thunderbird/firefox is vulnerable to arbitrary code execution. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
support.avaya.com/css/P8/documents/100144854
support.avaya.com/css/P8/documents/100145333
www.mandriva.com/security/advisories?name=MDVSA-2011:111
www.mozilla.org/security/announce/2011/mfsa2011-19.html
www.redhat.com/support/errata/RHSA-2011-0885.html
www.redhat.com/support/errata/RHSA-2011-0886.html
www.redhat.com/support/errata/RHSA-2011-0887.html
www.redhat.com/support/errata/RHSA-2011-0888.html
access.redhat.com/errata/RHSA-2011:0886
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=597162
bugzilla.mozilla.org/show_bug.cgi?id=643839
bugzilla.mozilla.org/show_bug.cgi?id=643927
bugzilla.mozilla.org/show_bug.cgi?id=648022
bugzilla.mozilla.org/show_bug.cgi?id=648705
bugzilla.mozilla.org/show_bug.cgi?id=652401
bugzilla.mozilla.org/show_bug.cgi?id=653026
bugzilla.mozilla.org/show_bug.cgi?id=653238
bugzilla.mozilla.org/show_bug.cgi?id=654015
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14071