CVE-2006-2778 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Firefox
16 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
23.3%
top 4.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 2
Latest updateMay 1
Description
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
CVSS vector
AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9
Affected Packages5 packages
🔴Vulnerability Details
2📋Vendor Advisories
7💬Community
6Bugzilla▶
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-07-12
Bugzilla▶
CVE-2006-2779 multiple Thunderbird issues (CVE-2006-2780, CVE-2006-2781, CVE-2006-2783,CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-06-28
Bugzilla▶
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-06-27
Bugzilla▶
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-06-27