Mozilla Foundation Security Advisory 2010-06
Title: Scriptable plugin execution in SeaMonkey mail
Announced: March 16, 2010
Reporter: Georgi Guninski
Fixed in: SeaMonkey 1.1.19
Thunderbird was not affected by this issue.