<mail-client/mozilla-thunderbird 2.0.0.24 Multiple vulnerabilities
CVE-2010-0163 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0163): Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted message, related to message indexing.
No vulnerable versions are in the tree.
Vote: YES. Added to pending GLSA request.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).