CVE-2006-6504
Publication date 20 December 2006
Last updated 24 July 2024
Ubuntu priority
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 7.10 gutsy |
Not affected
|
7.04 feisty |
Fixed 2.0.0.6+1-0ubuntu1
|
|
6.10 edgy |
Fixed 2.0.0.6+0dfsg-0ubuntu0.6.10
|
|
6.06 LTS dapper |
Fixed 1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1
|
|
firefox-3.0 | 7.10 gutsy |
Fixed 3.0~alpha7-0ubuntu6
|
7.04 feisty | Not in release | |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
iceape | 7.10 gutsy |
Fixed 1.1.4-1ubuntu2
|
7.04 feisty | Not in release | |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
lightning-sunbird | 7.10 gutsy |
Fixed 0.5-0ubuntu4
|
7.04 feisty | Not in release | |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
midbrowser | 7.10 gutsy |
Fixed 0.1.6b-0ubuntu2
|
7.04 feisty | Not in release | |
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release | |
xulrunner | 7.10 gutsy |
Fixed 1.8.0.10-3ubuntu1
|
7.04 feisty |
Fixed 1.8.0.10-3ubuntu1
|
|
6.10 edgy | Ignored end of life, was needed | |
6.06 LTS dapper | Not in release |