{"id":"MGASA-2016-0115","summary":"Updated thunderbird packages fix security vulnerabilities","details":"Several flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nThunderbird (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,\nCVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966).\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Thunderbird. A web page containing malicious content could cause it\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Thunderbird (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802).\n","modified":"2026-04-16T06:24:41.705691608Z","published":"2016-03-16T18:07:23Z","upstream":["CVE-2016-1952","CVE-2016-1954","CVE-2016-1957","CVE-2016-1960","CVE-2016-1961","CVE-2016-1964","CVE-2016-1966","CVE-2016-1974","CVE-2016-1977","CVE-2016-2790","CVE-2016-2791","CVE-2016-2792","CVE-2016-2793","CVE-2016-2794","CVE-2016-2795","CVE-2016-2796","CVE-2016-2797","CVE-2016-2798","CVE-2016-2799","CVE-2016-2800","CVE-2016-2801","CVE-2016-2802"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0115.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=18006"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/"},{"type":"WEB","url":"https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2016-0460.html"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"38.7.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0115.json"}},{"package":{"name":"thunderbird-l10n","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"38.7.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0115.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}