← Back to CVEs
CVE-2006-5462
N/ADescription
Mozilla Network Security Service (NSS) library before 3.11.3, as used in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote attackers to forge signatures for SSL/TLS and email certificates. NOTE: this identifier is for unpatched product versions that were originally intended to be addressed by CVE-2006-4340.
CVE Details
CVSS v3.1 ScoreN/A
Published11/8/2006
Last Modified4/23/2026
Sourcenvd
Honeypot Sightings0
Affected Products
mozilla:firefoxmozilla:network_security_servicesmozilla:seamonkeymozilla:thunderbird
References
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2006-0733.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2006-0734.html(secalert@redhat.com)
http://rhn.redhat.com/errata/RHSA-2006-0735.html(secalert@redhat.com)
http://secunia.com/advisories/22066(secalert@redhat.com)
http://secunia.com/advisories/22722(secalert@redhat.com)
http://secunia.com/advisories/22727(secalert@redhat.com)
http://secunia.com/advisories/22737(secalert@redhat.com)
http://secunia.com/advisories/22763(secalert@redhat.com)
http://secunia.com/advisories/22770(secalert@redhat.com)
http://secunia.com/advisories/22815(secalert@redhat.com)
http://secunia.com/advisories/22817(secalert@redhat.com)
http://secunia.com/advisories/22929(secalert@redhat.com)
http://secunia.com/advisories/22965(secalert@redhat.com)
http://secunia.com/advisories/22980(secalert@redhat.com)
http://secunia.com/advisories/23009(secalert@redhat.com)
http://secunia.com/advisories/23013(secalert@redhat.com)
http://secunia.com/advisories/23197(secalert@redhat.com)
http://secunia.com/advisories/23202(secalert@redhat.com)
http://secunia.com/advisories/23235(secalert@redhat.com)
http://secunia.com/advisories/23263(secalert@redhat.com)
http://secunia.com/advisories/23287(secalert@redhat.com)
http://secunia.com/advisories/23297(secalert@redhat.com)
http://secunia.com/advisories/23883(secalert@redhat.com)
http://secunia.com/advisories/24711(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-200612-06.xml(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-200612-07.xml(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-200612-08.xml(secalert@redhat.com)
http://securitytracker.com/id?1017180(secalert@redhat.com)
http://securitytracker.com/id?1017181(secalert@redhat.com)
http://securitytracker.com/id?1017182(secalert@redhat.com)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1(secalert@redhat.com)
http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm(secalert@redhat.com)
http://www.debian.org/security/2006/dsa-1224(secalert@redhat.com)
http://www.debian.org/security/2006/dsa-1225(secalert@redhat.com)
http://www.debian.org/security/2006/dsa-1227(secalert@redhat.com)
http://www.kb.cert.org/vuls/id/335392(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:205(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:206(secalert@redhat.com)
http://www.mozilla.org/security/announce/2006/mfsa2006-60.html(secalert@redhat.com)
http://www.mozilla.org/security/announce/2006/mfsa2006-66.html(secalert@redhat.com)
http://www.novell.com/linux/security/advisories/2006_68_mozilla.html(secalert@redhat.com)
http://www.ubuntu.com/usn/usn-381-1(secalert@redhat.com)
http://www.ubuntu.com/usn/usn-382-1(secalert@redhat.com)
http://www.us-cert.gov/cas/techalerts/TA06-312A.html(secalert@redhat.com)
http://www.vupen.com/english/advisories/2006/3748(secalert@redhat.com)
http://www.vupen.com/english/advisories/2006/4387(secalert@redhat.com)
http://www.vupen.com/english/advisories/2007/0293(secalert@redhat.com)
http://www.vupen.com/english/advisories/2007/1198(secalert@redhat.com)
http://www.vupen.com/english/advisories/2008/0083(secalert@redhat.com)
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742(secalert@redhat.com)
https://bugzilla.mozilla.org/show_bug.cgi?id=356215(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/30098(secalert@redhat.com)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10478(secalert@redhat.com)
ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0733.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0734.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2006-0735.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22066(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22722(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22727(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22737(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22763(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22770(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22815(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22817(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22929(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22965(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22980(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23009(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23013(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23197(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23202(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23235(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23263(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23287(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23297(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/23883(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/24711(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200612-06.xml(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200612-07.xml(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200612-08.xml(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017180(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017181(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1017182(af854a3a-2127-422b-91ae-364da2661108)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102781-1(af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/elmodocs2/security/ASA-2006-246.htm(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1224(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1225(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2006/dsa-1227(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/335392(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:205(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:206(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2006/mfsa2006-60.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2006/mfsa2006-66.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.novell.com/linux/security/advisories/2006_68_mozilla.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-381-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/usn-382-1(af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA06-312A.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3748(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/4387(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/0293(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/1198(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/0083(af854a3a-2127-422b-91ae-364da2661108)
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=356215(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/30098(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10478(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.