Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems: Dan Kaminsky and Moxie Marlinspike discovered that icedove does not properly handle a "\0" character in a domain name in the subject"s Common Name field of an X.509 certificate . Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names . monarch2020 discovered an integer overflow in a base64 decoding function . Josh Soref discovered a crash in the BinHex decoder . Carsten Book reported a crash in the JavaScript engine . Ludovic Hirlimann reported a crash indexing some messages with attachments, which could lead to the execution of arbitrary code .