CVE-2006-2788 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Firefox
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer15 documents6 sources
Severity
7.5HIGHNVD
EPSS
8.3%
top 7.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 2
Latest updateMay 1
Description
Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4
Affected Packages2 packages
Patches
🔴Vulnerability Details
1GHSA▶
GHSA-5g7c-rmr5-h878: Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibl↗2022-05-01
📋Vendor Advisories
5💬Community
8Bugzilla▶
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-07-12
Bugzilla▶
CVE-2006-2779 multiple Thunderbird issues (CVE-2006-2780, CVE-2006-2781, CVE-2006-2783,CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-06-28
Bugzilla▶
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-06-27
Bugzilla▶
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)↗2006-06-27