Mozilla Foundation Security Advisory 2010-07
Title: Fixes for potentially exploitable crashes ported to the legacy branch
Announced: March 16, 2010
Reporter: Mozilla developers and community
Products: Thunderbird, SeaMonkey
Fixed in: Thunderbird 18.104.22.168
Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be utilized by Thunderbird 2 and SeaMonkey 1.1.
Paul Fisher reported a crash when joined to an Active Directory server under Vista or Windows 7 and using SSPI authentication.
Ludovic Hirlimann reported a crash indexing some messages with attachments
Josh Soref reported a crash in the BinHex decoder used on non-Mac platforms.
monarch2000 reported an integer overflow in a base64 decoding function