Published: 14/04/2006 Updated: 18/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x prior to 1.5.0.2 and 1.0.x prior to 1.0.8, Mozilla Suite prior to 1.7.13, and SeaMonkey prior to 1.0.1 allows remote malicious users to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla seamonkey
mozilla thunderbird
mozilla mozilla suite
mozilla firefox
canonical ubuntu linux 4.10
canonical ubuntu linux 5.04
canonical ubuntu linux 5.10

Igor Bukanov discovered that the JavaScript engine did not properly declare some temporary variables Under some rare circumstances, a malicious mail with embedded JavaScript could exploit this to execute arbitrary code with the privileges of the user (CVE-2006-0292, CVE-2006-1742) ...

Web pages with extremely long titles caused subsequent launches of Mozilla browser to hang for up to a few minutes, or caused Mozilla to crash on computers with insufficient memory (CVE-2005-4134) ...

Web pages with extremely long titles caused subsequent launches of Firefox browser to hang for up to a few minutes, or caused Firefox to crash on computers with insufficient memory (CVE-2005-4134) ...

Mozilla Foundation Security Advisory 2006-24 Privilege escalation using cryptogenerateCRMFRequest Announced April 13, 2006 Reporter shutdown Impact Critical Products Firefox, Mozilla Suite, SeaMonkey, Thunderbird Fixed ...

NVD-CWE-noinfo http://www.redhat.com/support/errata/RHSA-2006-0328.html http://www.kb.cert.org/vuls/id/932734 http://www.securityfocus.com/bid/17516 http://securitytracker.com/id?1015922 http://securitytracker.com/id?1015923 http://securitytracker.com/id?1015924 http://securitytracker.com/id?1015925 http://secunia.com/advisories/19631 http://secunia.com/advisories/19649 http://www.us-cert.gov/cas/techalerts/TA06-107A.html http://www.debian.org/security/2006/dsa-1044 http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml http://secunia.com/advisories/19759 http://secunia.com/advisories/19794 http://secunia.com/advisories/19821 http://www.debian.org/security/2006/dsa-1046 http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc http://secunia.com/advisories/19811 http://secunia.com/advisories/19823 http://secunia.com/advisories/19852 http://secunia.com/advisories/19862 http://secunia.com/advisories/19863 http://secunia.com/advisories/19902 http://www.debian.org/security/2006/dsa-1051 http://secunia.com/advisories/19950 http://secunia.com/advisories/19941 http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html http://secunia.com/advisories/19714 http://secunia.com/advisories/19721 http://secunia.com/advisories/19746 http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml http://www.redhat.com/support/errata/RHSA-2006-0329.html http://www.redhat.com/support/errata/RHSA-2006-0330.html ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt http://secunia.com/advisories/21033 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 http://secunia.com/advisories/21622 http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1 http://secunia.com/advisories/19696 http://secunia.com/advisories/19729 http://secunia.com/advisories/19780 http://secunia.com/advisories/20051 http://www.mandriva.com/security/advisories?name=MDKSA-2006:075 http://www.mandriva.com/security/advisories?name=MDKSA-2006:076 http://www.mandriva.com/security/advisories?name=MDKSA-2006:078 http://secunia.com/advisories/22065 http://secunia.com/advisories/22066 http://www.vupen.com/english/advisories/2006/1356 http://www.vupen.com/english/advisories/2006/3749 http://www.vupen.com/english/advisories/2006/3748 http://www.vupen.com/english/advisories/2007/0058 http://www.vupen.com/english/advisories/2006/3391 http://www.vupen.com/english/advisories/2008/0083 http://www.novell.com/linux/security/advisories/2006_04_25.html http://www.mozilla.org/security/announce/2006/mfsa2006-24.html https://exchange.xforce.ibmcloud.com/vulnerabilities/25812 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1698 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10508 https://usn.ubuntu.com/276-1/https://usn.ubuntu.com/275-1/https://usn.ubuntu.com/271-1/http://www.securityfocus.com/archive/1/446658/100/200/threaded http://www.securityfocus.com/archive/1/446657/100/200/threaded http://www.securityfocus.com/archive/1/438730/100/0/threaded http://www.securityfocus.com/archive/1/436338/100/0/threaded http://www.securityfocus.com/archive/1/436296/100/0/threaded http://www.securityfocus.com/archive/1/434524/100/0/threaded https://nvd.nist.gov https://usn.ubuntu.com/276-1/https://www.kb.cert.org/vuls/id/932734

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-1728

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect