Unrated severityNVD Advisory· Published Sep 15, 2006· Updated Jun 16, 2026
CVE-2006-4567
CVE-2006-4567
Description
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=1.5.0.6
- (no CPE)range: <1.5.0.7
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=1.5.0.6
- (no CPE)range: <1.5.0.7
Patches
Vulnerability mechanics
References
40- secunia.com/advisories/21906nvdPatchVendor Advisory
- secunia.com/advisories/21949nvdPatchVendor Advisory
- www.redhat.com/support/errata/RHSA-2006-0677.htmlnvdPatchVendor Advisory
- www.mozilla.org/security/announce/2006/mfsa2006-58.htmlnvdExploit
- secunia.com/advisories/21916nvd
- secunia.com/advisories/21939nvd
- secunia.com/advisories/21950nvd
- secunia.com/advisories/22001nvd
- secunia.com/advisories/22025nvd
- secunia.com/advisories/22055nvd
- secunia.com/advisories/22056nvd
- secunia.com/advisories/22066nvd
- secunia.com/advisories/22074nvd
- secunia.com/advisories/22088nvd
- secunia.com/advisories/22195nvd
- secunia.com/advisories/22210nvd
- secunia.com/advisories/22274nvd
- secunia.com/advisories/22422nvd
- security.gentoo.org/glsa/glsa-200609-19.xmlnvd
- security.gentoo.org/glsa/glsa-200610-01.xmlnvd
- securitytracker.com/idnvd
- securitytracker.com/idnvd
- support.avaya.com/elmodocs2/security/ASA-2006-224.htmnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/2006_54_mozilla.htmlnvd
- www.redhat.com/support/errata/RHSA-2006-0675.htmlnvd
- www.securityfocus.com/archive/1/446140/100/0/threadednvd
- www.securityfocus.com/bid/20042nvd
- www.ubuntu.com/usn/usn-350-1nvd
- www.ubuntu.com/usn/usn-351-1nvd
- www.ubuntu.com/usn/usn-352-1nvd
- www.ubuntu.com/usn/usn-354-1nvd
- www.vupen.com/english/advisories/2006/3617nvd
- www.vupen.com/english/advisories/2006/3748nvd
- www.vupen.com/english/advisories/2008/0083nvd
- www1.itrc.hp.com/service/cki/docDisplay.donvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28950nvd
- issues.rpath.com/browse/RPL-640nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10488nvd
News mentions
0No linked articles in our index yet.