A number of fixes were issued on Wednesday for security vulnerabilities in Thunderbird 45.6, a free email application offered by Mozilla, the company behind the Firefox web browser.
Three of the flaws were rated critical and six high. The open source, cross-platform email, news and chat client was developed by the company's parent organisation, the Mozilla Foundation.
In its advisory, the company said the flaws were not exploitable through email in the Thunderbird app "because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts."
One critical upgrade, CVE-2016-9899, patches a flaw affecting "use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption."