CVE-2006-1728

Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.redhat.com/support/errata/RHSA-2006-0328.html	Third Party Advisory
http://www.kb.cert.org/vuls/id/932734	Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/17516	Third Party Advisory VDB Entry
http://securitytracker.com/id?1015922	Third Party Advisory VDB Entry
http://securitytracker.com/id?1015923	Third Party Advisory VDB Entry
http://securitytracker.com/id?1015924	Third Party Advisory VDB Entry
http://securitytracker.com/id?1015925	Third Party Advisory VDB Entry
http://secunia.com/advisories/19631	Third Party Advisory
http://secunia.com/advisories/19649	Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA06-107A.html	Third Party Advisory US Government Resource
http://www.debian.org/security/2006/dsa-1044	Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml	Third Party Advisory
http://secunia.com/advisories/19759	Third Party Advisory
http://secunia.com/advisories/19794	Third Party Advisory
http://secunia.com/advisories/19821	Third Party Advisory
http://www.debian.org/security/2006/dsa-1046	Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml	Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc	Broken Link
http://secunia.com/advisories/19811	Third Party Advisory
http://secunia.com/advisories/19823	Third Party Advisory
http://secunia.com/advisories/19852	Third Party Advisory
http://secunia.com/advisories/19862	Third Party Advisory
http://secunia.com/advisories/19863	Third Party Advisory
http://secunia.com/advisories/19902	Third Party Advisory
http://www.debian.org/security/2006/dsa-1051	Third Party Advisory
http://secunia.com/advisories/19950	Third Party Advisory
http://secunia.com/advisories/19941	Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html	Third Party Advisory
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html	Third Party Advisory
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html	Broken Link
http://secunia.com/advisories/19714	Third Party Advisory
http://secunia.com/advisories/19721	Third Party Advisory
http://secunia.com/advisories/19746	Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0329.html	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2006-0330.html	Third Party Advisory
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt	Broken Link
http://secunia.com/advisories/21033	Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1	Broken Link
http://secunia.com/advisories/21622	Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm	Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1	Broken Link
http://secunia.com/advisories/19696	Third Party Advisory
http://secunia.com/advisories/19729	Third Party Advisory
http://secunia.com/advisories/19780	Third Party Advisory
http://secunia.com/advisories/20051	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2006:078	Third Party Advisory
http://secunia.com/advisories/22065	Third Party Advisory
http://secunia.com/advisories/22066	Third Party Advisory
http://www.vupen.com/english/advisories/2006/1356	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3749	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3748	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2007/0058	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2006/3391	Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083	Permissions Required Third Party Advisory
http://www.novell.com/linux/security/advisories/2006_04_25.html	Broken Link
http://www.mozilla.org/security/announce/2006/mfsa2006-24.html	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25812	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1698	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10508	Third Party Advisory
https://usn.ubuntu.com/276-1/	Third Party Advisory
https://usn.ubuntu.com/275-1/	Third Party Advisory
https://usn.ubuntu.com/271-1/	Third Party Advisory
http://www.securityfocus.com/archive/1/446658/100/200/threaded
http://www.securityfocus.com/archive/1/446657/100/200/threaded
http://www.securityfocus.com/archive/1/438730/100/0/threaded
http://www.securityfocus.com/archive/1/436338/100/0/threaded
http://www.securityfocus.com/archive/1/436296/100/0/threaded
http://www.securityfocus.com/archive/1/434524/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::
	cpe:2.3:a:mozilla:mozilla_suite::::::::
	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:4.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:5.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:5.10:::::::*

Information

Published : 2006-04-14 03:02

Updated : 2018-10-18 09:34

NVD link : CVE-2006-1728

Mitre link : CVE-2006-1728

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

mozilla

mozilla_suite
firefox
thunderbird
seamonkey

canonical

ubuntu_linux

9.3 /10