CVE-2006-5462
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340.
La biblioteca Mozilla Network Security Service (NSS) en versiones anteriores a la 3.11.3, como el usado en el Mozilla Firefox en versiones anteriores a la 1.5.0.8, en el Thunderbird anterior a la versión 1.5.0.8 y en el SeaMonkey anteriores a la versión 1.0.6, cuando utiliza una clave RSA con exponente 3, no gestiona apropiadamente datos extra en la firma, lo cual permiten a atacantes remotos falsificar firmas para los certificados de correo electrónico SSL/TLS. NOTA: este identificador es para versiones de productos no parchados, que inicialmente se vieron en el CVE-2006-4340.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-10-23 CVE Reserved
- 2006-11-08 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (56)
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/22722 | 2017-10-11 | |
http://secunia.com/advisories/22770 | 2017-10-11 | |
http://www.kb.cert.org/vuls/id/335392 | 2017-10-11 | |
http://www.mozilla.org/security/announce/2006/mfsa2006-60.html | 2017-10-11 | |
http://www.mozilla.org/security/announce/2006/mfsa2006-66.html | 2017-10-11 | |
http://www.us-cert.gov/cas/techalerts/TA06-312A.html | 2017-10-11 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=356215 | 2017-10-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | beta1 |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | beta2 |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.1 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.2 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.3 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.4 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.5 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.6 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.6" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.7 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.7" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | 3.11.3 Search vendor "Mozilla" for product "Network Security Services" and version "3.11.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0 Search vendor "Mozilla" for product "Seamonkey" and version "1.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0 Search vendor "Mozilla" for product "Seamonkey" and version "1.0" | alpha |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0 Search vendor "Mozilla" for product "Seamonkey" and version "1.0" | dev |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0 Search vendor "Mozilla" for product "Seamonkey" and version "1.0" | beta |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.1 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.2 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.3 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.4 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | 1.0.5 Search vendor "Mozilla" for product "Seamonkey" and version "1.0.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5 Search vendor "Mozilla" for product "Thunderbird" and version "1.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5 Search vendor "Mozilla" for product "Thunderbird" and version "1.5" | beta2 |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5.0.1 Search vendor "Mozilla" for product "Thunderbird" and version "1.5.0.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5.0.2 Search vendor "Mozilla" for product "Thunderbird" and version "1.5.0.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5.0.3 Search vendor "Mozilla" for product "Thunderbird" and version "1.5.0.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5.0.4 Search vendor "Mozilla" for product "Thunderbird" and version "1.5.0.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5.0.6 Search vendor "Mozilla" for product "Thunderbird" and version "1.5.0.6" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | 1.5.0.7 Search vendor "Mozilla" for product "Thunderbird" and version "1.5.0.7" | - |
Affected
|