ID CVE-2006-4567
Type cve
Reporter NVD
Modified 2018-10-17T17:37:51


Mozilla Firefox before and Thunderbird before makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update.