Vulnerability Details : CVE-2006-1728
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.
Vulnerability category: Execute code
Products affected by CVE-2006-1728
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:4.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-1728
72.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-1728
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2006-1728
-
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
ASA-2006-205 (SUN 102502, 102513, 102514, 102519, 102550, 102556, 102557, 102582, 102588, 102589, 102593)Third Party Advisory
-
http://www.securityfocus.com/archive/1/434524/100/0/threaded
-
http://www.novell.com/linux/security/advisories/2006_04_25.html
404 Page Not Found | SUSEBroken Link
-
https://usn.ubuntu.com/271-1/
404: Page not found | UbuntuThird Party Advisory
-
http://securitytracker.com/id?1015922
Access DeniedThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2006/3749
Site en constructionPermissions Required;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2006-0330.html
SupportThird Party Advisory
-
http://www.vupen.com/english/advisories/2008/0083
Webmail: access your OVH emails on ovhcloud.com | OVHcloudPermissions Required;Third Party Advisory
-
http://www.debian.org/security/2006/dsa-1051
[SECURITY] [DSA 1051-1] New Mozilla Thunderbird packages fix several vulnerabilitiesThird Party Advisory
-
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
[SECURITY] Fedora Core 5 Update: firefox-1.5.0.2-1.1.fc5Third Party Advisory
-
http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
Mozilla Firefox: Multiple vulnerabilities (GLSA 200604-12) — Gentoo securityThird Party Advisory
-
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
[SECURITY] Fedora Core 4 Update: firefox-1.0.8-1.1.fc4Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2006-0329.html
SupportThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10508
404 Not FoundThird Party Advisory
-
http://www.securityfocus.com/archive/1/438730/100/0/threaded
-
http://securitytracker.com/id?1015925
GoDaddy Domain Name SearchThird Party Advisory;VDB Entry
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
MandrivaThird Party Advisory
-
http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
Privilege escalation using crypto.generateCRMFRequest — MozillaVendor Advisory
-
http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
Mozilla Thunderbird: Multiple vulnerabilities (GLSA 200605-09) — Gentoo securityThird Party Advisory
-
http://www.vupen.com/english/advisories/2006/1356
Site en constructionPermissions Required;Third Party Advisory
-
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
Broken Link
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
Broken Link
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
MandrivaThird Party Advisory
-
http://www.securityfocus.com/archive/1/436296/100/0/threaded
-
http://securitytracker.com/id?1015923
Access DeniedThird Party Advisory;VDB Entry
-
http://www.us-cert.gov/cas/techalerts/TA06-107A.html
Page Not Found | CISAThird Party Advisory;US Government Resource
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1
Broken Link
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25812
Multiple Mozilla products crypto.generateCRMFRequest code execution CVE-2006-1728 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.debian.org/security/2006/dsa-1046
[SECURITY] [DSA 1046-1] New Mozilla packages fix several vulnerabilitiesThird Party Advisory
-
http://securitytracker.com/id?1015924
Access DeniedThird Party Advisory;VDB Entry
-
http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
Object not found!Broken Link
-
http://www.vupen.com/english/advisories/2006/3748
Site en constructionPermissions Required;Third Party Advisory
-
ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
Broken Link
-
https://usn.ubuntu.com/276-1/
404: Page not found | UbuntuThird Party Advisory
-
http://www.securityfocus.com/bid/17516
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/436338/100/0/threaded
-
http://www.securityfocus.com/archive/1/446657/100/200/threaded
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1698
404 Not FoundThird Party Advisory
-
https://usn.ubuntu.com/275-1/
404: Page not found | UbuntuThird Party Advisory
-
http://www.vupen.com/english/advisories/2006/3391
Site en constructionPermissions Required;Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2006-0328.html
SupportThird Party Advisory
-
http://www.kb.cert.org/vuls/id/932734
VU#932734 - Mozilla crypto.generateCRMFRequest() vulnerabilityThird Party Advisory;US Government Resource
-
http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
MandrivaThird Party Advisory
-
http://www.securityfocus.com/archive/1/446658/100/200/threaded
-
http://www.debian.org/security/2006/dsa-1044
[SECURITY] [DSA 1044-1] New Mozilla Firefox packages fix several vulnerabilitiesThird Party Advisory
-
http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
Mozilla Suite: Multiple vulnerabilities (GLSA 200604-18) — Gentoo securityThird Party Advisory
-
http://www.vupen.com/english/advisories/2007/0058
Site en constructionPermissions Required;Third Party Advisory
Jump to