CVE-2005-0148

Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 0.9

Description The issue arises when Thunderbird, running on Windows systems, processes javascript: links. It uses the default handler, which invokes Internet Explorer. This may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer installed on the user's system.

Recommendations For Thunderbird versions prior to 0.9, consider updating to a version that properly handles javascript: links without invoking Internet Explorer, or restrict the use of javascript: links in Thunderbird until a proper fix is available.