Versions of Thunderbird earlier than 3.0.5 are potentially affected by multiple vulnerabilities :
A re-use of a freed object due to scope confusion. (MFSA 2010-25)
Multiple crashes can result in arbitrary code execution. (MFSA 2010-26)
A heap buffer overflow in nsGenericDOMDataNode::SetTextInternal. (MFSA 2010-29)
An integer overflow in XSLT node sorting. (MFSA 2010-30)
Binary data 801275.prm
.mozilla.org/security/announce/2010/mfsa2010-25.html
.mozilla.org/security/announce/2010/mfsa2010-26.html
.mozilla.org/security/announce/2010/mfsa2010-29.html
.mozilla.org/security/announce/2010/mfsa2010-30.html
.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.5
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1196
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1199
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1200
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1201
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1202
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1203