thunderbird is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML mail content An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird.
lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html
lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html
secunia.com/advisories/34137
secunia.com/advisories/34137
secunia.com/advisories/34140
secunia.com/advisories/34140
secunia.com/advisories/34145
secunia.com/advisories/34145
secunia.com/advisories/34272
secunia.com/advisories/34272
secunia.com/advisories/34324
secunia.com/advisories/34324
secunia.com/advisories/34383
secunia.com/advisories/34383
secunia.com/advisories/34417
secunia.com/advisories/34417
support.avaya.com/elmodocs2/security/ASA-2009-069.htm
support.avaya.com/elmodocs2/security/ASA-2009-069.htm
support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document
support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document
www.debian.org/security/2009/dsa-1751
www.debian.org/security/2009/dsa-1751
www.mandriva.com/security/advisories?name=MDVSA-2009:075
www.mandriva.com/security/advisories?name=MDVSA-2009:075
www.mozilla.org/security/announce/2009/mfsa2009-08.html
www.mozilla.org/security/announce/2009/mfsa2009-08.html
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2009-0258.html
www.redhat.com/support/errata/RHSA-2009-0258.html
www.redhat.com/support/errata/RHSA-2009-0315.html
www.redhat.com/support/errata/RHSA-2009-0315.html
www.redhat.com/support/errata/RHSA-2009-0325.html
www.redhat.com/support/errata/RHSA-2009-0325.html
www.securityfocus.com/bid/33990
www.securityfocus.com/bid/33990
www.securitytracker.com/id?1021796
www.securitytracker.com/id?1021796
www.vupen.com/english/advisories/2009/0632
www.vupen.com/english/advisories/2009/0632
access.redhat.com/errata/RHSA-2009:0258
bugzilla.mozilla.org/show_bug.cgi?id=474456
bugzilla.mozilla.org/show_bug.cgi?id=474456
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5806
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5806
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5816
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5816
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6207
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6207
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7584
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7584
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9681
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9681
www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html
www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html