CVE-2007-5691

Publication date 29 October 2007

Last updated 24 July 2024

Description

ParseFTPList.cpp in Mozilla Firefox 2.0.0.7 allows remote FTP servers to cause a denial of service (application crash) via a crafted reply to an unspecified listing command, related to "reading from invalid pointer."

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
firefox	7.10 gutsy	Fixed 2.0.0.8+2nobinonly-0ubuntu1
	7.04 feisty	Fixed 2.0.0.8+1nobinonly-0ubuntu1
	6.10 edgy	Fixed 2.0.0.8+0dfsg-0ubuntu0.6.10
	6.06 LTS dapper	Fixed 1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

says 2.0.0.8 and higher is ok, but did not specify problem so don't know if dapper affected fixed in dapper per asac

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2007-5691