CVE-2006-4571

Name	CVE-2006-4571
Description	Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and possibly large images or plugin data.
Source	CVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
References	DSA-1191-1, DSA-1192-1, DSA-1210
NVD severity	high (attack range: remote)
Debian/oldstable	not known to be vulnerable.
Debian/stable	not vulnerable.
Debian/testing	not known to be vulnerable.
Debian/unstable	not known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
xulrunner (PTS)	wheezy, wheezy (security)	24.8.1esr-2~deb7u1	fixed

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin
firefox	source	(unstable)	1.5.dfsg+1.5.0.7-1	high
mozilla	source	(unstable)	(unfixed)	high
mozilla	source	sarge	2:1.7.8-1sarge7.3.1	high	DSA-1192-1
mozilla-firefox	source	sarge	1.0.4-2sarge12	high	DSA-1210
mozilla-thunderbird	source	sarge	1.0.2-2.sarge1.0.8c.1	high	DSA-1191-1
thunderbird	source	(unstable)	1.5.0.7-1	high
xulrunner	source	(unstable)	1.8.0.7-1	high

MFSA-2006-64