This indicates a possible exploit of a buffer-underflow vulnerability in the SSLv2 support in Mozilla Network Security Services (NSS).
This vulnerability is due to a buffer-underflow error in the Network Security Services (NSS) when processing a certificate with a public key that is too small to encrypt the "Master Secret". This error also occurs when handling invalid parameters while negotiating an SSLv2 session. A remote attacker may exploit this to execute arbitrary code.
Mozilla Thunderbird versions prior to 188.8.131.52
System compromise: Remote code execution.
Upgrade to Network Security Services (NSS) version 3.11.5: