CVE-2006-5462

NONECVSS 0.0

0.0

Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340.

🔗 References (108)

secalert@redhatftp://patches.sgi.com/support/free/security/advisories/20061101-01-P
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2006-0733.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2006-0734.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2006-0735.html
secalert@redhathttp://secunia.com/advisories/22066
secalert@redhathttp://secunia.com/advisories/22722
secalert@redhathttp://secunia.com/advisories/22727
secalert@redhathttp://secunia.com/advisories/22737
secalert@redhathttp://secunia.com/advisories/22763
secalert@redhathttp://secunia.com/advisories/22770
secalert@redhathttp://secunia.com/advisories/22815
secalert@redhathttp://secunia.com/advisories/22817
secalert@redhathttp://secunia.com/advisories/22929
secalert@redhathttp://secunia.com/advisories/22965
secalert@redhathttp://secunia.com/advisories/22980

Is Your Infrastructure Affected by CVE-2006-5462?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-5462

📅 Published

🔄 Last Modified

🔗 References (108)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-5462?