Launchpad.net

CVE 2006-6503

Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript: URI.

Related bugs and status

CVE-2006-6503 (Candidate) is related to these bugs:

Bug #76606: Update Firefox to 2.0.0.1

Summary				In	Importance	Status
	76606	Update Firefox to 2.0.0.1		firefox (Ubuntu)	Undecided	Fix Released

Bug #76682: Please update mozilla-thunderbird

Summary				In	Importance	Status
	76682	Please update mozilla-thunderbird		mozilla-thunderbird (Ubuntu)	Undecided	Fix Released

Bug #77334: Security Update (Firefox)2.0.0.1 is out - since Dec19 - merge for Edgy required

Summary				In	Importance	Status
	77334	Security Update (Firefox)2.0.0.1 is out - since Dec19 - merge for Edgy required		firefox (Ubuntu)	Undecided	Fix Released

Bug #78587: please sync xulrunner 1.8.0.9-1 from Debian unstable (main)

Summary				In	Importance	Status
	78587	please sync xulrunner 1.8.0.9-1 from Debian unstable (main)		xulrunner (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2006-6503

Related bugs and status

Related bugs

References