From MFSA 2008-12: Security research firm iDefense reported that researcher regenrecht discovered a heap-based buffer overflow vulnerability in Mozilla mail code which could potentially allow an attacker to run arbitrary code. The vulnerability is caused by allocating a buffer that can be three bytes too small in certain cases when viewing an email message with an external MIME body. Workaround: Users can prevent the vulnerable code from being triggered by setting the "mailnews.display.disallow_mime_handlers" property to any value greater than or equal to 3. Fixed in: Thunderbird 2.0.0.12 SeaMonkey 1.1.8 References: http://www.mozilla.org/security/announce/2008/mfsa2008-12.html https://bugzilla.mozilla.org/show_bug.cgi?id=412363 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=668
This issue was already addressed in Thunderbird and SeaMonkey packages shipped in Red Hat Enterprise Linux via following advisories: https://rhn.redhat.com/errata/RHSA-2008-0104.html https://rhn.redhat.com/errata/RHSA-2008-0105.html
thunderbird-2.0.0.12-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-2.0.0.12-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0104.html http://rhn.redhat.com/errata/RHSA-2008-0105.html Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-2118 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-2060 https://admin.fedoraproject.org/updates/F7/FEDORA-2008-1669 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-1459