Security Update for Mozilla Mail Products
Jun 24, 2009
Security fixes address a few vulnerabilities in Mozilla Thunderbird and SeaMonkey.
Mozilla Foundation Security Advisory MFSA-2009-33 reports security problems in Thunderbird mailer and mail components in the SeaMonkey suite. Crashes could occur from viewing messages with a multipart/alternative content type with a text/enhanced part, leading to a possible exploitation. Mozilla considers the impact "high."
An update for Thunderbird 2.0.0.22 solves this problem along with a few others of lesser impact. SeaMonkey users should resort to a 1.1.17 download, as this version resolves three other vulnerabilities of a "critical" impact. Among them are a crash with a memory corruption and JavaScript code given too high a privilege.