CVE-2006-1728
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.8%
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | mozilla_suite | * | cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:* |
| mozilla | seamonkey | * | cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
| canonical | ubuntu_linux | 4.10 | cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:* |
| canonical | ubuntu_linux | 5.04 | cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:* |
| canonical | ubuntu_linux | 5.10 | cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:* |
References
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
secunia.com/advisories/19631
secunia.com/advisories/19649
secunia.com/advisories/19696
secunia.com/advisories/19714
secunia.com/advisories/19721
secunia.com/advisories/19729
secunia.com/advisories/19746
secunia.com/advisories/19759
secunia.com/advisories/19780
secunia.com/advisories/19794
secunia.com/advisories/19811
secunia.com/advisories/19821
secunia.com/advisories/19823
secunia.com/advisories/19852
secunia.com/advisories/19862
secunia.com/advisories/19863
secunia.com/advisories/19902
secunia.com/advisories/19941
secunia.com/advisories/19950
secunia.com/advisories/20051
secunia.com/advisories/21033
secunia.com/advisories/21622
secunia.com/advisories/22065
secunia.com/advisories/22066
securitytracker.com/id?1015922
securitytracker.com/id?1015923
securitytracker.com/id?1015924
securitytracker.com/id?1015925
sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1
support.avaya.com/elmodocs2/security/ASA-2006-205.htm
www.debian.org/security/2006/dsa-1044
www.debian.org/security/2006/dsa-1046
www.debian.org/security/2006/dsa-1051
www.gentoo.org/security/en/glsa/glsa-200604-12.xml
www.gentoo.org/security/en/glsa/glsa-200604-18.xml
www.gentoo.org/security/en/glsa/glsa-200605-09.xml
www.kb.cert.org/vuls/id/932734
www.mandriva.com/security/advisories?name=MDKSA-2006:075
www.mandriva.com/security/advisories?name=MDKSA-2006:076
www.mandriva.com/security/advisories?name=MDKSA-2006:078
www.mozilla.org/security/announce/2006/mfsa2006-24.html
www.novell.com/linux/security/advisories/2006_04_25.html
www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
www.redhat.com/support/errata/RHSA-2006-0328.html
www.redhat.com/support/errata/RHSA-2006-0329.html
www.redhat.com/support/errata/RHSA-2006-0330.html
www.securityfocus.com/archive/1/434524/100/0/threaded
www.securityfocus.com/archive/1/436296/100/0/threaded
www.securityfocus.com/archive/1/436338/100/0/threaded
www.securityfocus.com/archive/1/438730/100/0/threaded
www.securityfocus.com/archive/1/446657/100/200/threaded
www.securityfocus.com/archive/1/446658/100/200/threaded
www.securityfocus.com/bid/17516
www.us-cert.gov/cas/techalerts/TA06-107A.html
www.vupen.com/english/advisories/2006/1356
www.vupen.com/english/advisories/2006/3391
www.vupen.com/english/advisories/2006/3748
www.vupen.com/english/advisories/2006/3749
www.vupen.com/english/advisories/2007/0058
www.vupen.com/english/advisories/2008/0083
exchange.xforce.ibmcloud.com/vulnerabilities/25812
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10508
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1698
usn.ubuntu.com/271-1/
usn.ubuntu.com/275-1/
usn.ubuntu.com/276-1/
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.8%