You are here: Known Vulnerabilities in Mozilla Products (Thunderbird 0.9) > MFSA 2005-10

Mozilla Foundation Security Advisory 2005-10

Title: javascript: links in Thunderbird launch Internet Explorer
Severity: Moderate to Critical
Reporter: Tom Braun
Products: Thunderbird

Fixed in: Thunderbird 0.9


Clicking on javascript: links in Thunderbird launched the default handler for that scheme registered with the OS. On the Windows operating system Internet Explorer is the default handler for the javascript: scheme even when Firefox is the default browser.

The risk associated with this depends on vulnerabilities in the installed version of Internet Explorer.


Upgrade to the fixed version