thunderbird is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird.
lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html
lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html
rhn.redhat.com/errata/RHSA-2009-0256.html
secunia.com/advisories/33799
secunia.com/advisories/33802
secunia.com/advisories/33808
secunia.com/advisories/33809
secunia.com/advisories/33816
secunia.com/advisories/33831
secunia.com/advisories/33841
secunia.com/advisories/33846
secunia.com/advisories/33869
secunia.com/advisories/34324
secunia.com/advisories/34387
secunia.com/advisories/34417
secunia.com/advisories/34462
secunia.com/advisories/34464
secunia.com/advisories/34527
slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420
slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952
support.avaya.com/elmodocs2/security/ASA-2009-040.htm
www.debian.org/security/2009/dsa-1830
www.mandriva.com/security/advisories?name=MDVSA-2009:044
www.mandriva.com/security/advisories?name=MDVSA-2009:083
www.mozilla.org/security/announce/2009/mfsa2009-01.html
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2009-0257.html
www.redhat.com/support/errata/RHSA-2009-0258.html
www.securityfocus.com/bid/33598
www.securitytracker.com/id?1021663
www.ubuntu.com/usn/usn-717-1
www.vupen.com/english/advisories/2009/0313
access.redhat.com/errata/RHSA-2009:0258
bugzilla.mozilla.org/show_bug.cgi?id=331088
bugzilla.mozilla.org/show_bug.cgi?id=401042
bugzilla.mozilla.org/show_bug.cgi?id=416461
bugzilla.mozilla.org/show_bug.cgi?id=420697
bugzilla.mozilla.org/show_bug.cgi?id=421839
bugzilla.mozilla.org/show_bug.cgi?id=422283
bugzilla.mozilla.org/show_bug.cgi?id=422301
bugzilla.mozilla.org/show_bug.cgi?id=431705
bugzilla.mozilla.org/show_bug.cgi?id=437142
bugzilla.mozilla.org/show_bug.cgi?id=449006
bugzilla.mozilla.org/show_bug.cgi?id=461027
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10699
usn.ubuntu.com/741-1/
www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html
www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html
www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html