CVE-2006-2778

Impact:
Moderate
Public Date:
2006-06-01

The MITRE CVE dictionary describes this issue as:

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.

Find out more about CVE-2006-2778 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2006:0594 2006-08-28
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2006:0578 2006-07-20
Red Hat Enterprise Linux version 4 RHSA-2006:0609 2006-08-02
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2006:0611 2006-07-29
Red Hat Enterprise Linux version 4 (firefox) RHSA-2006:0610 2006-07-28

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 seamonkey 1.0.3-0.el4.1 Fixed
Red Hat Enterprise Linux version 4 devhelp 0.10-0.2.el4 Fixed