Mozilla plugs Thunderbird holes

Update to open-source e-mail client deals with several security problems, some serious.

Joris Evers
Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.

Mozilla on Thursday released an update to its Thunderbird e-mail application to fix several security problems. Thunderbird 1.0.7 "is a security and stability update," Mozilla said on its Web site. The e-mail client is available for Windows, Linux and Mac OS X.

Mozilla had already released 1.0.7 versions of its Firefox Web browser and the Mozilla Suite to deal with some of the same bugs. One of the problems fixed in the Thunderbird update is a Linux command line URL parsing security flaw that Secunia has rated "extremely critical". The vulnerability could allow an attacker run malicious code on a vulnerable system, the security monitoring company said.