MGASA-2016-0115

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0115.html

Import Source

https://advisories.mageia.org/MGASA-2016-0115.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0115

Related

Published

2016-03-16T18:07:23Z

Modified

2016-03-17T15:54:06Z

Summary

Updated thunderbird packages fix security vulnerabilities

Details

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966).

Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause it to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / thunderbird

Package

Name: thunderbird
Purl: pkg:rpm/mageia/thunderbird?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

38.7.0-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / thunderbird-l10n

Package

Name: thunderbird-l10n
Purl: pkg:rpm/mageia/thunderbird-l10n?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

38.7.0-1.mga5

Ecosystem specific

{
    "section": "core"
}