CVE-2007-6715 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6715): Mozilla Firefox allows remote attackers to cause a denial of service (crash) via crafted image, as demonstrated by the zzuf lol-firefox.gif test case.
this appears still to be unfixed
*** Bug 231614 has been marked as a duplicate of this bug. ***
It is at least fixed in 3.0.
So, what do we do here?
Thanks, fixed for long enough. Thanks!