Tom Braun

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 0.9 **Description** The issue arises when Thunderbird, running on Windows systems, processes javascript: links. It uses the default handler, which invokes Internet Explorer. This may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer installed on the user's system. **Recommendations** For Thunderbird versions prior to 0.9, consider updating to a version that properly handles javascript: links without invoking Internet Explorer, or restrict the use of javascript: links in Thunderbird until a proper fix is available.