Number: AV16-210
Date: 29 December 2016
Purpose
The purpose of this advisory is to raise awareness of multiple vulnerabilities in Mozilla ThunderBird for which an upgrade his now available.
Assessment
Mozilla released a security update to address multiple vulnerabilities in ThunderBird. The severity of these issues ranges from high to critical.
Version affected:
ThunderBird version prior to 45.6
CVE References:
Critical: CVE-2016-9893, CVE-2016-9899
High: CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9900, CVE-2016-9904, CVE-2016-9905
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
https://www.mozilla.org/en-US/security/advisories/mfsa2016-96/