc6EynOu
aBEPWn7Sz2w=
=wwPx
—–END PGP SIGNATURE—–