CVE-2006-2778

CVE-2006-2778 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The crypto.signText function in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to execute arbitrary code via certain optional Certificate Authority name arguments, which causes an invalid array index and triggers a buffer overflow.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.