{"id":"MGASA-2016-0409","summary":"Updated thunderbird packages fix security vulnerabilities","details":"A heap-buffer-overflow in Cairo when processing SVG content caused by\ncompiler optimization, resulting in a potentially exploitable crash\n(CVE-2016-5296).\n\nThe Mozilla Updater can be made to choose an arbitrary target working\ndirectory for output files resulting from the update process. This\nvulnerability requires local system access (CVE-2016-5294).\n\nAn error in argument length checking in JavaScript, leading to potential\ninteger overflows or other bounds checking issues (CVE-2016-5297).\n\nA buffer overflow resulting in a potentially exploitable crash due to\nmemory allocation issues when handling large amounts of incoming data\n(CVE-2016-9066).\n\nA same-origin policy bypass with local shortcut files to load arbitrary\nlocal content from disk (CVE-2016-5291).\n\nMozilla developers and community members Olli Pettay, Christian Holler,\nEhsan Akhgari, Jon Coppeard, Gary Kwong, Tooru Fujisawa, Philipp, and\nRandell Jesup reported memory safety bugs present in Thunderbird ESR\n45.4. Some of these bugs showed evidence of memory corruption and we\npresume that with enough effort that some of these could be exploited to\nrun arbitrary code (CVE-2016-5290).\n\nA use-after-free vulnerability in SVG Animation has been discovered. An\nexploit built on this vulnerability has been discovered in the wild\ntargeting Firefox and Tor Browser users on Windows (CVE-2016-9079).\n","modified":"2026-04-16T01:45:12.935767981Z","published":"2016-12-05T21:49:27Z","upstream":["CVE-2016-5290","CVE-2016-5291","CVE-2016-5294","CVE-2016-5296","CVE-2016-5297","CVE-2016-9066","CVE-2016-9079"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0409.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19815"},{"type":"WEB","url":"https://www.mozilla.org/en-US/thunderbird/45.5.0/releasenotes/"},{"type":"WEB","url":"https://www.mozilla.org/en-US/thunderbird/45.5.1/releasenotes/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2016-2825.html"}],"affected":[{"package":{"name":"thunderbird","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"45.5.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0409.json"}},{"package":{"name":"thunderbird-l10n","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"45.5.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0409.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}