Alert GCSA-23034 - Aggiornamento di sicurezza per Mozilla Firefox
******************************************************************
Alert ID: GCSA-23034
Data: 15 Marzo 2023
Titolo: Aggiornamento di sicurezza per Mozilla Firefox
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato una nuova versione del browser Firefox
con la quale risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 111
Firefox ESR versioni precedenti alla 102.9
:: Impatto
Denial of Service (DoS)
Esecuzione remota di codice arbitrario (RCE)
Accesso a dati riservati (ID)
Provide Misleading Information (Spoofing)
:: Soluzioni
Aggiornare Firefox all'ultima versione
Firefox 111
Firefox ESR 102.9
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/en-US/firefox/all/#product-desktop-release
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28163
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28177
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFkEY+RwZxMk2USYEIRCObVAJ91yr5SqR8wMFhxAAm3CorgXsR5IgCfcJRO
s7C9XxcpzWkQ52jZas4isi8=
=Adeg
-----END PGP SIGNATURE-----
Alert ID: GCSA-23034
Data: 15 Marzo 2023
Titolo: Aggiornamento di sicurezza per Mozilla Firefox
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato una nuova versione del browser Firefox
con la quale risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 111
Firefox ESR versioni precedenti alla 102.9
:: Impatto
Denial of Service (DoS)
Esecuzione remota di codice arbitrario (RCE)
Accesso a dati riservati (ID)
Provide Misleading Information (Spoofing)
:: Soluzioni
Aggiornare Firefox all'ultima versione
Firefox 111
Firefox ESR 102.9
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/en-US/firefox/all/#product-desktop-release
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-09/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28163
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28177
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFkEY+RwZxMk2USYEIRCObVAJ91yr5SqR8wMFhxAAm3CorgXsR5IgCfcJRO
s7C9XxcpzWkQ52jZas4isi8=
=Adeg
-----END PGP SIGNATURE-----