{"id":"MGASA-2016-0254","summary":"Updated thunderbird packages fix security vulnerability","details":"Multiple flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Thunderbird to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Thunderbird (CVE-2016-2805, CVE-2016-2807, CVE-2016-2818).\n\nThis update provides the next stable branch of Thunderbird, version 45.2.0.\n","modified":"2026-01-31T20:39:48.562625Z","published":"2016-07-14T20:33:59Z","related":["CVE-2016-2805","CVE-2016-2807","CVE-2016-2818"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0254.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=18616"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-49/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/thunderbird/45.0/releasenotes/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/thunderbird/45.1.0/releasenotes/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/thunderbird/45.1.1/releasenotes/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/thunderbird/45.2.0/releasenotes/"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2016-1041.html"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2016-1392.html"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"45.2.0-1.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0254.json"}},{"package":{"name":"thunderbird-l10n","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"45.2.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0254.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}