MGASA-2015-0492
Advisory lineage Upstream: 5 Downstream: 0
Published: 28 Dec 2015, 19:23
Last modified:16 Apr 2026, 06:22
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
28 Dec 2015, 19:23
Published
Vulnerability first disclosed
16 Apr 2026, 06:22
Last Modified
Vulnerability information updated
Description
Updated thunderbird packages fix security vulnerabilities Updated thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2015-7201, CVE-2015-7205, CVE-2015-7210, CVE-2015-7212, CVE-2015-7213, CVE-2015-7222). A flaw was found in the way Thunderbird handled content using the 'data:' and 'view-source:' URIs. An attacker could use this flaw to bypass the same-origin policy and read data from cross-site URLs and local files (CVE-2015-7214).
Affected Systems
- mageia•thunderbird
< 38.5.0-1.mga5
- mageia•thunderbird-l10n
< 38.5.0-1.mga5
References (9)
- https://advisories.mageia.org/MGASA-2015-0492.html
- https://bugs.mageia.org/show_bug.cgi?id=17386
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-134/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-139/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-145/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-146/
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-149/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
- https://rhn.redhat.com/errata/RHSA-2015-2657.html