Mozilla Thunderbird is vulnerable to Denial Of Service (DoS). Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could possibly lead to arbitrary code execution with the privileges of the user running Thunderbird.
blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird
downloads.avaya.com/css/P8/documents/100134543
downloads.avaya.com/css/P8/documents/100144158
www.debian.org/security/2011/dsa-2227
www.debian.org/security/2011/dsa-2228
www.debian.org/security/2011/dsa-2235
www.mandriva.com/security/advisories?name=MDVSA-2011:079
www.mandriva.com/security/advisories?name=MDVSA-2011:080
www.mozilla.org/security/announce/2011/mfsa2011-12.html
www.securityfocus.com/bid/47641
access.redhat.com/errata/RHSA-2011:0475
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=615147
bugzilla.mozilla.org/show_bug.cgi?id=634257
bugzilla.mozilla.org/show_bug.cgi?id=637621
bugzilla.mozilla.org/show_bug.cgi?id=637957
bugzilla.mozilla.org/show_bug.cgi?id=638236
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13866