Skip to navigation

CVE Database

CVE-2006-2786

Impact: Moderate
Public: 2006-06-01

Details

The MITRE CVE dictionary describes this issue as:

HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client.

Find out more about CVE-2006-2786 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2006:0594 August 28, 2006
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2006:0578 July 20, 2006
Red Hat Enterprise Linux version 4 RHSA-2006:0609 August 02, 2006
Red Hat Enterprise Linux version 4 (firefox) RHSA-2006:0610 July 28, 2006
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2006:0611 July 29, 2006

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.