Canonical has shared some details about a number of Thunderbird vulnerabilities identified in its Ubuntu 14.04 LTS and Ubuntu 12.04 LTS operating systems, and the devs have pushed a new version into the repositories.
The Thunderbird email client was updated a couple of days ago and the new version has landed pretty quickly in the Ubuntu repos. This means that it should be available when users update their systems.
For example, “Abhishek Arya discovered a use-after-free during DOM interactions with SVG. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird,” reads the announcement.
Submitted by: Silviu Stahie