CVE-2006-2778

EPSS 23.3%

Published: 6/2/2006Modified: 4/28/2026

Also known as:DEBIAN-CVE-2006-2778

Description

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.

Affected packages (1)

Debian/thunderbirdfrom 0, < 1.5.0.4-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-2778