Alert GCSA-21041 - Aggiornamenti di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21041
Data: 20 Aprile 2021
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni del browser Firefox e del
client di posta Thunderbird, con le quali vengono risolte alcune
vulnerabilita', potenzialmente sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 88
Firefox ESR versioni precedenti alla 78.10
Thunderbird versioni precedenti alla 78.10
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aggiramento delle restrizioni di sicurezza
Rivelazione di informazioni riservate
Cross-Site Scripting
Aumento dei privilegi
Manipolazione di dati
:: Soluzione
Aggiornare i software all'ultima versione
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
:: Riferimenti
Mozilla - Release Notes
https://www.mozilla.org/en-US/firefox/88.0/releasenotes/
https://www.mozilla.org/en-US/firefox/78.10.0/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/78.10.0/releasenotes/
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29944
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29947
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFgfpIRwZxMk2USYEIRAqeqAJwNkCiYE5mr06ImG8nto9nV1FDdlgCgrt/v
P3NlK84WUHgtxKx0RVdKyvM=
=YKxY
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21041
Data: 20 Aprile 2021
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni del browser Firefox e del
client di posta Thunderbird, con le quali vengono risolte alcune
vulnerabilita', potenzialmente sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 88
Firefox ESR versioni precedenti alla 78.10
Thunderbird versioni precedenti alla 78.10
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aggiramento delle restrizioni di sicurezza
Rivelazione di informazioni riservate
Cross-Site Scripting
Aumento dei privilegi
Manipolazione di dati
:: Soluzione
Aggiornare i software all'ultima versione
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
:: Riferimenti
Mozilla - Release Notes
https://www.mozilla.org/en-US/firefox/88.0/releasenotes/
https://www.mozilla.org/en-US/firefox/78.10.0/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/78.10.0/releasenotes/
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-14/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23994
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23997
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23998
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23999
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29944
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29947
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFgfpIRwZxMk2USYEIRAqeqAJwNkCiYE5mr06ImG8nto9nV1FDdlgCgrt/v
P3NlK84WUHgtxKx0RVdKyvM=
=YKxY
-----END PGP SIGNATURE-----