Alert GCSA-25109 - Aggiornamento di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25109
Data: 17 Settembre 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR
del client di posta Thunderbird con le quali risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 143
Firefox ESR versioni precedenti alla 115.28
Firefox ESR versioni precedenti alla 140.3
Thunderbird versioni precedenti alla 143
Thunderbird versioni precedenti alla 140.3
:: Impatto
Security Restriction Bypass
Spoofing
Information Disclosure
Remote Code Execution
:: Soluzioni
Aggiornare Firefox all'ultima versione:
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione:
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-74/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-77/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10530
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10531
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10534
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaMpgEw0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBC9IgAoMlDkUOQCUV8rtXawNzeLEzbtAmAAKC4OjQWFER2
wU1rCNXrlRWc/SwRww==
=8rTX
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25109
Data: 17 Settembre 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR
del client di posta Thunderbird con le quali risolve vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 143
Firefox ESR versioni precedenti alla 115.28
Firefox ESR versioni precedenti alla 140.3
Thunderbird versioni precedenti alla 143
Thunderbird versioni precedenti alla 140.3
:: Impatto
Security Restriction Bypass
Spoofing
Information Disclosure
Remote Code Execution
:: Soluzioni
Aggiornare Firefox all'ultima versione:
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione:
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-74/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-77/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10527
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10530
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10531
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10532
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10534
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10536
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10537
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaMpgEw0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBC9IgAoMlDkUOQCUV8rtXawNzeLEzbtAmAAKC4OjQWFER2
wU1rCNXrlRWc/SwRww==
=8rTX
-----END PGP SIGNATURE-----