MGASA-2015-0462
- Source
- https://advisories.mageia.org/MGASA-2015-0462.html
- Import Source
- https://advisories.mageia.org/MGASA-2015-0462.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2015-0462
- Upstream
- Published
- 2015-11-27T23:11:20Z
- Modified
- 2026-04-16T06:22:48.796144690Z
- Summary
- Updated thunderbird packages fix security vulnerability
- Details
-
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2015-4513, CVE-2015-7189, CVE-2015-7197, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200).
A same-origin policy bypass flaw was found in the way Thunderbird handled certain cross-origin resource sharing (CORS) requests. A web page containing malicious content could cause Thunderbird to disclose sensitive information (CVE-2015-7193).
- References
-
- https://advisories.mageia.org/MGASA-2015-0462.html
- https://bugs.mageia.org/show_bug.cgi?id=17234
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
- https://rhn.redhat.com/errata/RHSA-2015-2519.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / thunderbird
Package
- Name
- thunderbird
- Purl
- pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-5
Mageia:5 / thunderbird-l10n
Package
- Name
- thunderbird-l10n
- Purl
- pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-5