Remote Code Execution in Mozilla Firefox and Thunderbird
CVE-2006-1728

Currently unrated

Key Information:

Vendor
Mozilla
Status
Mozilla Suite
Thunderbird
Seamonkey
Firefox
Vendor
CVE Published:
14 April 2006

Summary

The vulnerability affects multiple versions of Mozilla Firefox and Thunderbird, where improper validation in the crypto.generateCRMFRequest method can be exploited by remote attackers. This flaw could allow attackers to execute arbitrary code on the user's system through unknown vectors, posing a significant risk to users who have not updated their software to patched versions.

References

https://usn.ubuntu.com/275-1/
vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2006/3748
vdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2006-0330.html
vendor-advisoryx_refsource_REDHAT

EPSS Score

29% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2006-1728 : Remote Code Execution in Mozilla Firefox and Thunderbird | SecurityVulnerability.io