Red Hat Security Advisory 2013-0982-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. It was found that Thunderbird allowed data to be sent in the body of XMLHttpRequest HEAD requests. In some cases this could allow attackers to conduct Cross-Site Request Forgery attacks.
91f56531f39853c2f2a1ca750e63373cbb3dcd514af9628c72e9ad093402a100