usn-2904-1
Vulnerability from osv_ubuntu
Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. (CVE-2015-7575)
Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitary code with the privileges of the user invoking Thunderbird. (CVE-2016-1523)
Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1930)
Aki Helin discovered a buffer overflow when rendering WebGL content in some circumstances. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2016-1935)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2015-7575",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-1523",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-1930",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-1935",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "thunderbird",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-globalmenu",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-gnome-support",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-mozsymbols",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "thunderbird-testsuite",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-calendar-timezones",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-gdata-provider",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
},
{
"binary_name": "xul-ext-lightning",
"binary_version": "1:38.6.0+build1-0ubuntu0.14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "thunderbird",
"purl": "pkg:deb/ubuntu/thunderbird@1:38.6.0+build1-0ubuntu0.14.04.1?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:38.6.0+build1-0ubuntu0.14.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:24.0+build1-0ubuntu1",
"1:24.0+build1-0ubuntu2",
"1:24.1.1+build1-0ubuntu0.13.10.1",
"1:24.1.1+build1-0ubuntu1",
"1:24.2.0+build1-0ubuntu1",
"1:24.4.0+build1-0ubuntu1",
"1:24.5.0+build1-0ubuntu0.14.04.1",
"1:24.6.0+build1-0ubuntu0.14.04.1",
"1:31.0+build1-0ubuntu0.14.04.1",
"1:31.1.1+build1-0ubuntu0.14.04.1",
"1:31.1.2+build1-0ubuntu0.14.04.1",
"1:31.2.0+build2-0ubuntu0.14.04.1",
"1:31.3.0+build1-0ubuntu0.14.04.1",
"1:31.4.0+build1-0ubuntu0.14.04.1",
"1:31.5.0+build1-0ubuntu0.14.04.1",
"1:31.6.0+build1-0ubuntu0.14.04.1",
"1:31.7.0+build1-0ubuntu0.14.04.1",
"1:31.8.0+build1-0ubuntu0.14.04.1",
"1:38.2.0+build1-0ubuntu0.14.04.1",
"1:38.3.0+build1-0ubuntu0.14.04.1",
"1:38.4.0+build3-0ubuntu0.14.04.1",
"1:38.5.1+build2-0ubuntu0.14.04.1"
]
}
],
"aliases": [],
"details": "Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly\nallowed MD5 to be used for TLS 1.2 connections. If a remote attacker were\nable to perform a machine-in-the-middle attack, this flaw could be exploited to\nview sensitive information. (CVE-2015-7575)\n\nYves Younan discovered that graphite2 incorrectly handled certain malformed\nfonts. If a user were tricked into opening a specially crafted website in a\nbrowsing context, an attacker could potentially exploit this to cause a\ndenial of service via application crash, or execute arbitary code with the\nprivileges of the user invoking Thunderbird. (CVE-2016-1523)\n\nBob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman,\nCarsten Book, and Randell Jesup discovered multiple memory safety issues\nin Thunderbird. If a user were tricked in to opening a specially crafted\nwebsite in a browsing context, an attacker could potentially exploit these\nto cause a denial of service via application crash, or execute arbitrary\ncode with the privileges of the user invoking Thunderbird. (CVE-2016-1930)\n\nAki Helin discovered a buffer overflow when rendering WebGL content in\nsome circumstances. If a user were tricked in to opening a specially\ncrafted website in a browsing context, an attacker could potentially\nexploit this to cause a denial of service via application crash, or\nexecute arbitrary code with the privileges of the user invoking\nThunderbird. (CVE-2016-1935)\n",
"id": "USN-2904-1",
"modified": "2026-04-22T07:36:33Z",
"published": "2016-03-08T12:13:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-2904-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2015-7575"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-1523"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-1930"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-1935"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "thunderbird vulnerabilities",
"upstream": [
"UBUNTU-CVE-2015-7575",
"UBUNTU-CVE-2016-1523",
"UBUNTU-CVE-2016-1930",
"UBUNTU-CVE-2016-1935"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.