MGASA-2015-0462
Advisory lineage Upstream: 7 Downstream: 0
Published: 27 Nov 2015, 23:11
Last modified:16 Apr 2026, 06:22
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
27 Nov 2015, 23:11
Published
Vulnerability first disclosed
16 Apr 2026, 06:22
Last Modified
Vulnerability information updated
Description
Updated thunderbird packages fix security vulnerability Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2015-4513, CVE-2015-7189, CVE-2015-7197, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200). A same-origin policy bypass flaw was found in the way Thunderbird handled certain cross-origin resource sharing (CORS) requests. A web page containing malicious content could cause Thunderbird to disclose sensitive information (CVE-2015-7193).
Affected Systems
- mageia•thunderbird
< 38.4.0-1.mga5
- mageia•thunderbird-l10n
< 38.4.0-1.mga5
References (9)
- https://advisories.mageia.org/MGASA-2015-0462.html
- https://bugs.mageia.org/show_bug.cgi?id=17234
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
- https://rhn.redhat.com/errata/RHSA-2015-2519.html