New Search

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments which causes an invalid array index and triggers a buffer overflow.

oval:org.mitre.oval:def:9703

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments which causes an invalid array index and triggers a buffer overflow.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 4
  • Red Hat Enterprise Linux 4
  • Red Hat Enterprise Linux 3
  • CentOS Linux 4
  • CentOS Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2006-2778
Product(s):