Description
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Thunderbird to crash or,
potentially, execute arbitrary code with the privileges of the user
running Thunderbird (CVE-2015-4513, CVE-2015-7189, CVE-2015-7197,
CVE-2015-7198, CVE-2015-7199, CVE-2015-7200).
A same-origin policy bypass flaw was found in the way Thunderbird handled
certain cross-origin resource sharing (CORS) requests. A web page
containing malicious content could cause Thunderbird to disclose sensitive
information (CVE-2015-7193).