CVE-2006-6498

Publication date 20 December 2006

Last updated 24 July 2024


Ubuntu priority

Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown impact and attack vectors.

Status

Package Ubuntu Release Status
firefox 7.10 gutsy
Not affected
7.04 feisty
Fixed 2.0.0.6+1-0ubuntu1
6.10 edgy
Fixed 2.0.0.6+0dfsg-0ubuntu0.6.10
6.06 LTS dapper
Fixed 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
firefox-3.0 7.10 gutsy
Fixed 3.0~alpha7-0ubuntu6
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
iceape 7.10 gutsy
Fixed 1.1.4-1ubuntu2
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
lightning-sunbird 7.10 gutsy
Fixed 0.5-0ubuntu4
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
midbrowser 7.10 gutsy
Fixed 0.1.6b-0ubuntu2
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release
mozilla-thunderbird 7.10 gutsy Not in release
7.04 feisty
Fixed 1.5.0.13-0ubuntu0.7.04
6.10 edgy
Fixed 1.5.0.13-0ubuntu0.6.10
6.06 LTS dapper
Fixed 1.5.0.13-0ubuntu0.6.06
xulrunner 7.10 gutsy
Fixed 1.8.0.10-3ubuntu1
7.04 feisty
Fixed 1.8.0.10-3ubuntu1
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Not in release

References

Related Ubuntu Security Notices (USN)

    • USN-400-1
    • Thunderbird vulnerabilities
    • 5 January 2007
    • USN-398-2
    • Firefox vulnerabilities
    • 3 January 2007
    • USN-398-1
    • Firefox vulnerabilities
    • 3 January 2007

Other references