1. Home
  2. Security Advisories
  3. Mozilla
  4. MFSA-2016-93

[MFSA-2016-93] Security vulnerabilities fixed in Thunderbird 45.5

Severity Critical
Affected Packages 1
Fixed Packages 1
CVEs 7
Info Packages References Vulnerabilities

In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.

  • CVE-2016-5290: Memory safety bugs fixed in Thunderbird 45.5 (critical)
    Mozilla developers and community members Olli Pettay, Christian Holler, Ehsan Akhgari, Jon Coppeard, Gary Kwong, Tooru Fujisawa, Philipp, and Randell Jesup reported memory safety bugs present in Thunderbird ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

  • CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (moderate)
    A same-origin policy bypass with local shortcut files to load arbitrary local content from disk.

  • CVE-2016-5294: Arbitrary target directory for result files of update process (high)
    The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access.
    Note: this issue only affects Windows operating systems.

  • CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (critical)
    A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash.

  • CVE-2016-5297: Incorrect argument length checking in JavaScript (high)
    An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues.

  • CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (high)
    A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data.

  • CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (moderate)
    An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1.

Package Affected Version
pkg:mozilla/Thunderbird < 45.5
Package Fixed Version
pkg:mozilla/Thunderbird = 45.5
ID
MFSA-2016-93
Severity
critical
URL
https://www.mozilla.org/en-US/security/advisories/mfsa2016-93
Published
2016-11-18T00:00:00
(7 years ago)
Modified
2016-11-18T00:00:00
(7 years ago)
Other Advisories
Source # ID Name URL
Bugzilla 1309720 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1309720
Bugzilla 1297062 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1297062
Bugzilla 1303710 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1303710
Bugzilla 1018486 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1018486
Bugzilla 1292590 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1292590
Bugzilla 1301343 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1301343
Bugzilla 1301496 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1301496
Bugzilla 1308048 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1308048
Bugzilla 1308346 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1308346
Bugzilla 1299519 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1299519
Bugzilla 1286911 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1286911
Bugzilla 1298169 Memory safety bugs fixed in in Thunderbird ESR 45.5 https://bugzilla.mozilla.org/show_bug.cgi?id=1298169
Bugzilla 1292159 https://bugzilla.mozilla.org/show_bug.cgi?id=1292159
Bugzilla 1246972 https://bugzilla.mozilla.org/show_bug.cgi?id=1246972
Bugzilla 1292443 https://bugzilla.mozilla.org/show_bug.cgi?id=1292443
Bugzilla 1303678 https://bugzilla.mozilla.org/show_bug.cgi?id=1303678
Bugzilla 1299686 https://bugzilla.mozilla.org/show_bug.cgi?id=1299686
Bugzilla 1293334 https://bugzilla.mozilla.org/show_bug.cgi?id=1293334
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:mozilla/Thunderbird Thunderbird < 45.5
Fixed pkg:mozilla/Thunderbird Thunderbird = 45.5
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date