CVE-2006-4340

Severity Score

4.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates, a similar vulnerability to CVE-2006-4339. NOTE: on 20061107, Mozilla released an advisory stating that these versions were not completely patched by MFSA2006-60. The newer fixes for 1.5.0.7 are covered by CVE-2006-5462.

La librería Mozilla Network Security Service (NSS) anterior a 3.11.3, usada en Mozilla Firefox anterior a 1.5.0.7, Thunderbird anterior a 1.5.0.7, y SeaMonkey anterior a 1.0.5, cuando se usa una llave RSA con exponente 3, no maneja correctamente los datos en una firma, lo que permite a atacantes remotos falsificar firmas para SSL/TLS y certificados de correo electrónico; una vulnerabilidad muy similar a la CVE-2006-4339. NOTA: el 7/11/2006, Mozilla publicó un aviso afirmando que estas versiones no estaban completamente parcheadas por MFSA2006-60. Las nuevas correcciones para 1.5.0.7 se tratan en CVE-2006-5462.

*Credits: N/A

CVSS Scores

NISTv2 4.0

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-08-24 CVE Reserved
2006-09-15 CVE Published
2024-02-08 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (75)

URL	Tag	Source
http://secunia.com/advisories/22044	Third Party Advisory
http://secunia.com/advisories/22056	Third Party Advisory
http://secunia.com/advisories/22066	Third Party Advisory
http://secunia.com/advisories/22195	Third Party Advisory
http://secunia.com/advisories/22849	Third Party Advisory
http://secunia.com/advisories/22992	Third Party Advisory
http://secunia.com/advisories/23883	Third Party Advisory
http://secunia.com/advisories/24711	Third Party Advisory
http://securitytracker.com/id?1016858	Vdb Entry
http://securitytracker.com/id?1016859	Vdb Entry
http://securitytracker.com/id?1016860	Vdb Entry
http://support.avaya.com/elmodocs2/security/ASA-2006-224.htm	X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-250.htm	X_refsource_confirm
http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html	Mailing List
http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere	X_refsource_misc
http://www.mozilla.org/security/announce/2006/mfsa2006-60.html	X_refsource_confirm
http://www.mozilla.org/security/announce/2006/mfsa2006-66.html	X_refsource_misc
http://www.securityfocus.com/archive/1/446140/100/0/threaded	Mailing List
http://www.us-cert.gov/cas/techalerts/TA06-312A.html	Third Party Advisory
http://www.vupen.com/english/advisories/2006/3617	Vdb Entry
http://www.vupen.com/english/advisories/2006/3622	Vdb Entry
http://www.vupen.com/english/advisories/2006/3748	Vdb Entry
http://www.vupen.com/english/advisories/2006/3899	Vdb Entry
http://www.vupen.com/english/advisories/2007/0293	Vdb Entry
http://www.vupen.com/english/advisories/2007/1198	Vdb Entry
http://www.vupen.com/english/advisories/2008/0083	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/30098	Vdb Entry
https://issues.rpath.com/browse/RPL-640	X_refsource_confirm
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11007	Signature

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/21906	2023-11-07
http://secunia.com/advisories/21949	2023-11-07
http://www.redhat.com/support/errata/RHSA-2006-0676.html	2023-11-07
http://www.redhat.com/support/errata/RHSA-2006-0677.html	2023-11-07

URL	Date	SRC
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc	2023-11-07
http://secunia.com/advisories/21903	2023-11-07
http://secunia.com/advisories/21915	2023-11-07
http://secunia.com/advisories/21916	2023-11-07
http://secunia.com/advisories/21939	2023-11-07
http://secunia.com/advisories/21940	2023-11-07
http://secunia.com/advisories/21950	2023-11-07
http://secunia.com/advisories/22001	2023-11-07
http://secunia.com/advisories/22025	2023-11-07
http://secunia.com/advisories/22036	2023-11-07
http://secunia.com/advisories/22055	2023-11-07
http://secunia.com/advisories/22074	2023-11-07
http://secunia.com/advisories/22088	2023-11-07
http://secunia.com/advisories/22210	2023-11-07
http://secunia.com/advisories/22226	2023-11-07
http://secunia.com/advisories/22247	2023-11-07
http://secunia.com/advisories/22274	2023-11-07
http://secunia.com/advisories/22299	2023-11-07
http://secunia.com/advisories/22342	2023-11-07
http://secunia.com/advisories/22422	2023-11-07
http://secunia.com/advisories/22446	2023-11-07
http://security.gentoo.org/glsa/glsa-200609-19.xml	2023-11-07
http://security.gentoo.org/glsa/glsa-200610-01.xml	2023-11-07
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1	2023-11-07
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1	2023-11-07
http://www.debian.org/security/2006/dsa-1192	2023-11-07
http://www.debian.org/security/2006/dsa-1210	2023-11-07
http://www.gentoo.org/security/en/glsa/glsa-200610-06.xml	2023-11-07
http://www.mandriva.com/security/advisories?name=MDKSA-2006:168	2023-11-07
http://www.mandriva.com/security/advisories?name=MDKSA-2006:169	2023-11-07
http://www.novell.com/linux/security/advisories/2006_54_mozilla.html	2023-11-07
http://www.novell.com/linux/security/advisories/2006_55_ssl.html	2023-11-07
http://www.redhat.com/support/errata/RHSA-2006-0675.html	2023-11-07
http://www.ubuntu.com/usn/usn-350-1	2023-11-07
http://www.ubuntu.com/usn/usn-351-1	2023-11-07
http://www.ubuntu.com/usn/usn-352-1	2023-11-07
http://www.ubuntu.com/usn/usn-354-1	2023-11-07
http://www.ubuntu.com/usn/usn-361-1	2023-11-07
http://www.us.debian.org/security/2006/dsa-1191	2023-11-07
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742	2023-11-07
https://access.redhat.com/security/cve/CVE-2006-4340	2006-09-15
https://bugzilla.redhat.com/show_bug.cgi?id=1618183	2006-09-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Mozilla Search vendor "Mozilla"		Firefox Search vendor "Mozilla" for product "Firefox"				<= 1.5.0.6 Search vendor "Mozilla" for product "Firefox" and version " <= 1.5.0.6"		-		Affected
Mozilla Search vendor "Mozilla"		Network Security Services Search vendor "Mozilla" for product "Network Security Services"				<= 3.11.2 Search vendor "Mozilla" for product "Network Security Services" and version " <= 3.11.2"		-		Affected
Mozilla Search vendor "Mozilla"		Seamonkey Search vendor "Mozilla" for product "Seamonkey"				<= 1.0.4 Search vendor "Mozilla" for product "Seamonkey" and version " <= 1.0.4"		-		Affected
Mozilla Search vendor "Mozilla"		Thunderbird Search vendor "Mozilla" for product "Thunderbird"				<= 1.5.0.6 Search vendor "Mozilla" for product "Thunderbird" and version " <= 1.5.0.6"		-		Affected