Alert GCSA-23083 - Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
Alert ID: GCSA-23083
Data: 6 Luglio 2023
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni dei prodotti Thunderbird, Firefox e
Firefox ESR,
con le quali risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 115
Firefox ESR 102.x versioni precedenti alla 102.13
Thunderbird versioni precedenti alla 102.13
::Impatto
Remote Code Execution
Security Restriction Bypass
Denial of Service
Spoofing
Data Manipulation
:: Soluzioni
Aggiornare Firefox alla versione piu' recente
Firefox 115
Firefox ESR 102.13
Thunderbird 102.13
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/thunderbird/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/en-US/firefox/all/#product-desktop-release
https://www.thunderbird.net/en-US/thunderbird/all/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-22/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-23/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-24/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37203
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37209
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37210
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37212
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFkpnNIwZxMk2USYEIRCLlqAJ9GEcS3+0UQVQiyEMI2ymTLKDh0jwCeOcti
J5hwnqu9c77WESk3cMWDqCc=
=JvBv
-----END PGP SIGNATURE-----
Alert ID: GCSA-23083
Data: 6 Luglio 2023
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni dei prodotti Thunderbird, Firefox e
Firefox ESR,
con le quali risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 115
Firefox ESR 102.x versioni precedenti alla 102.13
Thunderbird versioni precedenti alla 102.13
::Impatto
Remote Code Execution
Security Restriction Bypass
Denial of Service
Spoofing
Data Manipulation
:: Soluzioni
Aggiornare Firefox alla versione piu' recente
Firefox 115
Firefox ESR 102.13
Thunderbird 102.13
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/thunderbird/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/en-US/firefox/all/#product-desktop-release
https://www.thunderbird.net/en-US/thunderbird/all/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-22/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-23/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-24/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3482
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37203
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37209
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37210
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37212
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFkpnNIwZxMk2USYEIRCLlqAJ9GEcS3+0UQVQiyEMI2ymTLKDh0jwCeOcti
J5hwnqu9c77WESk3cMWDqCc=
=JvBv
-----END PGP SIGNATURE-----