CVE-2006-2778

2006-06-02T18:02:00
ID CVE-2006-2778
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:42:00

Description

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow. Fixed in: Firefox 1.5.0.4 Thunderbird 1.5.0.4 SeaMonkey 1.0.2