Unrated severityNVD Advisory· Published Jun 2, 2006· Updated Jun 16, 2026

CVE-2006-2778

Description

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Mozilla Corporation/Firefox2 versions
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=1.5.0.3
- (no CPE)range: <1.5.0.4
Mozilla Corporation/Thunderbird2 versions
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=1.5.0.3
- (no CPE)range: <1.5.0.4

Patches

Vulnerability mechanics

References

www.kb.cert.org/vuls/id/421529nvdUS Government Resource
www.us-cert.gov/cas/techalerts/TA06-153A.htmlnvdUS Government Resource
rhn.redhat.com/errata/RHSA-2006-0609.htmlnvd
secunia.com/advisories/20376nvd
secunia.com/advisories/20382nvd
secunia.com/advisories/20561nvd
secunia.com/advisories/20709nvd
secunia.com/advisories/21134nvd
secunia.com/advisories/21176nvd
secunia.com/advisories/21178nvd
secunia.com/advisories/21183nvd
secunia.com/advisories/21188nvd
secunia.com/advisories/21210nvd
secunia.com/advisories/21269nvd
secunia.com/advisories/21270nvd
secunia.com/advisories/21324nvd
secunia.com/advisories/21336nvd
secunia.com/advisories/21532nvd
secunia.com/advisories/21607nvd
secunia.com/advisories/21631nvd
secunia.com/advisories/22065nvd
secunia.com/advisories/22066nvd
securitytracker.com/idnvd
securitytracker.com/idnvd
sunsolve.sun.com/search/document.donvd
www.debian.org/security/2006/dsa-1118nvd
www.debian.org/security/2006/dsa-1120nvd
www.debian.org/security/2006/dsa-1134nvd
www.gentoo.org/security/en/glsa/glsa-200606-12.xmlnvd
www.gentoo.org/security/en/glsa/glsa-200606-21.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.mandriva.com/security/advisoriesnvd
www.mandriva.com/security/advisoriesnvd
www.mozilla.org/security/announce/2006/mfsa2006-38.htmlnvd
www.novell.com/linux/security/advisories/2006_35_mozilla.htmlnvd
www.redhat.com/support/errata/RHSA-2006-0578.htmlnvd
www.redhat.com/support/errata/RHSA-2006-0594.htmlnvd
www.redhat.com/support/errata/RHSA-2006-0610.htmlnvd
www.redhat.com/support/errata/RHSA-2006-0611.htmlnvd
www.securityfocus.com/archive/1/435795/100/0/threadednvd
www.securityfocus.com/archive/1/446657/100/200/threadednvd
www.securityfocus.com/archive/1/446658/100/200/threadednvd
www.securityfocus.com/bid/18228nvd
www.vupen.com/english/advisories/2006/2106nvd
www.vupen.com/english/advisories/2006/3748nvd
www.vupen.com/english/advisories/2006/3749nvd
www.vupen.com/english/advisories/2007/0058nvd
www.vupen.com/english/advisories/2008/0083nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26849nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9703nvd
usn.ubuntu.com/296-1/nvd
usn.ubuntu.com/296-2/nvd
usn.ubuntu.com/297-1/nvd
usn.ubuntu.com/297-3/nvd
usn.ubuntu.com/323-1/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000