A vulnerability has been discovered in Mozilla Thunderbird, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an array indexing error when processing floating point numbers. This can be exploited to corrupt memory via e.g. a specially crafted iCalendar file processed by the Lightning add-on or a specially crafted web page viewed through the ThunderBrowse add-on.
Successful exploitation may allow execution of arbitrary code.
This is related to vulnerability #1 in: SA36711
The vulnerability is confirmed in version 22.214.171.124. Other versions may also be affected.