CVE-2006-2778
Summary
| CVE | CVE-2006-2778 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-02 18:02:00 UTC |
| Updated | 2018-10-18 16:42:00 UTC |
| Description | The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mozilla | Firefox | All | All | All | All |
| Application | Mozilla | Thunderbird | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| US-CERT Technical Cyber Security Alert TA06-153A -- Mozilla Products Contain Multiple Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| #102763: Multiple Security Vulnerabilites in Mozilla 1.7 for Solaris 8, 9, and 10 | SUNALERT | sunsolve.sun.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Gentoo Linux Documentation -- Mozilla Firefox: Multiple vulnerabilities | GENTOO | www.gentoo.org | |
| rhn.redhat.com | Red Hat Support | REDHAT | rhn.redhat.com | |
| Ubuntu update for mozilla-thunderbird - Advisories - Secunia | SECUNIA | secunia.com | |
| MFSA 2006-38: Buffer overflow in crypto.signText() | CONFIRM | www.mozilla.org | |
| SecurityFocus | HP | www.securityfocus.com | |
| Security Announcement | SUSE | www.novell.com | |
| Debian update for mozilla-thunderbird - Advisories - Secunia | SECUNIA | secunia.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| USN-296-1: firefox vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | |
| HP-UX update for firefox - Advisories - Secunia | SECUNIA | secunia.com | |
| SecurityFocus | HP | www.securityfocus.com | |
| Firefox Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | |
| Debian -- Security Information -- DSA-1134-1 mozilla-thunderbird | DEBIAN | www.debian.org | |
| SecurityTracker.com Archives - Mozilla Firefox Bugs Permit Arbitrary Code Execution, Cross-Site Scripting, and HTTP Response Smuggling | SECTRACK | securitytracker.com | |
| USN-297-3: Thunderbird vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| Gentoo Linux Documentation -- Mozilla Thunderbird: Multiple vulnerabilities | GENTOO | www.gentoo.org | |
| Advisories - Mandriva Linux | MANDRIVA | www.mandriva.com | |
| Debian -- Security Information -- DSA-1118-1 mozilla | DEBIAN | www.debian.org | |
| Red Hat update for seamonkey - Advisories - Secunia | SECUNIA | secunia.com | |
| Thunderbird Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| USN-297-1: Thunderbird vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | |
| Debian update for mozilla - Advisories - Secunia | SECUNIA | secunia.com | |
| Mandriva update for mozilla-firefox - Advisories - Secunia | SECUNIA | secunia.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Debian -- Security Information -- DSA-1120-1 mozilla-firefox | DEBIAN | www.debian.org | |
| USN-323-1: mozilla vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | |
| SecurityTracker.com Archives - Mozilla Thunderbird Bugs Permit Arbitrary Code Execution, Cross-Site Scripting, and HTTP Response Smuggling | SECTRACK | securitytracker.com | |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| rhn.redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| Mandriva update for mozilla-thunderbird - Advisories - Secunia | SECUNIA | secunia.com | |
| Debian update for mozilla-firefox - Advisories - Secunia | SECUNIA | secunia.com | |
| Mozilla Firefox, SeaMonkey, Camino, and Thunderbird Multiple Remote Vulnerabilities | BID | www.securityfocus.com | |
| HP-UX update for thunderbird - Advisories - Secunia | SECUNIA | secunia.com | |
| Gentoo update for mozilla-thunderbird - Advisories - Secunia | SECUNIA | secunia.com | |
| US-CERT Vulnerability Note VU#421529 | CERT-VN | www.kb.cert.org | US Government Resource |
| Advisories - Mandriva Linux | MANDRIVA | www.mandriva.com | |
| Advisories - Mandriva Linux | MANDRIVA | www.mandriva.com | |
| Ubuntu update for firefox - Advisories - Secunia | SECUNIA | secunia.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Red Hat update for seamonkey - Advisories - Secunia | SECUNIA | secunia.com | |
| USN-296-2: Firefox vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Red Hat update for thunderbird - Advisories - Secunia | SECUNIA | secunia.com | |
| Gentoo update for firefox - Advisories - Secunia | SECUNIA | secunia.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Red Hat update for firefox - Advisories - Secunia | SECUNIA | secunia.com | |
| Ubuntu update for mozilla - Advisories - Secunia | SECUNIA | secunia.com | |
| Red Hat update for seamonkey - Advisories - Secunia | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.