+++ This bug was initially created as a clone of Bug #183537 +++ There exists a remotely exploitable code execution vulnerability in Thunderbird related to the order tags appear in an HTML document. It is possible for a malicious web page to execute arbitrary code as the user running Thunderbird. -- Additional comment from bressers on 2006-03-01 16:01 EST -- Created an attachment (id=125496) Proposed upstream patch This patch should apply to aviary 1.0.7 and mozilla 1.7.12
Lifting embargo
This was fixed in the update to thunderbird 1.0.8, but the bug was never updated. Marking closed now.