N/A
CVE-2006-2778
The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.
EPSS
23.3%
percentile 96.0%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| mozilla | thunderbird | Windows | ≤1.5.0.3 | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |