NVD

Id
61463  
Name
CVE-2006-2778  
Description
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-06-02  
Modified Date
2011-03-07  
Seq
2006-2778  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
317697 61463 CVE-2006-2778 oval:org.mitre.oval:def:9703  View
317698 61463 CVE-2006-2778 RHSA-2006:0609  View
317699 61463 CVE-2006-2778 1016202  View
317700 61463 CVE-2006-2778 1016214  View
317701 61463 CVE-2006-2778 102763  View
317702 61463 CVE-2006-2778 DSA-1118  View
317703 61463 CVE-2006-2778 DSA-1120  View
317704 61463 CVE-2006-2778 DSA-1134  View
317705 61463 CVE-2006-2778 GLSA-200606-12  View
317706 61463 CVE-2006-2778 GLSA-200606-21  View
317707 61463 CVE-2006-2778 VU#421529  View
317708 61463 CVE-2006-2778 MDKSA-2006:143  View
317709 61463 CVE-2006-2778 MDKSA-2006:145  View
317710 61463 CVE-2006-2778 MDKSA-2006:146  View
317711 61463 CVE-2006-2778 http://www.mozilla.org/security/announce/2006/mfsa2006-38.html  View
317712 61463 CVE-2006-2778 SUSE-SA:2006:035  View
317713 61463 CVE-2006-2778 RHSA-2006:0578  View
317714 61463 CVE-2006-2778 RHSA-2006:0594  View
317715 61463 CVE-2006-2778 RHSA-2006:0610  View
317716 61463 CVE-2006-2778 RHSA-2006:0611  View
317717 61463 CVE-2006-2778 20060602 rPSA-2006-0091-1 firefox thunderbird  View
317718 61463 CVE-2006-2778 HPSBUX02156  View
317719 61463 CVE-2006-2778 SSRT061181  View
317720 61463 CVE-2006-2778 18228  View
317721 61463 CVE-2006-2778 USN-296-1  View
317722 61463 CVE-2006-2778 USN-296-2  View
317723 61463 CVE-2006-2778 USN-297-1  View
317724 61463 CVE-2006-2778 USN-297-3  View
317725 61463 CVE-2006-2778 USN-323-1  View
317726 61463 CVE-2006-2778 TA06-153A  View
317727 61463 CVE-2006-2778 ADV-2006-2106  View
317728 61463 CVE-2006-2778 ADV-2006-3748  View
317729 61463 CVE-2006-2778 ADV-2006-3749  View
317730 61463 CVE-2006-2778 ADV-2007-0058  View
317731 61463 CVE-2006-2778 ADV-2008-0083  View
317732 61463 CVE-2006-2778 mozilla-crypto-signtext-bo(26849)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58122 JVNDB-2006-000318 Mozilla 製品の crypto.signText() 関数におけるバッファオーバーフローの脆弱性 Mozilla 製品には、crypto.signText() 関数において、配列インデックスの処理が不適切なため、オプションとして特定の認証局の名前が引数として渡された場合にバッファオーバーフローが発生する問題が存在します。 CVE-2006-2778 18880 CVE-2006-2778 61463 5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000318.html 2006-06-01 2007-04-01 View