MGASA-2015-0492
- Source
- https://advisories.mageia.org/MGASA-2015-0492.html
- Import Source
- https://advisories.mageia.org/MGASA-2015-0492.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2015-0492
- Upstream
- Published
- 2015-12-28T19:23:26Z
- Modified
- 2026-04-16T06:22:20.955071336Z
- Summary
- Updated thunderbird packages fix security vulnerabilities
- Details
-
Updated thunderbird packages fix security vulnerabilities:
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2015-7201, CVE-2015-7205, CVE-2015-7210, CVE-2015-7212, CVE-2015-7213, CVE-2015-7222).
A flaw was found in the way Thunderbird handled content using the 'data:' and 'view-source:' URIs. An attacker could use this flaw to bypass the same-origin policy and read data from cross-site URLs and local files (CVE-2015-7214).
- References
-
- https://advisories.mageia.org/MGASA-2015-0492.html
- https://bugs.mageia.org/show_bug.cgi?id=17386
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-139/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-145/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-146/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-149/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
- https://rhn.redhat.com/errata/RHSA-2015-2657.html
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / thunderbird
Package
- Name
- thunderbird
- Purl
- pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-5
Mageia:5 / thunderbird-l10n
Package
- Name
- thunderbird-l10n
- Purl
- pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-5