Mozilla has released Thunderbird 2.0.0.12 which fixes a remote exploitation of a vulnerability that allows an attacker to execute arbitrary code on Linux and Windows.
The vulnerability exists when parsing an e-mail if the "Preview" pane is turned on, which is the default. Then all a targeted user has to do is select the message in the browsing pane. Once the message is previewed, the vulnerability will be triggered, resulting in the execution of arbitrary code with the privileges of the current user.
3 Comments - Add comment